A histogram-based method for efficient detection of rewriting attacks in simple object access protocol messages

In order to secure the content of simple object access protocol SOAP messages in Web services, several security standards of Web service security, such as XML digital signature, are used. However, the content of a SOAP message, protected with XML digital signature, can be altered without invalidating the signature. Existing methods for detecting XML rewriting attacks are inefficient because the cost of performing detection operation is linear to the height of the SOAP message tree. Thus, each element of SOAP message needs to be accessed and checked. In this paper, we propose an efficient method for detecting XML rewriting attacks on SOAP messages using a histogram. With our method, once the source of attacks is identified, we save it in the form of a histogram, which enables us to maintain a statistical information about the location of the attack in the SOAP message. We can use this information to detect attacks in the future and thus avoid unnecessary check of all elements in the SOAP message. Experiments show that our methods outperform existing methods by several times in many cases. Copyright © 2014 John Wiley & Sons, Ltd.

[1]  SangKeun Lee,et al.  On the efficiency of secure XML broadcasting , 2007, Inf. Sci..

[2]  Jothy Rosenberg,et al.  Securing Web Services with WS-Security: Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption , 2004 .

[3]  Nils Gruschka,et al.  Vulnerable Cloud: SOAP Message Security Validation Revisited , 2009, 2009 IEEE International Conference on Web Services.

[4]  Young-Ho Park,et al.  Efficient evaluation of linear path expressions on large-scale heterogeneous XML documents using information retrieval techniques , 2006, J. Syst. Softw..

[5]  Nasridinov Aziz,et al.  A Solution for Injection and Rewriting Attacks on SOAP Messages in Web Services Security , 2012 .

[6]  Vangalur S. Alagar,et al.  Publishing and discovering context-dependent services , 2013, Human-centric Computing and Information Sciences.

[7]  Jörg Schwenk,et al.  Analysis of Signature Wrapping Attacks and Countermeasures , 2009, 2009 IEEE International Conference on Web Services.

[8]  Simon Fong,et al.  Designing an Efficient and Secure Credit Cardbased Payment System with Web Services Based on the ANSI X9.59-2006 , 2012, J. Inf. Process. Syst..

[9]  Alberto Sanfeliu,et al.  Vision-Based Robot Positioning by an Exact Distance Between Hi , 2006, 18th International Conference on Pattern Recognition (ICPR'06).

[10]  Andreas Schaad,et al.  SOAP-based Secure Conversation and Collaboration , 2007, IEEE International Conference on Web Services (ICWS 2007).

[11]  Michael McIntosh,et al.  XML signature element wrapping attacks and countermeasures , 2005, SWS '05.

[12]  Andreas Schaad,et al.  Towards secure SOAP message exchange in a SOA , 2006, SWS '06.

[13]  Chun Zhang,et al.  Storing and querying ordered XML using a relational database system , 2002, SIGMOD '02.

[14]  Azzedine Benameur,et al.  XML Rewriting Attacks: Existing Solutions and their Limitations , 2008, ArXiv.

[15]  Jörg Schwenk,et al.  Breaking and fixing the inline approach , 2007, SWS '07.

[16]  Weiwei Sun,et al.  A Distributed Cache Based Reliable Service Execution and Recovery Approach in MANETs , 2011, 2011 IEEE Asia-Pacific Services Computing Conference.

[17]  Jörg Schwenk,et al.  All your clouds are belong to us: security analysis of cloud management interfaces , 2011, CCSW '11.

[18]  Azzedine Benameur,et al.  A formal solution to rewriting attacks on SOAP messages , 2008, SWS '08.

[19]  Mohammad Ashiqur Rahaman An inline approach for secure SOAP requests and early validation , 2006 .

[20]  Tok Wang Ling,et al.  DDE: from dewey to a fully dynamic XML labeling scheme , 2009, SIGMOD Conference.

[21]  Andrew D. Gordon,et al.  An advisor for web services security policies , 2005, SWS '05.