A histogram-based method for efficient detection of rewriting attacks in simple object access protocol messages
- Authors
- Nasridinov, Aziz; Jeong, Young-Sik; Byun, Jeong-Yong; Park, Young-Ho
- Issue Date
- Mar-2014
- Publisher
- WILEY-HINDAWI
- Keywords
- Web services; SOAP message; XML rewriting attack; histogram
- Citation
- SECURITY AND COMMUNICATION NETWORKS, v.9, no.6, pp 492 - 499
- Pages
- 8
- Journal Title
- SECURITY AND COMMUNICATION NETWORKS
- Volume
- 9
- Number
- 6
- Start Page
- 492
- End Page
- 499
- URI
- https://scholarworks.sookmyung.ac.kr/handle/2020.sw.sookmyung/9861
- DOI
- 10.1002/sec.934
- ISSN
- 1939-0114
1939-0122
- Abstract
- In order to secure the content of simple object access protocol (SOAP) messages in Web services, several security standards of Web service security, such as XML digital signature, are used. However, the content of a SOAP message, protected with XML digital signature, can be altered without invalidating the signature. Existing methods for detecting XML rewriting attacks are inefficient because the cost of performing detection operation is linear to the height of the SOAP message tree. Thus, each element of SOAP message needs to be accessed and checked. In this paper, we propose an efficient method for detecting XML rewriting attacks on SOAP messages using a histogram. With our method, once the source of attacks is identified, we save it in the form of a histogram, which enables us to maintain a statistical information about the location of the attack in the SOAP message. We can use this information to detect attacks in the future and thus avoid unnecessary check of all elements in the SOAP message. Experiments show that our methods outperform existing methods by several times in many cases. Copyright (c) 2014 John Wiley & Sons, Ltd.
- Files in This Item
-
Go to Link
- Appears in
Collections - ICT융합공학부 > IT공학전공 > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.