Time estimation for next request to prevent DOS attack on RESTful Services
Other Title(s)
حساب الوقت للطلب التالي لمنع عملية حدوث حجب الخدمة في خدمات الريستفول RESTful
Dissertant
Thesis advisor
University
Islamic University
Faculty
Faculty of Information Technology
Department
Information Technology
University Country
Palestine (Gaza Strip)
Degree
Master
Degree Date
2016
English Abstract
Systems are getting integrated faster and easier using web API, as applications and cloud API’s nowadays are shifting to REST-based services in the detriment of SOAP-based ones.
RESTful services are a lightweight alternative to Web Services implemented using HTTP and principles of REST.
Thus there is no standard applied on RESTful, so security is not considered by default.
One of the most attack suffer by the mainstream service providers is Buffer overflow in RESTful services, as a result from misuse or intentional attack.
Client requests a resource many times that consume processing time and a lot of money for each request and may cause Denial of services (DOS).
This is a hot topic since there is a lack of study in this field and a wide use for RESTful services as a commercial base, so our approach focuses on how to prevent the suspicious repeated RESTful requests.
Every RESTful request has process time and guarded with a token which we increase in live time by next expected time for next request.
To protect the service provider from suspicious repeated RESTful requests (which causes losing money & may cause buffer overflow DOS attack) we must prevent repeated request for same resources from the same client before the process time of the previous request is done and to ensure that the new RESTful request has a valid token.
We propose an approach to estimate RESTful process request time from a set of previous requests using large number of experiments to find general equation for estimate current computing time and finding the next expected time for next RESTful request using our equation.
We compute guard time depending on the next request time which protect service provider from repeated request that causes buffer overflow DOS attack.
The results were sufficient as the accuracy ranges between 93% and 98% with average 97.31 %.
Main Subjects
Information Technology and Computer Science
No. of Pages
80
Table of Contents
Table of contents.
Abstract.
Abstract in Arabic.
Chapter One : Introduction.
Chapter Two : Theoretical background.
Chapter Three : Related works.
Chapter Four : Proposed approach.
Chapter Five : Implementation.
Chapter Six : Experiments and results.
Chapter Seven : Conclusion and future work.
References.
American Psychological Association (APA)
Subayh, Muna Ismail. (2016). Time estimation for next request to prevent DOS attack on RESTful Services. (Master's theses Theses and Dissertations Master). Islamic University, Palestine (Gaza Strip)
https://search.emarefa.net/detail/BIM-727286
Modern Language Association (MLA)
Subayh, Muna Ismail. Time estimation for next request to prevent DOS attack on RESTful Services. (Master's theses Theses and Dissertations Master). Islamic University. (2016).
https://search.emarefa.net/detail/BIM-727286
American Medical Association (AMA)
Subayh, Muna Ismail. (2016). Time estimation for next request to prevent DOS attack on RESTful Services. (Master's theses Theses and Dissertations Master). Islamic University, Palestine (Gaza Strip)
https://search.emarefa.net/detail/BIM-727286
Language
English
Data Type
Arab Theses
Record ID
BIM-727286