Validating Denial of Service Vulnerabilities in Web Services

机译：验证Web服务中的拒绝服务漏洞

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

The loosely-coupled and dynamic nature of web services architectures has many benefits, but also leads to an increased vulnerability to denial of service attacks. While many papers have surveyed and described these vulnerabilities, they are often theoretical and lack experimental data to validate them, and assume an obsolete state of web services technologies. This paper describes experiments involving several denial of service vulnerabilities in well-known web services platforms, including Java Metro, Apache Axis, and Microsoft.NET. The results both confirm and deny the presence of some of the most well-known vulnerabilities in web services technologies. Specifically, major web services platforms appear to cope well with attacks that target memory exhaustion. However, attacks targeting CPU-time exhaustion are still effective, regardless of the victim’s platform.

机译：Web服务架构的松散耦合和动态性质具有许多好处，但也导致易受拒绝服务攻击的脆弱性。虽然许多论文已经调查并描述了这些漏洞，但它们通常是理论且缺乏实验数据来验证它们，并假设过时的Web服务技术。本文介绍了涉及众所周知的Web服务平台的几种拒绝服务漏洞的实验，包括Java Metro，Apache Axis和Microsoft.Net。结果既确认并拒绝存在Web服务技术中最着名的漏洞。具体而言，主要的Web服务平台似乎很好地应对目标记忆耗尽的攻击。然而，无论受害者的平台如何，目标仍然有效的攻击仍然有效。

著录项

来源
《International Conference on Network and System Security》|2010年||共8页
会议地点
作者
Suriadi Suriadi; Clark Andrew; Schmidt Desmond;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 TP393-53;
关键词
CPU utilization; XML parser; XML vulnerabilities; denial of service; memory utilization; service oriented architecture; web services; web services vulnerabilities;

机译：CPU利用率;XML解析器;XML漏洞;拒绝服务;内存利用;服务面向架构;Web服务;Web服务漏洞;

相似文献

外文文献
中文文献
专利

1. Evaluation of puzzle-enabled proxy-assisted denial-of-service protection for web services [J] . Jothi Rangasamy, Lakshmi Kuppusamy, Gopi Krishnan, International journal of information and computer security . 2017,第1a2期

机译：评估启用难题的代理辅助的Web服务拒绝服务保护
2. Securing Modern Web Services from Distributed Denial of Service using SVM [J] . Abdullah Aljumah International journal of computer science and network security . 2017,第10期

机译：使用SVM从分布式拒绝服务中保护现代Web服务
3. Assessing the security of web service frameworks against denial of service attacks [J] . Rui Andre Oliveira, Nuno Laranjeiro, Marco Vieira Operations Research . 2017,第3期

机译：评估Web服务框架针对拒绝服务攻击的安全性
4. Validating Denial of Service Vulnerabilities in Web Services [C] . Suriadi Suriadi, Clark Andrew, Schmidt Desmond 2010 4th International Conference on Network and System Security . 2010

机译：验证Web服务中的拒绝服务漏洞
5. Mitigation of Denial of Service Attacks in Software Defined Network =MITIGATION OF DENIAL OF SERVICE ATTACKS IN SOFTWARE DEFINED NETWORK [D] . Dridi, Lobna. 2017

机译：软件定义网络中的拒绝服务攻击的缓解=软件定义网络中的拒绝服务攻击的缓解
6. A Novel Protective Framework for Defeating HTTP-Based Denial of Service and Distributed Denial of Service Attacks [O] . Mohammed A. Saleh, Azizah Abdul Manaf 2015

机译：一种新颖的保护性框架可克服基于HTTP的拒绝服务攻击和分布式拒绝服务攻击
7. Validating Denial of Service Vulnerabilities in Web Services [O] . Suriadi Suriadi, Andrew Clark, Desmond Schmidt 2014

机译：验证Web服务中的拒绝服务漏洞

Validating Denial of Service Vulnerabilities in Web Services

摘要

著录项

相似文献

相关主题

期刊订阅