The emergence of intelligent and sophisticated attack techniques makes web services more vulnerable than ever which are becoming an important business tool in e-commerce. Many techniques have been proposed to remove the security vulnerabilities, yet have limitations. This paper proposes an adaptive mechanism for a web-server intrusion-tolerant system (WITS) to prevent unknown patterns of attacks by adapting known attack patterns. SYN flooding attacks and their adaptive defense mechanisms are simulated as a case study to evaluate the performance of the proposed adaptation mechanism.