Abstract | ||
---|---|---|
SOAP-based Web services is a middleware technology marketed as the solution to easy data exchange between heterogeneous IT architectures. The large number of scenarios, in which this technology is used, has introduced demands for new extensions raising its complexity. However, this has also introduced a large variety of new attacks. In this paper, we investigate an automatic evaluation of Web service specific Denial of Service (DoS) attacks. We present a new fully automated plugin for the WS-Attacker penetration testing tool implementing major DoS attacks. Our tool determines the attack success without having physical access to the target machine, using a novel blackbox approach. We give an overview of our design decisions and present the evaluation results using common Web service frameworks and systems. |
Year | DOI | Venue |
---|---|---|
2013 | 10.1109/ICWS.2013.72 | ICWS |
Keywords | Field | DocType |
common web service framework,new attack,evaluation result,new extension,automatic evaluation,web service,large variety,soap-based web service,ws-attacker penetration testing tool,web services,large number,new approach,dos penetration testing,middleware,computer network security,electronic data interchange | Middleware,Denial-of-service attack,Computer security,Computer science,Network security,Server,SOAP,Plug-in,Web service,WS-Security | Conference |
Citations | PageRank | References |
11 | 0.54 | 6 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Andreas Falkenberg | 1 | 11 | 0.54 |
christian mainka | 2 | 66 | 10.80 |
Juraj Somorovsky | 3 | 263 | 19.92 |
Jorg Schwenk | 4 | 51 | 3.66 |