论文信息 - Design and implementation of Web service honeypot

Design and implementation of Web service honeypot

Web services are increasingly becoming an integral part of next-generation web applications. A Web service is defined as a software system designed to support interoperable machine-to-machine interaction over a network based on a set of XML standards. This new architecture and set of protocols brings new vulnerabilities that can be exploited by attackers. To prevent and detect such attacks, several security techniques are available like authentication and encryption mechanisms, firewalls and intrusion detection systems (IDS). Nevertheless these security methods encounter some problems, especially when dealing with new attacks. Relying on additional security principles seems to be important to well protect Web services. In this paper, we propose using honeypots to detect and study attacks against Web services. Honeypots are used to learn new techniques, tools and motivations of hackers to better protect the production systems against attacks. Our solution (WS Honeypot) is to deploy a honeypot as a web service application. This honeypot captures all request messages and analyses them by using machine learning techniques in order to detect and study attacks.

Adel Bouhoula | Abdallah Ghourabi | Tarek Abbes

[1] Yun Wang,et al. Statistical Techniques for Network Security: Modern Statistically-Based Intrusion Detection and Protection , 2008 .

[2] Jingtao Yao,et al. An Enhanced Support Vector Machine Model for Intrusion Detection , 2006, RSKT.

[3] Adel Bouhoula,et al. Experimental analysis of attacks against web services and countermeasures , 2010, iiWAS.

[4] Sheng-Hsun Hsu,et al. Application of SVM and ANN for intrusion detection , 2005, Comput. Oper. Res..

[5] S. Sathiya Keerthi,et al. Improvements to the SMO algorithm for SVM regression , 2000, IEEE Trans. Neural Networks Learn. Syst..

[6] Ramakrishnan Srikant,et al. Fast Algorithms for Mining Association Rules in Large Databases , 1994, VLDB.

[7] Urjita Thakar,et al. Pattern Analysis and Signature Extraction for Intrusion Attacks on Web Services , 2010 .

[8] Vladimir N. Vapnik,et al. The Nature of Statistical Learning Theory , 2000, Statistics for Engineering and Information Science.

[9] Sushil Jajodia,et al. ADAM: a testbed for exploring the use of data mining in intrusion detection , 2001, SGMD.

[10] Salvatore J. Stolfo,et al. A data mining framework for building intrusion detection models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).