Intrusion Detection and Prevention System for Web Service

    Project Code: 236
    Enterprises, with their WS-based e-commerce or cloud applications under attacks, not only lose the confidentiality, integrity and availability of the WS system, but shall face the loss of data, businesses and the confidence of customers. This technology can provide all the WS-based e-commerce or cloud application users, whether wired, wireless or mobile, an added level of security protection.
    By MMU
Project Overview

A Web Service is a server-oriented system which performs a task when it is called upon by an application. It is not language- or platform-dependent.

Wired, wireless and mobile e-commerce or cloud applications are very vulnerable to attacks through web service. These attacks can be in the form of XML injection, XML denial of service (DoS) and oversized payload attacks. There are huge implications to being attacked including data corruption, data theft and deletion, obtaining user privileges within the application or network, etc., all of which may result in costly recompense to customers.

Existing techniques to counter-measure such web service attacks, e.g. using firewalls or network/host-based intrusion detection (ID) systems have unfortunately not been successful in combating the attacks.

The advantages of this technology include:

1.     Competitor solutions typically only detect attacks by observing various activities, but they do not address the attacks

2.     High accuracy, low false alarm rate

3.     Wide range of detectable web-service attacks, including DoS, DDoS, SQL injection, buffer overflow, XML injection, XML-DoS, SOAP oversized payloads

4.     High protection against the above attacks

5.     Constant updating of new kinds of attacks

You may also like