{"title":"Rapid Penetration Test for Securing Channel APIs in Hybrid Cloud (Dynamic Defense of Channel API)","authors":"Luiza Nacshon, Anna Sandler","doi":"10.5121/csit.2023.130308","DOIUrl":null,"url":null,"abstract":"The goal of this research is to explore the security aspects of the hybrid Cloud Channel API world in greater depth and develop a rapid penetration testing tool that will help security researchers test Cloud Channel API security more effectively. The research proposes an innovative proxy-based solution for a rapid reactive test implementing a dynamic defence for channel API in the hybrid cloud. The proxy-based solution executes security testing rules against the channel API requests and validates weaknesses or vulnerabilities as a dynamic defence. Malicious or vulnerable requests may be denied/dropped/alerted, the results and decisions will be reflected in the APImanagement dashboard. In the scope of the paper we focus on known API attacks and in the future work we are going to have a machine learning algorithm for unknown and new channel API attacks.","PeriodicalId":299543,"journal":{"name":"Natural Language Processing, Information Retrieval and AI","volume":"46 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-02-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Natural Language Processing, Information Retrieval and AI","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5121/csit.2023.130308","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
The goal of this research is to explore the security aspects of the hybrid Cloud Channel API world in greater depth and develop a rapid penetration testing tool that will help security researchers test Cloud Channel API security more effectively. The research proposes an innovative proxy-based solution for a rapid reactive test implementing a dynamic defence for channel API in the hybrid cloud. The proxy-based solution executes security testing rules against the channel API requests and validates weaknesses or vulnerabilities as a dynamic defence. Malicious or vulnerable requests may be denied/dropped/alerted, the results and decisions will be reflected in the APImanagement dashboard. In the scope of the paper we focus on known API attacks and in the future work we are going to have a machine learning algorithm for unknown and new channel API attacks.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
