Oversized Cryptography Attack Detection Algorithm Based on SOAP Message

doi:10.3969/j.issn.1000-3428.2010.22.045

Computer Engineering ›› 2010, Vol. 36 ›› Issue (22): 129-131. doi: 10.3969/j.issn.1000-3428.2010.22.045

• Networks and Communications • Previous Articles Next Articles

Oversized Cryptography Attack Detection Algorithm Based on SOAP Message

GAO Wen-jie, ZHAO Feng-yu

(School of Optical-Electrical and Computer Engineering, University of Shanghai for Science and Technology, Shanghai 200093, China)

Online:2010-11-20 Published:2010-11-18

基于SOAP消息的过度加密攻击检测算法

高文婕，赵逢禹

(上海理工大学光电信息与计算机工程学院，上海 200093)

作者简介:高文婕(1985－)，女，硕士研究生，主研方向：SOA，Web服务安全；赵逢禹，教授
基金资助:
国家自然科学基金委员会与中国民用航空局联合基金资助项目(60979011)；天津市自然科学基金资助项目(09JCYBJC02300)

Abstract

Abstract: This paper analyzes attack scene, attack features of oversized cryptography and Simple Object Access Protocol(SOAP) message feature of oversized cryptography in Web service, and presents an oversized cryptography attack detection algorithm based on SOAP message. Encryption frequency is counted by detecting the number of attribute in the label of ReferenceList. Then, encryption frequency and the predetermined value are compared to determine oversized cryptography is included or not. The validity of detection algorithm is tested on Web service platform of Microsoft .net WSE.

Key words: DoS attack, Simple Object Access Protocol(SOAP) message, oversized cryptography attack, Web service

摘要： 分析Web服务中的过度加密攻击场景、攻击特点以及SOAP消息特征，提出一种基于简单对象访问协议消息(SOAP)消息的过度加密攻击检测算法。通过检测标签ReferenceList的属性个数统计SOAP消息的加密次数，并将统计出的加密次数与预先设定的阈值进行比较，从而判断是否存在过度加密攻击。在.net WSE安全平台下验证了该检测算法的有效性。

关键词: DoS攻击, 简单对象访问协议消息, 过度加密攻击, Web服务

CLC Number:

TP31

GAO Wen-Jie, DIAO Feng-Yu. Oversized Cryptography Attack Detection Algorithm Based on SOAP Message[J]. Computer Engineering, 2010, 36(22): 129-131.

高文婕, 赵逢禹. 基于SOAP消息的过度加密攻击检测算法[J]. 计算机工程, 2010, 36(22): 129-131.

/ / Recommend / Download Citations

URL: http://www.ecice06.com/EN/10.3969/j.issn.1000-3428.2010.22.045

http://www.ecice06.com/EN/Y2010/V36/I22/129

[1]	ZHU Jing, WU Zhongdong, DING Longbin, WANG Yang. DDoS Attack Detection Based on DBN in SDN Environment [J]. Computer Engineering, 2020, 46(4): 157-161,182.
[2]	TAN Wenan, WU Jiakai. Optimization of Web Service Composition Based on Improved Flower Pollination Algorithm [J]. Computer Engineering, 2020, 46(12): 67-72.
[3]	LI Weichao, ZHANG Zheng, WANG Liqun, LIU Zhenwu, LIU Hao. A Web Threat Situation Analysis Method for Mimic Structure [J]. Computer Engineering, 2019, 45(8): 1-6.
[4]	LU Beini,DU Yugen. QoS Prediction of Web Service Based on Community Detection [J]. Computer Engineering, 2019, 45(3): 117-124.
[5]	DU Shenghao,QIAN Xiaojie. Semantic Web Service Discovery Method Based on Facet and Ontology Marker [J]. Computer Engineering, 2018, 44(8): 224-229,236.
[6]	CHEN Ying,SUN Xiaobo,XING Jianchun,YANG Qiliang. Time Constraint Verification and Optimal Path Analysis of Mission Critical System [J]. Computer Engineering, 2018, 44(5): 60-65,77.
[7]	TAN Wenan,ZHAO Yao,JIN Ting. Constraint-based QoS-aware Web Service Composition in Cross-organizational Collaboration [J]. Computer Engineering, 2018, 44(11): 67-75.
[8]	WANG Rui,LI Qing,ZHAO Qian. Aircraft Support Information System Integration Based on SOA and Web Service [J]. Computer Engineering, 2018, 44(1): 91-97.
[9]	OUYANG Chao,CHEN Zhibo,SUN Guodong. Improved Genetic Algorithm for Web Service Composition QoS Optimization [J]. Computer Engineering, 2017, 43(8): 231-235,242.
[10]	LU Feng,LI Hairong,HAN Yan. QoS Collaborative Filtering Recommendation of Web Service Based on Spatial and Temporal Similarity Sensing [J]. Computer Engineering, 2017, 43(4): 28-33,38.
[11]	ZHOU Xiong,WANG Lili. SOA System for Web Service Recommendation Based on Multi-criteria Decision Making and Similarity Evaluation [J]. Computer Engineering, 2017, 43(3): 187-192,199.
[12]	ZHOU Bo,ZENG Yi,CHEN Hengxin,LIU Huijun,YANG Yanning. Research on Web Service Composition Matching Framework [J]. Computer Engineering, 2017, 43(1): 98-104.
[13]	JIA Jinglan,DONG Cailin,YU Ying,WANG Jing,ZHANG Lifen. Automatic Composition Optimization Method of Semantic Web Service Based on Backward Tree [J]. Computer Engineering, 2016, 42(4): 215-220.
[14]	ZHANG Longchang,YANG Yanhong,WANG Xiaoming. A Parallel Service Selection Algorithm Balancing Risk and Preference [J]. Computer Engineering, 2016, 42(10): 57-63.
[15]	LI Jing,QIAO Rui,LIU Zhizhong. Solution of Web Service Composition Scheduling Problem Combining with Game Theory and Multi-objective MILP [J]. Computer Engineering, 2016, 42(1): 11-17.

Please choose a citation manager

Content to export

Oversized Cryptography Attack Detection Algorithm Based on SOAP Message

基于SOAP消息的过度加密攻击检测算法

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments

模态框（Modal）标题

Please choose a citation manager

Content to export

Oversized Cryptography Attack Detection Algorithm Based on SOAP Message

基于SOAP消息的过度加密攻击检测算法

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments