Temporal bounded reasoning for context-based information fusion in DoS attack detection

Abstract

Security is one of the main aspects to take into account when designing and developing web services. A meaning number of mechanisms of attack can lead to a web service system crash. As a result, the web service cannot allow the access to authorized users. This type of attacks is so-called as denial of service attack (DoS) which affects the availability of the services and resources. This paper presents an approach to detect and classify DoS attacks, based on Case-based Reasoning methodology where heterogeneous data are merged in order to obtain a set of cases that reflect previous analysis. The proposal has two peculiarities: (i) when a web service is attacked, this possible attack is studied by different analysers, distributing previous experiences among the analysers, in order to classify attacks in a better way; and (ii) the analysis process against attacks is temporal bounded allowing its use in environments with temporal constraints.