{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,7]],"date-time":"2026-02-07T11:57:22Z","timestamp":1770465442523,"version":"3.49.0"},"reference-count":30,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2024,5,29]],"date-time":"2024-05-29T00:00:00Z","timestamp":1716940800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,5,29]],"date-time":"2024-05-29T00:00:00Z","timestamp":1716940800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["SOCA"],"published-print":{"date-parts":[[2025,9]]},"DOI":"10.1007\/s11761-024-00404-z","type":"journal-article","created":{"date-parts":[[2024,5,29]],"date-time":"2024-05-29T15:01:43Z","timestamp":1716994903000},"page":"187-208","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["A framework for checking and mitigating the security vulnerabilities of cloud service RESTful APIs"],"prefix":"10.1007","volume":"19","author":[{"given":"Md Shohel","family":"Khan","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rubaiyat Sha Fardin","family":"Siam","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3219-9053","authenticated-orcid":false,"given":"Muhammad Abdullah","family":"Adnan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,5,29]]},"reference":[{"key":"404_CR1","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1016\/j.procs.2020.06.073","volume":"174","author":"J Tang","year":"2020","unstructured":"Tang J, Ma T, Luo Q (2020) Trends prediction of big data: a case study based on fusion data. Procedia Comput Sci 174:181\u2013190","journal-title":"Procedia Comput Sci"},{"key":"404_CR2","doi-asserted-by":"publisher","unstructured":"Pitney AM, Penrod S, Foraker M, Bhunia S (2022) A systematic review of 2021 microsoft exchange data breach exploiting multiple vulnerabilities. In: 2022 7th international conference on smart and sustainable technologies (SpliTech), pp 1\u20136. https:\/\/doi.org\/10.23919\/SpliTech55088.2022.9854268","DOI":"10.23919\/SpliTech55088.2022.9854268"},{"key":"404_CR3","doi-asserted-by":"crossref","unstructured":"Atlidakis V, Godefroid P, Polishchuk M (2020) Checking security properties of cloud service rest APIS. In: 2020 IEEE 13th international conference on software testing, validation and verification (ICST). IEEE, pp 387\u2013397","DOI":"10.1109\/ICST46399.2020.00046"},{"key":"404_CR4","doi-asserted-by":"crossref","unstructured":"Muzaki RA, Briliyant OC, Hasditama MA, Ritchi H (2020) Improving security of web-based application using modsecurity and reverse proxy in web application firewall. In: 2020 international workshop on big data and information security (IWBIS). IEEE, pp. 85\u201390","DOI":"10.1109\/IWBIS50925.2020.9255601"},{"key":"404_CR5","doi-asserted-by":"crossref","unstructured":"Hidhaya SF, Geetha, A (2012) Intrusion protection against sql injection and cross site scripting attacks using a reverse proxy. In: Recent trends in computer networks and distributed systems security: international conference, SNDS 2012, Trivandrum, India, October 11\u201312, 2012. Proceedings 1. Springer, Berlin, pp 252\u2013263","DOI":"10.1007\/978-3-642-34135-9_26"},{"key":"404_CR6","doi-asserted-by":"crossref","unstructured":"Wurzinger P, Platzer C, Ludl C, Kirda E, Kruegel C (2009) Swap: mitigating xss attacks using a reverse proxy. In: 2009 ICSE workshop on software engineering for secure systems. IEEE, pp 33\u201339","DOI":"10.1109\/IWSESS.2009.5068456"},{"key":"404_CR7","doi-asserted-by":"publisher","first-page":"5279","DOI":"10.1007\/s11277-016-3741-7","volume":"96","author":"T-Y Wu","year":"2017","unstructured":"Wu T-Y, Chen C-M, Sun X, Liu S, Lin JC-W (2017) A countermeasure to SQL injection attack for cloud environment. Wireless Pers