(IJCSIS) International Journal of Computer Science and Information Security,Vol. 11, No. 6, June 2013
An Approach to Reveal Website Defacement
Rajiv Kumar Gurjwar
Computer Science EngineeringDepartmentMANIT, Bhopal (M.P.), INDIA
Divya Rishi SahuComputer Science EngineeringDepartmentMANIT, Bhopal (M.P.), INDIADeepak Singh Tomar Computer Science EngineeringDepartmentMANIT, Bhopal (M.P.), INDIA
Due to ad-hoc nature of web application developmentand design complexity of web application, it is difficult to attainfool proof web security. In recent years invaders defaced severalweb sites by projecting techniques such as phishing, codeinjection etc. In the web defacement attack the invader changesthe visual appearance of the webpage. The business competitor,Insurgent and extremist groups defame the reputation of theorganizations and mislead public through these types of attacks.Manual monitoring and scrutinizing these attacks on web sites isa time consuming and tedious task for law enforcement agencies.Hence there is a need to develop a system which effectivelymonitors the content of web sites and automatically generatealarm for any suspicious or threatening activity. In this work aprototype system is developed to scrutinize and detects thedefacement activities automatically. At first phase web contentsare preprocessed and stored in the web domain dictionary.Second phase checked integrity of web contents through CRC32,MD5, SHA 512, PSNR and SSIM techniques. The developedsystem successfully scrutinizes the web defacement attacks and itwould be helpful for web administrator to monitor the webdefacement attacks.
Keywords-web security; website defacement; internet security
Websites are prone to be attacked by campaign hackers because of complexity in achieving full proof security duringdesigning phase of a web site. The targets are mainlygovernment websites, official agencies and trade groups.Attacks on websites cover malicious activities such as phishing, code injection , Website Defacement and many more. Inwhich
is an exploitation of the techniquesto alter the content of web pages by suspicious user. In this theattacker defaces the reputation of an organization by modifyingthe content of home page. Recently several such attacks onwebsites are encountered in which text content and web imagesof reputed organizations are altered to spoil their reputationLoop holes such as less protection, improper configurationof web pages, providing weak passwords and availing access of web page contents to all users with full privilege leads to webdefacement attacks.Web defacement can be broadly categorized into TextDefacement and Image Defacement. For the detection of textdefacement ample of work has been done using numerous textintegrity techniques, whereas web image defacement is a newresearch field. In this work main emphasis is given on detectingwebsite defacement in context of web images using
CRC 32checksum, hashing, and PSNR & SSIM techniques [3, 4].Experimental evaluation is done to determine accuracy of the proposed work.This paper is organized as follows: Section 2 states recentwebsite defacement incidences. In section 3 set of techniquesthat have been explored in detection of website defacement arereviewed. Section 4 describes detailed architecture of developed prototype system. Section 5 defines experimentalsetup including experimental dataset for result evaluation.Section 6 discusses the evaluation of methods.II.
DEFACEMENTThe researchers, security experts and law enforcementagencies had pointed out various web defacement cases:Recently, Chinese websites has been defaced inAnonymous attack . In this defacement the Anonymoushacking group claims to have defaced almost 500 websites inChina. Targets hit in the mass defacement included governmentsites, its official agencies, trade groups and many others. Amessage put on the hacked sites said the attack was carried outto protest against the Chinese government's strict control of itscitizens.
A group of purportedly Gazan hackers defaced Israel’s Fire
and Rescue Services website  on January 13, 2012. Theyadded a "death to Israel" message to the website and modified a picture of
Israel’s Deputy Fo
reign Minister, and superimposingfoot prints over his face.Two Government website of Department of Transportationand Communication Philippines were defaced by TurkishHackers , October 8, 2012. Hack was meant to protest rightsviolations.The law enforcement agencies are trying their best to catchsuch cases. Manual monitoring and scrutinizing these attackson website is still a hectic and time consuming task. Hencethere is a need to develop a system which effectively monitorsthe content of web sites and automatically generate an alarm toreveal any suspicious or threatening activity.