Cyber-Physical Systems allow for the interaction of the cyber world and physical worlds using as a central service called Cloud Web Services. Cloud Web Services can sit well within three models of Cyber- Physical Systems, Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), and Infrastructure-as-a- Service (IaaS). With any Cyber-Physical system use Cloud Web Services it inherits a security problem, the HX-DoS attack. HX-DoS attack is a combination of HTTP and XML messages that are intentionally sent to flood and destroy the communication channel of the cloud service provider. The relevance of this research is that TCP/IP flood attacks are a common problem and a lot of research to mitigate them has previously been discussed. But HTTP denial of service and XML denial of service problem has only been addressed in a few papers. In this paper, we get closer to closing this gap on this problem with our new defence system called Pre- Decision, Advance Decision, Learning System (ENDER). In our previous experiments using our Cloud Protector, we were successful at detecting and mitigate 91% with a 9% false positive of HX-DoS attack traffic. In this paper, ENDER was able to improve upon this result by being trained and tested on the same data, but with a greater result of 99% detection and 1% false positive.
History
Event
IEEE International Conference on Networked-Based Information Systems (15th : 2012 : Melbourne, Victoria)
Pagination
429 - 434
Publisher
IEEE Computer Society
Location
Melbourne, Victoria
Place of publication
Los Alamitos, Calif.
Start date
2012-09-26
End date
2012-09-28
Language
eng
Publication classification
E1 Full written paper - refereed
Copyright notice
2012, IEEE
Editor/Contributor(s)
L Barolli, D Tamiar, T Enokido, W Rahayu, M Takizawa
Title of proceedings
NBIS 2012 : Proceedings of the 2012 International Conference on Network-Based Information Systems