Sec2 was a project was running from 2011-2013 and funded by Germany’s Federal Ministry of Education and Research (BMBF). It was partnered between Utimaco Safeware AG, adesso mobile solutions GmbH, University Dortmund, and Ruhr University Bochum. The project’s funded my following papers:
SOAP-based Web services is a middleware technology marketed as the solution to easy data exchange between heterogeneous IT architectures. The large number of scenarios, in which this technology is used, has introduced demands for new extensions raising its complexity. However, this has also introduced a large variety of new attacks. In this paper, we investigate an automatic evaluation of Web service specific Denial of Service (DoS) attacks. We present a new fully automated plugin for the WS-Attacker penetration testing tool implementing major DoS attacks. Our tool determines the attack success without having physical access to the target machine, using a novel blackbox approach. We give an overview of our design decisions and present the evaluation results using common Web service frameworks and systems.
@inproceedings{falkenbergNewApproachDoS2013,title={A New Approach towards {{DoS}} Penetration Testing on Web Services},booktitle={International Conference on Web Services ({{ICWS}})},author={Falkenberg, Andreas and Mainka, Christian and Somorovsky, Juraj and Schwenk, Jörg},date={2013-06},pages={491--498},publisher={IEEE},location={Santa Clara, CA, USA},doi={10.1109/ICWS.2013.72},url={https://dl.acm.org/doi/10.1109/ICWS.2013.72},added-at={2013-11-06T00:00:00.000+0100},ee={http://doi.ieeecomputersociety.org/10.1109/ICWS.2013.72},eventtitle={{{ICWS}}},interhash={965d5d82b3c79f96a7992362481d1cc5},intrahash={63d306b64ea638a8abc1d4e51ca7d63e},month=jun}