Citation
Chan, Gaik-Yee and Lee, Chien-Sing and Heng, Swee-Huay (2012) Policy-enhanced ANFIS model to counter SOAP-related attacks. Knowledge-Based Systems, 35. pp. 64-76. ISSN 09507051
PDF
nov12-5.pdf Restricted to Repository staff only Download (0B) |
Abstract
Business Intelligence or e-commerce applications are increasingly built on the Web Service platform. Thus, SOAP-related attacks have a higher chance of occurring at the Application Layer. Although active research has been on-going in Host and Network-based intrusion detection and intrusion prevention areas, they are not adequate to countermeasure the attacks occurring at the Application Layer. This is detrimental, especially for e-commerce where sensitive and huge amount of business-related information are being exposed over the Internet. Consequently, in this paper, a policy-enhanced fuzzy model with adaptive neuro-fuzzy inference system features is introduced. Transactions generated by simulation reveal that SOAP-related attacks at the Application Layer can be detected and prevented by validating input values, input field lengths, and SOAP size using our model to classify the possibilities of granting or denying access to the backend application or database. Restricting the inputs using business policies further strengthens the model to be able to achieve detection accuracy of 99% and false positive rate of only 1%. Thus, our model has significantly contributed to an added layer of security protection for Web Service-based e-commerce applications. (C) 2012 Elsevier B.V. All rights reserved.
Item Type: | Article |
---|---|
Subjects: | Q Science > QA Mathematics > QA71-90 Instruments and machines > QA75.5-76.95 Electronic computers. Computer science |
Divisions: | Faculty of Computing and Informatics (FCI) |
Depositing User: | Ms Rosnani Abd Wahab |
Date Deposited: | 28 Dec 2012 07:25 |
Last Modified: | 28 Dec 2012 07:25 |
URII: | http://shdl.mmu.edu.my/id/eprint/3686 |
Downloads
Downloads per month over past year
Edit (login required) |