Commun 96:5279\u20135293","journal-title":"Wireless Pers Commun"},{"key":"404_CR8","doi-asserted-by":"crossref","unstructured":"Stency V, Mohanasundaram N (2021) A study on xss attacks: intelligent detection methods. In: Journal of physics: conference series. IOP Publishing, vol 1767, p 012047","DOI":"10.1088\/1742-6596\/1767\/1\/012047"},{"key":"404_CR9","doi-asserted-by":"crossref","unstructured":"Martin-Lopez A, Segura S, Ruiz-Cort\u00e9s A (2020) Restest: black-box constraint-based testing of restful web APIS. In: Service-oriented computing: 18th international conference, ICSOC 2020, Dubai, United Arab Emirates, December 14\u201317, 2020, Proceedings 18. Springer, pp 459\u2013475","DOI":"10.1007\/978-3-030-65310-1_33"},{"issue":"1","key":"404_CR10","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3293455","volume":"28","author":"A Arcuri","year":"2019","unstructured":"Arcuri A (2019) Restful API automated test case generation with evomaster. ACM Trans Softw Eng Methodol (TOSEM) 28(1):1\u201337","journal-title":"ACM Trans Softw Eng Methodol (TOSEM)"},{"key":"404_CR11","doi-asserted-by":"crossref","unstructured":"Atlidakis V, Godefroid P, Polishchuk M (2019) Restler: Stateful rest API fuzzing. In: 2019 IEEE\/ACM 41st international conference on software engineering (ICSE). IEEE, pp 748\u2013758","DOI":"10.1109\/ICSE.2019.00083"},{"key":"404_CR12","unstructured":"Hidhaya SF, Geetha A (2010) Compval\u2014a system to mitigate sqlia. In: Proceedings of the international conference on computer, communication and intelligence ICCCI, vol 10, pp 337\u2013342"},{"key":"404_CR13","doi-asserted-by":"publisher","unstructured":"Michelin RA, Zorzo AF, De\u00a0Rose CA (2014) Mitigating dos to authenticated cloud rest APIS. In: The 9th international conference for internet technology and secured transactions (ICITST-2014), pp 106\u2013111. https:\/\/doi.org\/10.1109\/ICITST.2014.7038787","DOI":"10.1109\/ICITST.2014.7038787"},{"issue":"4","key":"404_CR14","doi-asserted-by":"publisher","first-page":"2995","DOI":"10.1007\/s11277-020-07243-z","volume":"117","author":"KN Durai","year":"2021","unstructured":"Durai KN, Subha R, Haldorai A (2021) A novel method to detect and prevent SQLIA using ontology to cloud web security. Wireless Pers Commun 117(4):2995\u20133014","journal-title":"Wireless Pers Commun"},{"key":"404_CR15","doi-asserted-by":"crossref","unstructured":"Tung Y-H, Lin C-C, Shan H-L (2014) Test as a service: a framework for web security TAAS service in cloud environment. In: 2014 IEEE 8th international symposium on service oriented system engineering. IEEE, pp 212\u2013217","DOI":"10.1109\/SOSE.2014.36"},{"key":"404_CR16","doi-asserted-by":"crossref","unstructured":"Wirz L, Tanthanathewin R, Ketphet A, Fugkeaw S (2022) Design and development of a cloud-based ids using apache KAFKA and spark streaming. In: 2022 19th international joint conference on computer science and software engineering (JCSSE). IEEE, pp 1\u20136","DOI":"10.1109\/JCSSE54890.2022.9836264"},{"key":"404_CR17","doi-asserted-by":"crossref","unstructured":"Ranjan I, Agnihotri RB (2019) Ambiguity in cloud security with malware-injection attack. In: 2019 3rd international conference on electronics, communication and aerospace technology (ICECA). IEEE, pp 306\u2013310","DOI":"10.1109\/ICECA.2019.8821844"},{"key":"404_CR18","doi-asserted-by":"crossref","unstructured":"Rongzhou L, Nanfeng X (2020) Web protection scheme based on a cloud computing platform. In: 2020 5th IEEE international conference on big data analytics (ICBDA). IEEE, pp 323\u2013328","DOI":"10.1109\/ICBDA49040.2020.9101215"},{"key":"404_CR19","doi-asserted-by":"crossref","unstructured":"Bermbach