EN
ES
Confidentiality, integrity and availability are the main objectives of any information security model. With specific regard to availability, the aim is to guarantee that the information, services and available resources are accessible to authorized users. One of the priorities of web services is to guarantee the availability of services and resources. However, all of the specifications that have been proposed for providing security within web services (WS-Security, WS-SecurityPolicy, WS-Trust, WS-SecureConversation, etc.) only consider the integrity and confidentiality of messages without much consideration for availability.
One of the increasingly common threats within web services environments and one that jeopardizes the availability factor is denial of service (DoS). This type of attack exploits vulnerable points within the standard components supporting the technology. There are several initiatives within this field. However, the main common disadvantage that each of these approaches has is their low capacity to adapt themselves to changes in the patterns. This reduces the effectiveness of these methods when slight variations in the behaviours of known attacks occur or when new attacks appear.
This works presents a novel soft computing-based approach to cope with DoS attacks, but unlike existing solutions, our proposal takes into account the different soft computing mechanisms that can lead to a DoS attack. Our approach is based on a real time classifier agent that incorporates a mixture of experts to choose a specific classification technique depending on the feature of the attack and the time available to solve the classification. With this scheme it is possible to divide the problem into subproblems, solving the classification of the web service requests in a more simple and effective way and always within a time bound interval.
IMAGES
