Intrusion detection and prevention of web service attacks for software as a service:Fuzzy association rules vs fuzzy associative patterns

Chan, Gaik Yee and Chua, Fang Fang and Lee, Chien Sing * (2016) Intrusion detection and prevention of web service attacks for software as a service:Fuzzy association rules vs fuzzy associative patterns. Journal of Intelligent and Fuzzy Systems, 31 (2). pp. 749-764. ISSN 1064 1246

[img]
Preview
Text
Lee Chien Sing Intrusion Detection.pdf

Download (3MB) | Preview

Abstract

Cloud computing inherits all the systems, networks as well asWeb Services’ security vulnerabilities, in particular for software as a service (SaaS), where business applications or services are provided over the Cloud as Web Service (WS). Hence, WS-based applications must be protected against loss of integrity, confidentiality and availability when they are deployed over to the Cloud environment. Many existing IDP systems address only attacks mostly occurring at PaaS and IaaS. In this paper, we present our fuzzy association rule-based (FAR) and fuzzy associative pattern-based (FAP) intrusion detection and prevention (IDP) systems in defending against WS attacks at the SaaS level. Our experimental results have validated the capabilities of these two IDP systems in terms of detection of known attacks and prediction of newvariant attacks with accuracy close to 100%. For each transaction transacted over the Cloud platform, detection, prevention or prediction is carried out in less than five seconds. For load and volume testing on the SaaS where the system is under stress (at a work load of 5000 concurrent users submitting normal, suspicious and malicious transactions over a time interval of 300 seconds), the FAR IDP system provides close to 95% service availability to normal transactions. Future work involves determining more quality attributes besides service availability, such as latency, throughput and accountability for a more trustworthy SaaS.

Item Type: Article
Uncontrolled Keywords: intrusion detection; intrusion prevention; software as a service; fuzzy association rule; web service
Subjects: Q Science > QA Mathematics > QA76 Computer software
Divisions: Sunway University > School of Science and Technology > Dept. Computing and Information Systems
Depositing User: Dr Janaki Sinnasamy
Date Deposited: 27 Nov 2017 09:58
Last Modified: 30 Jan 2018 07:47
URI: http://eprints.sunway.edu.my/id/eprint/686

Actions (login required)

View Item View Item