Validating denial of service vulnerabilities in web services

The loosely-coupled and dynamic nature of web services architectures has many benefits, but also leads to an increased vulnerability to denial of service attacks. While many papers have surveyed and described these vulnerabilities, they are often theoretical and lack experimental data to validate them, and assume an obsolete state of web services technologies. This paper describes experiments involving several denial of service vulnerabilities in well-known web services platforms, including Java Metro, Apache Axis, and Microsoft .NET. The results both confirm and deny the presence of some of the most well-known vulnerabilities in web services technologies. Specifically, major web services platforms appear to cope well with attacks that target memory exhaustion. However, attacks targeting CPU-time exhaustion are still effective, regardless of the victim’s platform.

A distributed denial of service testbed

The Denial of Service Testing Framework (dosTF) being developed as part of the joint India-Australia research project for ‘Protecting Critical Infrastructure from Denial of Service Attacks’ allows for the construction, monitoring and management of emulated Distributed Denial of Service attacks using modest hardware resources. The purpose of the testbed is to study the effectiveness of different DDoS mitigation strategies and to allow for the testing of defense appliances. Experiments are saved and edited in XML as abstract descriptions of an attack/defense strategy that is only mapped to real resources at run-time. It also provides a web-application portal interface that can start, stop and monitor an attack remotely. Rather than monitoring a service under attack indirectly, by observing traffic and general system parameters, monitoring of the target application is performed directly in real time via a customised SNMP agent.

Stronger difficulty notions for client puzzles and denial-of-service-resistant protocols

Client puzzles are meant to act as a defense against denial of service (DoS) attacks by requiring a client to solve some moderately hard problem before being granted access to a resource. However, recent client puzzle difficulty definitions (Stebila and Ustaoglu, 2009; Chen et al., 2009) do not ensure that solving n puzzles is n times harder than solving one puzzle. Motivated by examples of puzzles where this is the case, we present stronger definitions of difficulty for client puzzles that are meaningful in the context of adversaries with more computational power than required to solve a single puzzle. A protocol using strong client puzzles may still not be secure against DoS attacks if the puzzles are not used in a secure manner. We describe a security model for analyzing the DoS resistance of any protocol in the context of client puzzles and give a generic technique for combining any protocol with a strong client puzzle to obtain a DoS-resistant protocol.

Reliability analysis and economic equipment replacement appraisal for substation and sub-transmission systems with explicit inclusion of non-repairable failures

The modern society has come to expect the electrical energy on demand, while many of the facilities in power systems are aging beyond repair and maintenance. The risk of failure is increasing with the aging equipments and can pose serious consequences for continuity of electricity supply. As the equipments used in high voltage power networks are very expensive, economically it may not be feasible to purchase and store spares in a warehouse for extended periods of time. On the other hand, there is normally a significant time before receiving equipment once it is ordered. This situation has created a considerable interest in the evaluation and application of probability methods for aging plant and provisions of spares in bulk supply networks, and can be of particular importance for substations. Quantitative adequacy assessment of substation and sub-transmission power systems is generally done using a contingency enumeration approach which includes the evaluation of contingencies, classification of the contingencies based on selected failure criteria. The problem is very complex because of the need to include detailed modelling and operation of substation and sub-transmission equipment using network flow evaluation and to consider multiple levels of component failures. In this thesis a new model associated with aging equipment is developed to combine the standard tools of random failures, as well as specific model for aging failures. This technique is applied in this thesis to include and examine the impact of aging equipments on system reliability of bulk supply loads and consumers in distribution network for defined range of planning years. The power system risk indices depend on many factors such as the actual physical network configuration and operation, aging conditions of the equipment, and the relevant constraints. The impact and importance of equipment reliability on power system risk indices in a network with aging facilities contains valuable information for utilities to better understand network performance and the weak links in the system. In this thesis, algorithms are developed to measure the contribution of individual equipment to the power system risk indices, as part of the novel risk analysis tool. A new cost worth approach was developed in this thesis that can make an early decision in planning for replacement activities concerning non-repairable aging components, in order to maintain a system reliability performance which economically is acceptable. The concepts, techniques and procedures developed in this thesis are illustrated numerically using published test systems. It is believed that the methods and approaches presented, substantially improve the accuracy of risk predictions by explicit consideration of the effect of equipment entering a period of increased risk of a non-repairable failure.

Inclusion of PMU current phasor measurements in a power system state estimator

Three different methods of inclusion of current measurements by phasor measurement units (PMUs) in a power sysetm state estimator is investigated. A comprehensive formulation of the hybrid state estimator incorporating conventional, as well as PMU measurements, is presented for each of the three methods. The behaviour of the elements because of the current measurements in the measurement Jacobian matrix is examined for any possible ill-conditioning of the state estimator gain matrix. The performance of the state estimators are compared in terms of the convergence properties and the varian in the estimated states. The IEEE 14-bus and IEEE 300-bus systems are used as test beds for the study.

