The present invention relates generally to measuring the robustness of web services and, more particularly, to measuring the robustness of web services to denial of service attacks.
Web services provide services and functionality to remote clients. Web services are becoming increasingly more central in the design and implementation of web applications, where online access to data, functionality (for example, responding to search requests by invoking the Google™ web service), and verification of user-provided information (for example, by consulting the American government's web service for the credentials of an ID owner) are critical.
Web services are usually verified in terms of agreements based on given workloads and serviceability criteria. For example, it may be required that a web service ensure that 1000 clients may connect at the same time, or it may be required that the web service answer under a given workload with a maximum response time.
Web services are also verified in terms of robustness to security attacks.
In computing, a denial of service attack (DoS attack) or distributed denial of service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. Do S attacks attempt to interrupt or suspend web services of a host connected to the Internet either temporarily or indefinitely.
One common method of attack involves saturating the target machine with external communications requests. The target computer may receive so many requests that it is unable to respond to legitimate traffic, or responds so slowly as to be rendered essentially unavailable. Such attacks usually lead to a server overload. DoS attacks may either force the target computer to reset, or may consume its resources so that it can no longer provide its intended service. DoS attacks may also obstruct the communication media between the intended users and the target computer, so that they can no longer communicate adequately.
An XML (Extensible Markup Language) denial-of-service (XDoS) attack is a content-borne attack whose purpose is to shut down a web service or system running that service. A common XDoS attack occurs when an XML message is sent with a multitude of digital signatures, and a naive parser attempts to look at each signature and uses all the CPU cycles, eating up all resources. These are less common than inadvertent XDoS attacks, which occur when a programming error by a trusted customer causes a handshake to go into an infinite loop.
In a pragmatic way, the most obvious denial of service metric is the quantity of common request per unit of time that can be handled by a web service until significant changes appear into the response time for a given operation or until a total failure on the server side appears. This corresponds to common performance tests that are executed to compute the required hardware infrastructure for a given service.
However, there is no current method of measuring the robustness of a given web service against denial of service attacks based on the worst condition that the web service may need to face in terms of processor consumption on the server side.