An Ontology-Based Approach for Detecting SOAP Message Attacks
International Journal on Web Service Computing (IJWSC), Vol.9, No.3/4, December 2018
13 Pages Posted: 10 Jun 2019
There are 2 versions of this paper
An Ontology-Based Approach for Detecting SOAP Message Attacks
An Ontology-Based Approach for Detecting Soap Message Attacks
Date Written: December 2018
Abstract
An ontology-based detection approach aiming to check SOAP messages for XML rewriting attacks is presented. The approach comprises a SOAP message ontology and a set of policy filters. The ontology is used in preserving the message structure including its constituent elements and their relationships. The policy filters check if the message complies with denial-of-service vulnerability restrictions. Message integrity is preserved using the ontology-based checker, which checks that the message has not been modified during the transmission process. Message confidentiality is preserved by encrypting a copy of the message in a log file combined with the message. Time efficiency is achieved by executing the policy filters in a concurrent manner.
Keywords: SOAP Message, SOAP Ontology, XML Rewriting Attacks, Replay Attack, Coercive Attack, Oversized Attack, Parameter Tampering Attack
Suggested Citation: Suggested Citation