By Topic

Design and implementation of Web service honeypot

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

The purchase and pricing options are temporarily unavailable. Please try again later.
3 Author(s)
Ghourabi, A. ; Dept. of Comput. Sci. & Networks, Univ. of Carthage, Tunis, Tunisia ; Abbes, T. ; Bouhoula, A.

Web services are increasingly becoming an integral part of next-generation web applications. A Web service is defined as a software system designed to support interoperable machine-to-machine interaction over a network based on a set of XML standards. This new architecture and set of protocols brings new vulnerabilities that can be exploited by attackers. To prevent and detect such attacks, several security techniques are available like authentication and encryption mechanisms, firewalls and intrusion detection systems (IDS). Nevertheless these security methods encounter some problems, especially when dealing with new attacks. Relying on additional security principles seems to be important to well protect Web services. In this paper, we propose using honeypots to detect and study attacks against Web services. Honeypots are used to learn new techniques, tools and motivations of hackers to better protect the production systems against attacks. Our solution (WS Honeypot) is to deploy a honeypot as a web service application. This honeypot captures all request messages and analyses them by using machine learning techniques in order to detect and study attacks.

Published in:

Software, Telecommunications and Computer Networks (SoftCOM), 2011 19th International Conference on

Date of Conference:

15-17 Sept. 2011