Abstract—Denial of Service (DoS) attacks can cost online and web service providers money and damage their reputations. The lack of security protection in web services creates a vulnerability attackers can exploit. A new XDoS attack targeting web services has recently emerged, using XML rather than plain old HTML as the attack vector. This paper proposes a middleware tool for detecting and preventing web service XDoS and HTTP flooding attacks. A rule-based technique classifies requests as benign or malicious to detect XDoS attacks. According to the middleware tool’s trial findings, rule-based technology has successfully recognized and blocked XDoS and HTTP flooding assaults such as large payloads, forceful parsing, and external XML elements in near-real time, such as 0.006s across web services. Middleware protects web services from XDoS and distributed XDoS attacks by ensuring nearly 100% service availability for routine requests (DXDoS).
 
Keywords—denial of service, web service, attack


Copyright © 2023 by the authors. This is an open access article distributed under the Creative Commons Attribution License (CC BY-NC-ND 4.0), which permits use, distribution and reproduction in any medium, provided that the article is properly cited, the use is non-commercial and no modifications or adaptations are made.