Protecting web services from DDoS attacks by SOTA
conference contributionposted on 06.12.2017, 00:00 authored by Ashley ChonkaAshley Chonka, W Zhou, Yang XiangYang Xiang
In the area of SOA and Web Service Security,many well defined security dimensions have been established. However, current Web Security Systems (WS-Security for example) are not equipped to handle Distributed Denial of Service (DDoS) attacks. In this paper we extend upon our previous work on, Service Oriented Traceback Architecture (SOTA), in order to defend WebServices against such attacks. SOTA’s main objective is to identify the true identity of forged messages, since an attacker tries to hide their identity, in which to avoid current defence systems and escape prosecution. To accomplish the main objective, SOTA should be attached as close to the source of the attack. When an incoming SOAP message comes into the router, it is tagged with our own SOAP header. The header can be used to traverse the network back to the true source of the attack. According to our experimental evaluations we find that SOTA is simple and effective to use against DDoS attacks.