D, Wittern E (2016) Benchmarking web API quality. In: Web engineering: 16th international conference, ICWE 2016, Lugano, Switzerland, June 6\u20139, 2016. Proceedings 16. Springer, pp 188\u2013206","DOI":"10.1007\/978-3-319-38791-8_11"},{"key":"404_CR20","unstructured":"Teuchert D. The 6 biggest challenges of REST API testing. https:\/\/tinyurl.com\/3tdxc2mm Accessed on 12 April 2023"},{"key":"404_CR21","doi-asserted-by":"publisher","first-page":"1181","DOI":"10.1007\/s11036-019-01256-0","volume":"24","author":"AQ Md","year":"2019","unstructured":"Md AQ, Varadarajan V, Mandal K (2019) Efficient algorithm for identification and cache based discovery of cloud services. Mobile Netw Appl 24:1181\u20131197","journal-title":"Mobile Netw Appl"},{"key":"404_CR22","doi-asserted-by":"crossref","unstructured":"Carra D, Neglia G, Michiardi P (2019) Ttl-based cloud caches. In: IEEE INFOCOM 2019-IEEE conference on computer communications. IEEE, pp 685\u2013693","DOI":"10.1109\/INFOCOM.2019.8737546"},{"key":"404_CR23","doi-asserted-by":"crossref","unstructured":"Maros A, Murai F, Silva APC, Almeida JM, Lattuada M, Gianniti E, Hosseini M, Ardagna D (2019) Machine learning for performance prediction of spark cloud applications. In: 2019 IEEE 12th international conference on cloud computing (CLOUD). IEEE, pp 99\u2013106","DOI":"10.1109\/CLOUD.2019.00028"},{"key":"404_CR24","doi-asserted-by":"crossref","unstructured":"Wan C, Liu S, Hoffmann H, Maire M, Lu S (2021) Are machine learning cloud APIS used correctly? In: 2021 IEEE\/ACM 43rd international conference on software engineering (ICSE). IEEE, pp 125\u2013137","DOI":"10.1109\/ICSE43902.2021.00024"},{"key":"404_CR25","unstructured":"Orthrus BlockList. https:\/\/tinyurl.com\/2hhezs57. Accessed on 16 March 2023"},{"key":"404_CR26","unstructured":"Abu Syeed Sajid Ahmed MS. SQL Injection Dataset. https:\/\/www.kaggle.com\/datasets\/sajid576\/sql-injection-dataset. Accessed on 05 Jan 2024"},{"key":"404_CR27","unstructured":"SQLmap.org: sqlmap\u2014automatic SQL injection and database takeover tool. https:\/\/sqlmap.org\/. Accessed on 06 Jan 2024"},{"key":"404_CR28","unstructured":"PortSwigger: Burp Suite Professional - PortSwigger. https:\/\/portswigger.net\/burp\/pro. Accessed on 06 Jan 2024"},{"key":"404_CR29","unstructured":"Invicti: Invicti (formerly Netsparker). https:\/\/www.invicti.com\/. Accessed on 06 Jan 2024"},{"key":"404_CR30","unstructured":"Invicti: Acunetix Premium. https:\/\/www.acunetix.com\/product\/premium\/. Accessed on 06 Jan 2024"}],"container-title":["Service Oriented Computing and Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11761-024-00404-z.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11761-024-00404-z\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11761-024-00404-z.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,12]],"date-time":"2025-09-12T06:17:30Z","timestamp":1757657850000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11761-024-00404-z"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,5,29]]},"references-count":30,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2025,9]]}},"alternative-id":["404"],"URL":"https:\/\/doi.org\/10.1007\/s11761-024-00404-z","relation":{},"ISSN":["1863-2386","1863-2394"],"issn-type":[{"value":"1863-2386","type":"print"},{"value":"1863-2394","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,5,29]]},"assertion":[{"value":"3 August 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"13 January 2024","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"25 April 2024","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"29 May 2024","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}