Architecting Web Service Attack Detection Handlers (A. Andrekanic & R. Gamble) was presented in the research track at ICWS 2012 and described the  design, implementation, and evaluation of two attack handler architectures. The handlers reside locally at the web service to intercept messages and detect the potential for specific forms of attacks. The detection generates a detailed SOAP fault that can be logged locally at the service for later determination of problems within a web service composition. XML rewriting and DoS attacks are addressed. After the talk, Dr. Gamble met with Christian Mainka (Hst Gortz Institute for IT-Security (HGI) at Ruhr-University Bochum, Germany) whose work on WS penetration testing can be applied to the the services with attack handlers to see if the detection mechanism responds appropriately. This testing will begin in the fall as an extension to the WS attack detection research.

© SEAT 2012 Software Engineering Architecture Team Suffusion theme by Sayontan Sinha