Detection of XML signature wrapping attack using node counting

Abstract

In context of web service security, several standards are defined to secure exchanges of SOAP messages in web service environment. Prominent among these security standards is the digital signature. SOAP messages are signed partially or fully before being transmitted. But recent researches has shown that even signed messages are vulnerable to interception and manipulation of content. We refer to these types of attacks as XML signature wrapping attacks. In this paper, an approach is proposed to detect the XML signature wrapping attacks on signed web service requests using node counting. We detect XML signature wrapping attacks by calculating the frequency of each node in web service request. Experiments show that the proposed solution is computationally less expensive and has better performance in securing the exchange of SOAP messages.