Protecting web services with service oriented traceback architecture

Service oriented architecture (SOA) is a way of reorganizing software infrastructure into a set of service abstracts. In the area of applying SOA to Web service security, there have been some well defined security dimensions. However, current Web security systems, like WS-Security are not efficient enough to handle distributed denial of service (DDoS) attacks. Our new approach, service oriented traceback architecture (SOTA), provides a framework to be able to identify the source of an attack. This is accomplished by deploying our defence system at distributed routers, in order to examine the incoming SOAP messages and place our own SOAP header. By this method, we can then use the new SOAP header information, to traceback through the network the source of the attack. According to our experimental performance evaluations, we find that SOTA is quite scaleable, simple and quite effective at identifying the source.<br /

Understanding Displacement and Urbanisation in Somali Cities

Somalia has one of the largest populations of internally displaced people (IDPs) in the world: an estimated 2.6 million in 2018. Yet little is known about the way displaced people experience flight and resettlement, how they learn to navigate their new city lives, and what measures they take to improve their security. The ESRC-DFID funded ‘Security on the Move’ project captured the experiences of displaced people in four Somali cities and provided spaces for them to raise their concerns with policymakers. The study showed that land, tenure and labour insecurity consistently feature in their lives. Living conditions differed considerably depending on the duration of settlement, individuals’ connection to local power-holders, and their gender. However, in all four cities, displaced people provided services within the expanding urban economies. Physical insecurity remained a threat, as people continued to experience evictions, domestic violence, crime, or threats posed by armed groups.ESRC-DFI

Chaos theory based detection against network mimicking DDoS attacks

DDoS attack traffic is difficult to differentiate from legitimate network traffic during transit from the attacker, or zombies, to the victim. In this paper, we use the theory of network self-similarity to differentiate DDoS flooding attack traffic from legitimate self-similar traffic in the network. We observed that DDoS traffic causes a strange attractor to develop in the pattern of network traffic. From this observation, we developed a neural network detector trained by our DDoS prediction algorithm. Our preliminary experiments and analysis indicate that our proposed chaotic model can accurately and effectively detect DDoS attack traffic. Our approach has the potential to not only detect attack traffic during transit, but to also filter it.<br /

Defending grid web services from XDoS attacks by SOTA

Grid Web Services are still relevantly a new to business systems, and as more systems are being attached to it, any threat to it could bring collapse and huge harm. Some of these potential threats to Grid Web services come in a new form of a new denial of service attack (DoS), called XML Denial of Service or XDOS attacks. Though, as yet, there have not been any reported attacks from the media, we have observed these attacks are actually far less complex to implement than any previous Denial of Service (DoS), but still just as affective. Current security applications for grid web services (WS-Security for example), based on our observations, and are not up to job of handling the problem. In this paper, we build on our previous work called Service Oriented Traceback Architecture (SOTA), and apply our model to Grid Networks that employ web services. We further introduce a filter defence system, called XDetector, to work in combination with SOTA. Our results show that SOTA in conjunction with XDetector makes for an effective defence against XDoS attacks and upcoming DXDoS.<br /

Chaos Theory Based Detection against Network Mimicking DDoS Attacks

DDoS attack traffic is difficult to differentiate from legitimate network traffic during transit from the attacker, or zombies, to the victim. In this paper, we use the theory of network self-similarity to differentiate DDoS flooding attack traffic from legitimate self-similar traffic in the network. We observed that DDoS traffic causes a strange attractor to develop in the pattern of network traffic. From this observation, we developed a neural network detector trained by our DDoS prediction algorithm. Our preliminary experiments and analysis indicate that our proposed chaotic model can accurately and effectively detect DDoS attack traffic. Our approach has the potential to not only detect attack traffic during transit, but to also filter it

War and City-Making in Somalia: Property, Power and Disposable Lives

Rapid urbanisation in Somalia, as in many other war-torn countries, is driven by in-migration of displaced people who are often amassed in camps. Although such camps become institutionalised sites of exclusion where ‘bare life’ is generated and disposed, they are also characterised by socially messy and continuously evolving relations of space, power, violence and displacement. The article draws on fieldwork with displaced people in Somali cities to analyse claims to property and (often violent) competition to uphold them in contestation for sovereignty. Comparing two cities, Mogadishu and Bosaaso, we show how a broad range of international and local actors, including displaced people themselves, negotiate (urban) property and establish relations that guide and foster political authority, while rendering the lives and livelihoods of displaced people precarious and insecure. In property, politics and the economy intersect, and property relations are therefore subject to struggles for both power and profit. We underscore how sovereign power produces spaces of indistinction, but emphasise that property as an analytical category contributes to understandings of sovereignty. Furthermore, propertying as social practice draws attention to the way sovereignty emerges and is connected to the market. This enables the differentiations of forms of sovereignty and draws attention to how it is negotiated, openly challenged or silently undermined