Security Attack Ontology for Web Services

Web services (WS) have become a significant part of the Web because of such attractive features as simple to use, platform independence, and XML/SOAP support. However, these features make WS vulnerable to many new and inherited old security threats. Semantic WS, which are capable of publishing semantic data about their functional and nonfunctional properties, add even more security issues. Now, it becomes easier to attack WS because their semantic data is publicly available. To register and prevent these attacks, especially distributed attacks, new distributed firewalls and intrusion detection systems (F/IDS) have to be applied. However, these F/IDS can be developed by different vendors and they do not have the way to cooperate with each other. This problem can be solved if various F/IDS share a common vocabulary, which can be based on ontologies, to allow them to interact with each other. In this paper, we describe WS security threats and state that they have to be analysed and classified systematically in order to allow the development of better distributed defensive mechanisms for WS using F/IDS. We choose ontologies and OWL/OWL-S over taxonomies because ontologies allow different parties to evolve and share a common understanding of information which can be reasoned and analysed automatically. We develop the security attack ontology for WS and illustrate the benefits of using it with an example.

[1]  Stefan Axelsson Research in Intrusion-Detection Systems: A Survey , 1998 .

[2]  Jun Han,et al.  Specifying Dynamic Security Properties of Web Service Based Systems , 2006, SKG.

[3]  Los Angeles,et al.  D-WARD: Source-End Defense Against Distributed Denial-of-Service Attacks , 2003 .

[4]  Qi Zhang,et al.  Indra: a peer-to-peer approach to network intrusion detection and prevention , 2003, WET ICE 2003. Proceedings. Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003..

[5]  Khaled M. Khan,et al.  A security characterisation framework for trustworthy component based software systems , 2003, Proceedings 27th Annual International Computer Software and Applications Conference. COMPAC 2003.

[6]  Tim O'Reilly,et al.  What is Web 2.0: Design Patterns and Business Models for the Next Generation of Software , 2007 .

[7]  Mark Burgess,et al.  Measuring system normality , 2002, TOCS.

[8]  Mario Gerla,et al.  D-ward: source-end defense against distributed denial-of-service attacks , 2003 .

[9]  Mooi Choo Chuah,et al.  Packetscore: statistics-based overload control against distributed denial-of-service attacks , 2004, IEEE INFOCOM 2004.

[10]  Grit Denker,et al.  OWL-S Semantics of Security Web Services: a Case Study , 2004, ESWS.

[11]  Timothy W. Finin,et al.  A Target-Centric Ontology for Intrusion Detection , 2003, IJCAI 2003.

[12]  Myong H. Kang,et al.  Security Ontology for Annotating Resources , 2005, OTM Conferences.