Certificate: View Certificate
Published Paper PDF: View PDF
Confirmation Letter: View
DOI: https://doi.org/10.63345/ijre.v10.i2.1
Ishu Anand Jaiswal
University of the Cumberlands College
Station Drive, Williamsburg, KY 40769 United States
Abstract— Representational State Transfer (REST) APIs are essential to modern web services to support the communication between distributed applications, cloud systems, mobile devices, and Internet of Things (IoT) systems. Ecosystems that grow due to the use of API also present organizations with more problems concerning scalability, malicious traffic, and distributed denial-of-service (DDoS) attacks. Older rate-limiting mechanisms (e.g. per-user quota on request counts or IP address) tend to be inadequate in dynamic environments where legitimate traffic patterns vary, and attackers can take advantage of known security measures. In turn, this creates an increasing necessity of smart, versatile security automatisms that can actively control the access to APIs and at the same time, achieve optimal performance.
The development of artificial intelligence (AI) and machine learning approaches can offer solutions to increase API security by using a rate-limiting framework that is adaptive. With the help of real-time traffic patterns, user behavior, and anomaly signals analysis, AI-driven systems may dynamically tune rate-limit limits, discriminate legitimate and malicious traffic, and avoid service degradation without negatively affecting real users. These smart rate-limiting tools can allow safe, resistant, and high-performing API infrastructures that are appropriate to current microservice applications and cloud-native programmes.
The study examines how to create and deploy AI-based adaptive rate-limiting on API endpoints. The proposed solution combines machine learning-based anomaly detector with dynamic throttling of request mechanisms to enhance both the performance and security. The framework compares the frequency of requests, user authentication trends, API endpoints utilization, and behavioural patterns to identify the abnormal traffic trends. The system also implements throttling policies and limits the rate when suspicious activity is detected in real time.
The researcher used hybrid methodology based on system architecture design, traffic simulation experimental and performance evaluation metrics. The prototype environment is provided based on the usage of RESTful microservices deployed to a cloud-based environment. The algorithms of machine learning are employed to simulate the normal traffic behavior and identify anomalies. Measures of the effectiveness of the proposed framework are performance indicators such as response time, request throughput, detection rates of false positives, and utilization of system resources.
Through experimentation, it has been demonstrated that the AI-based adaptive rate limiting has been shown to dramatically improve API security and performance at varying workloads. The proposed solution is more effective at preventing malicious requests penetration, enhancing resource use efficiency, and reducing the level of disruption to legitimate users, compared to conventional fixed-threshold rate-limiting systems. Furthermore, the adaptive learning mechanisms will make the system adapt to the evolving trends of traffic and attack patterns.
The findings indicate that artificial intelligence application in the API rate-limiting plans offers a scalable and smart security system in digital infrastructures of the present day. The research is relevant in the creation of the next generation API protection mechanisms that can balance between security enforcement and service provision in the large scale cloud environments.
Keywords
Artificial Intelligence, Adaptive Rate Limiting, REST APIs, API Security, Machine Learning, Anomaly Detection, Distributed Systems, Microservices Architecture, Cloud Computing, Traffic Analysis
References
- Fielding, R. T. (2000). Architectural styles and the design of network-based software architectures (Doctoral dissertation, University of California, Irvine).
https://www.ics.uci.edu/~fielding/pubs/dissertation/top.htm - Jacobson, V., Nichols, K., & Poduri, K. (1999). An expedited forwarding PHB. Internet Engineering Task Force (IETF RFC 2598).
https://doi.org/10.17487/RFC2598 - Al-Rawi, M., Wahsheh, H., & Binsalleeh, H. (2019). Detecting distributed denial-of-service attacks using machine learning techniques. Journal of Information Security and Applications, 46, 136–148.
https://doi.org/10.1016/j.jisa.2019.03.003 - Sommer, R., & Paxson, V. (2010). Outside the closed world: On using machine learning for network intrusion detection. IEEE Symposium on Security and Privacy, 305–316.
https://doi.org/10.1109/SP.2010.25 - Buczak, A. L., & Guven, E. (2016). A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications Surveys & Tutorials, 18(2), 1153–1176.
https://doi.org/10.1109/COMST.2015.2494502 - Yu, S., Zhou, W., Doss, R., & Jia, W. (2013). Traceback of DDoS attacks using entropy variations. IEEE Transactions on Parallel and Distributed Systems, 22(3), 412–425.
https://doi.org/10.1109/TPDS.2010.169 - Chandola, V., Banerjee, A., & Kumar, V. (2009). Anomaly detection: A survey. ACM Computing Surveys, 41(3), 1–58.
https://doi.org/10.1145/1541880.1541882 - Ahmed, M., Mahmood, A. N., & Hu, J. (2016). A survey of network anomaly detection techniques. Journal of Network and Computer Applications, 60, 19–31.
https://doi.org/10.1016/j.jnca.2015.11.016 - Breiman, L. (2001). Random forests. Machine Learning, 45(1), 5–32.
https://doi.org/10.1023/A:1010933404324 - Chen, T., & Guestrin, C. (2016). XGBoost: A scalable tree boosting system. Proceedings of the ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, 785–794.
https://doi.org/10.1145/2939672.2939785 - Kreutz, D., Ramos, F. M., Verissimo, P., Rothenberg, C., Azodolmolky, S., & Uhlig, S. (2015). Software-defined networking: A comprehensive survey. Proceedings of the IEEE, 103(1), 14–76.
https://doi.org/10.1109/JPROC.2014.2371999 - Pahl, C. (2015). Containerization and the PaaS cloud. IEEE Cloud Computing, 2(3), 24–31.
https://doi.org/10.1109/MCC.2015.51 - Newman, S. (2015). Building microservices: Designing fine-grained systems. O’Reilly Media.
- Richardson, L., & Ruby, S. (2007). RESTful web services. O’Reilly Media.
- Goodfellow, I., Bengio, Y., & Courville, A. (2016). Deep learning. MIT Press.
https://www.deeplearningbook.org - Kim, G., Lee, S., & Kim, S. (2014). A novel hybrid intrusion detection method integrating anomaly detection with misuse detection. Expert Systems with Applications, 41(4), 1690–1700.
https://doi.org/10.1016/j.eswa.2013.08.066 - Shone, N., Ngoc, T. N., Phai, V. D., & Shi, Q. (2018). A deep learning approach to network intrusion detection. IEEE Transactions on Emerging Topics in Computational Intelligence, 2(1), 41–50.
https://doi.org/10.1109/TETCI.2017.2772792 - Sculley, D., Holt, G., Golovin, D., Davydov, E., Phillips, T., Ebner, D., … Young, M. (2015). Hidden technical debt in machine learning systems. Advances in Neural Information Processing Systems (NeurIPS), 2503–2511.
https://proceedings.neurips.cc/paper/2015/hash/86df7dcfd896fcaf2674f757a2463eba-Abstract.html