A framework for checking and mitigating the security vulnerabilities of cloud service RESTful APIs

Exploiting APIs by extrapolating out the vulnerabilities of a system is a trending issue for the cloud. The aftermath of API attacks includes sensitive data disclosure, misconfigured security parameters, broken authentication schemes, service disruption, financial loss, etc. Existing frameworks coul...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Service oriented computing and applications Ročník 19; číslo 3; s. 187 - 208
Hlavní autoři: Khan, Md Shohel, Siam, Rubaiyat Sha Fardin, Adnan, Muhammad Abdullah
Médium: Journal Article
Jazyk:angličtina
Vydáno: London Springer London 01.09.2025
Springer Nature B.V
Témata:
Computer Appl. in Administrative Data Processing
Computer Science
Computer Systems Organization and Communication Networks
Denial of service attacks
e-Commerce/e-business
Exploitation
IT in Business
Machine learning
Management of Computing and Information Systems
Original Research Paper
Parameter sensitivity
Privacy
Programmers
Security
Servers
Software Engineering/Programming and Operating Systems
RESTful API
XSS attacks
Reverse proxy
SQL injection attacks
Malicious domain
ISSN:1863-2386, 1863-2394
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Exploiting APIs by extrapolating out the vulnerabilities of a system is a trending issue for the cloud. The aftermath of API attacks includes sensitive data disclosure, misconfigured security parameters, broken authentication schemes, service disruption, financial loss, etc. Existing frameworks could handle a maximum of two issues in most cases (i.e., SQLIA, XSS attacks, malicious domain, DDoS attacks), and those solutions are not highly reliable. In contrast to them, we have pinpointed the security vulnerabilities of RESTful APIs in an accurate manner and presented a two-way approach to mitigate them. Moreover, we have also designed and implemented a reverse proxy that is capable of not only intercepting malicious attacks but also checking security properties upon creating or deleting resources which is an improved implementation of existing works. This system has been tested in a real cloud and our work has shown tremendous improvement in checking and mitigating SQL injection attacks, XSS attacks, and malicious domains over existing works. To check these three components, our framework consumes only 0.050298469 s (Average). Our system has also shown significant improvement in figuring out potential security rule violations (up to 48.90% faster & 47.82% accurate than existing work). Furthermore, we have implemented a machine-learning model to improve the detectability of SQLI.
Bibliografie:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:1863-2386
1863-2394
DOI:10.1007/s11761-024-00404-z