¹Department of Computer Science and Engineering, SRM Univerisity, India.
²Department of Computer Science and Engineering, Pondicherry Engineering College, India.

---

Abstract—Web services became a crucial tool for most of the Internet and Intranet applications and distributed systems due to its interoperability. As the usage is increased, performance and the security of Web services are facing a great impact due to DDoS attacks, XML Injection, XSS Injection etc. The hacker’s major target is either to track the data down the line or to break the network bandwidth and feed in vulnerable data to collapse the system. Existing trends follow a stream based approach with encryption techniques to increase robustness, or a Double Guard Intrusion Detection System with light weight virtualization is adapted to prevent the attacks over multitier web services. Various prevalent techniques focus towards securing data, increasing robustness and improve the network bandwidth. But there is no focus towards the validation of the service request. The proposed XSD DDOS Trace Handler approach is an innovative framework that uses the concepts of Validate Handler for the input request based on input data standards and request timestamps from the specific host. It also implements the “Totient Encryption Algorithm” in the case of XML Injection Attacks wherein a clean monitoring of the source attributes is performed. This is achieved with a dynamic charting technique that overcomes the predominant injection and DDOS attacks in the service oriented architecture.

Index Terms—Web services, XML security, attacks, XML injection, XSS injection, schema validation, schema hardening, WS-security, SOAP messages.

[PDF]

Cite: A. Murugan, K. Vivekanandan, "XSD DDoS Trace Handler in Web Service Environment," Journal of Software vol. 10, no. 9, pp. 1086-1095, 2015.