Composite Web Services greatly facilitates the application-to-application integration based on heterogeneous platform, but they are faced with threats of various malicious attacks. Base on the open and distributed characteristics of Composite Web Services, this paper puts forward the Service Hijack attacks on Composite Web Services which include Hijack Flooding attack, Service Counterfeiting attack and Service Replay attack. This paper detailedly introduces the design principles, and the results of simulate experiments shows that these attacks have great impact on Composite Web Services. The research of this paper can help to design the attack detection methods of Composite Web Services.%组合Web服务在给基于异构平台的应用集成带来极大便利的同时,其自身面临着各种恶意攻击的威胁.根据组合Web服务开放性、分布式的特点,提出了针对组合Web服务的服务劫持攻击方案,包括劫持洪泛攻击、服务假冒攻击和服务重放攻击.详细介绍了这些攻击方式的设计思想,模拟实验结果表明设计的攻击方案对组合Web服务产生了严重影响.论文的研究成果有助于设计针对组合Web服务的攻击检测方法.
展开▼