An integrated approach to cryptographic mitigation of denial-of-service attacks

Gradual authentication is a principle proposed by Meadows as a way to tackle denial-of-service attacks on network protocols by gradually increasing the confidence in clients before the server commits resources. In this paper, we propose an efficient method that allows a defending server to authenticate its clients gradually with the help of some fast-to-verify measures. Our method integrates hash-based client puzzles along with a special class of digital signatures supporting fast verification. Our hash-based client puzzle provides finer granularity of difficulty and is proven secure in the puzzle difficulty model of Chen et al. (2009). We integrate this with the fast-verification digital signature scheme proposed by Bernstein (2000, 2008). These schemes can be up to 20 times faster for client authentication compared to RSA-based schemes. Our experimental results show that, in the Secure Sockets Layer (SSL) protocol, fast verification digital signatures can provide a 7% increase in connections per second compared to RSA signatures, and our integration of client puzzles with client authentication imposes no performance penalty on the server since puzzle verification is a part of signature verification.

Defending web services against denial of service attacks using client puzzles

The interoperable and loosely-coupled web services architecture, while beneficial, can be resource-intensive, and is thus susceptible to denial of service (DoS) attacks in which an attacker can use a relatively insignificant amount of resources to exhaust the computational resources of a web service. We investigate the effectiveness of defending web services from DoS attacks using client puzzles, a cryptographic countermeasure which provides a form of gradual authentication by requiring the client to solve some computationally difficult problems before access is granted. In particular, we describe a mechanism for integrating a hash-based puzzle into existing web services frameworks and analyze the effectiveness of the countermeasure using a variety of scenarios on a network testbed. Client puzzles are an effective defence against flooding attacks. They can also mitigate certain types of semantic-based attacks, although they may not be the optimal solution.

Parametric differences between a real-world distributed denial-of-service attack and a flash event

Distributed Denial-of-Service (DDoS) attacks continue to be one of the most pernicious threats to the delivery of services over the Internet. Not only are DDoS attacks present in many guises, they are also continuously evolving as new vulnerabilities are exploited. Hence accurate detection of these attacks still remains a challenging problem and a necessity for ensuring high-end network security. An intrinsic challenge in addressing this problem is to effectively distinguish these Denial-of-Service attacks from similar looking Flash Events (FEs) created by legitimate clients. A considerable overlap between the general characteristics of FEs and DDoS attacks makes it difficult to precisely separate these two classes of Internet activity. In this paper we propose parameters which can be used to explicitly distinguish FEs from DDoS attacks and analyse two real-world publicly available datasets to validate our proposal. Our analysis shows that even though FEs appear very similar to DDoS attacks, there are several subtle dissimilarities which can be exploited to separate these two classes of events.

General characteristics of anticipated user experience (AUX) with interactive products

Providing a positive user experience (UX) has become the key differentiator for products to win a competition in mature markets. To ensure that a product will support enjoyable experiences for its users, assessment of UX should be conducted early during the design and development process. However, most UX frameworks and evaluation techniques focus on understanding and assessing user’s experience with functional prototypes or existing products. This situation delays UX assessment until the late phases of product development which may result in costly design modifications and less desirable products. A qualitative study was conducted to investigate anticipated user experience (AUX) to address this issue. Twenty pairs of participants were asked to imagine an interactive product, draw their product concept, and anticipate their interactions and experiences with it. The data was analyzed to identify general characteristics of AUX. We found that while positive AUX was mostly related to an imagined/desired product, negative AUX was mainly associated with existing products. It was evident that the pragmatic quality of product was fundamental, and significantly influenced user’s anticipated experiences. Furthermore, the hedonic quality of product received more focus in positive than negative AUX. The results also showed that context, user profile, experiential knowledge, and anticipated emotion could be reflected in AUX. The understanding of AUX will help product designers to better foresee the users’ underlying needs and to focus on the most important aspects of their positive experiences, which in turn facilitates the designers to ensure pleasurable UX from the start of the design process.

The morphology of service bundling settings

The purpose of this paper is to advance our understanding of what contextual factors influence the service bundling process in an organizational setting. Although previous literature contains insights into the mechanisms underlying bundling and the artefacts for performing the bundling task itself, the body of knowledge seems to lack a comprehensive framework for analysing the actual scenario in which the bundling process is performed. This is required as the scenario will influence the bundling method and the IT support. We address this need by designing a morphological box for analysing bundling scenarios in different organizational settings. The factors featured in the box are systematised into a set of four categories of bundling layers which we identify from reviewing literature. The two core layers in the framework are the service bundling on a type level and on an instance level (i.e. configuration). To demonstrate the applicability and utility of the proposed morphological box, we apply it to assess the underlying differences and commonalities of two different bundling scenarios from the B2B and G2C sectors which stress the differences between bundling on a type and instance level. In addition, we identify several prospects for future research that can benefit from the proposed morphological box.

Enterprise architecture and the integration of service-oriented architecture

In recent years, enterprise architecture (EA) has captured a growing attention as a means to systematically consolidate and interrelate diverse business and IT artefacts in order to provide holistic decision support. The recent popularity of a service-orientation has added “service “and related constructs as a new element that requires consideration within an Enterprise Architecture. Since the emergence of the Service-Oriented Architecture (SOA), many attempts have been made to incorporate SOA artefacts in existing EA frameworks. Yet, the approaches taken to achieve this goal differ substantially for the most commonly used EA frameworks to date. SOA in the context of enterprise architecture is one of the future research challenges. Several authors argue that further research is needed in order to understand how SOA impacts prior enterprise architecture frameworks. This study explores SOA integration within EA, identifies SOA integration approaches within EA and identifies factors that impact SOA integration within Enterprise Architecture.