A Framework for Simple Object Access Protocol Messages to Detect Expansion Attacks for Secure Webservice
Igni Sabasti Prabu Siluvai and Veera Jawahar Senthil Kumar
DOI : 10.3844/jcssp.2013.308.313
Journal of Computer Science
Volume 9, Issue 3
The world has shrunk in this internet era. The applications in the internet use XML and Web Services which are simple, but powerful standards that enable applications to more efficiently communicate with each other. Unfortunately this advantage is coupled with concerns of Web services security. All the services provided by the internet face security problem. The hackers find a loophole to attack the web service to eliminate the availability of service. One of the most severe threats is Denial of Service attacks which are intended to annihilate the availability of a service. In this study we propose a schema to detect a special type of Denial of Service attack where the hacker modifies the SOAP messages by expanding it. The message expanded thus, takes a huge amount of memory while parsing and thereby denies service to a legitimate request. To overcome this problem, in this study, we propose a new security scheme which adds a digital signature to the message and also limits the upper bound of the length of the SOAP message.
© 2013 Igni Sabasti Prabu Siluvai and Veera Jawahar Senthil Kumar. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.