Protecting web services with service oriented traceback architecture
conference contributionposted on 06.12.2017, 00:00 authored by Ashley ChonkaAshley Chonka, W Zhou, Yang XiangYang Xiang
Service Oriented Architecture (SOA) is a way of reorganizing software infrastructure into a set of service abstracts. In the area of applying SOA to Web Service Security, there have been some well defined security dimensions. However, current Web Security Systems, like WS-Security are not efficient enough to handle Distributed Denial of Service (DDoS) attacks. Our new approach, Service Oriented Traceback Architecture (SOTA), provides a framework to be able to identify the source of an attack. This is accomplished by deploying our defence system at distributed routers, in order to examine the incoming SOAP messages and place our own SOAP header. By this method, we can then use the new SOAP header information, to traceback through the network the source of the attack. According to our experimental performance evaluations, we find that SOTA is quite scaleable, simple and quite effective at identifying the source.