Abstract
Web site defacement is one of the most common attacks on the Internet, the most vulnerable being those of critical government organizations such as banking and finance, oil and gas, and emergency services. In this context, website defacement is the malicious act of modifying its contents with offending data aimed at making the intrusion evident to a visitor. The defacement of an organization’s website misleads users with wrong information and can cause potential damage until the unauthorized change is noticed by the Web administrator. A wide variety of motives may exist for hackers to hack a Web server and modify the hosted website contents but it is probably safe to assume that in all cases the content provider would not prefer to present tampered content to the browsing world. Although implementation of security management policies and usage of Web security tools can avoid this kind of embarrassment, the complexity in current systems often exposes that loopholes exist. A good information protection policy addresses protection, detection of security breach, and immediate reaction to such cyberattack. This paper proposes a software system that utilizes operating systems’ kernel feature for file system monitoring to detect changes (add, delete, modify) and the system is combined with a secure hardware component called the trusted platform module (TPM) for authenticating modifications to dynamic and active website contents. The initial testing result shows that our system is effective in detecting changes and is able to classify file modification operations performed by the Web administrator and hacker without a false-positive error quotient.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Goldstein, M., Kaufman, A.: Introduction to Ethical Hacking Version 1.21, Revision 1.00 (2011)
Parno, B., McCune, J.M., Perrig, A.: Bootstrapping Trust in Modern Computers. Springer, New York (2011)
Trusted Computing Group: Trusted Platform Module Main Specification. Version 1.2, Revision 116 (2011)
Wright, T., (Ipswich), Tedeschi, N., (Ipswich): Server computing for guaranteeing files integrity. United States Patent US7, 685,425 B1, 23 March 2010
Kanti, T., Richariya, V., Richriya, V.: Implementation of an efficient web defacement detection technique and spotting exact defacement location using diff algorithm. Int. J. Emerg. Technol. Adv. Eng. 2 (2012)
Smith, S.W.: Kernel Feature for File System Monitoring (2010)
Challener, D., et al.: A Practice Guide to Trusted Computing. IBM press, Upper Saddle River (2008)
Prevent Web Site Defacement-Dr. Yona Hollander, Internet Security Advisor November/December 2004
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer Science+Business Media Singapore
About this paper
Cite this paper
Viswanathan, N., Arun Mishra (2016). Dynamic Monitoring of Website Content and Alerting Defacement Using Trusted Platform Module. In: Shetty, N., Prasad, N., Nalini, N. (eds) Emerging Research in Computing, Information, Communication and Applications . Springer, Singapore. https://doi.org/10.1007/978-981-10-0287-8_11
Download citation
DOI: https://doi.org/10.1007/978-981-10-0287-8_11
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-0286-1
Online ISBN: 978-981-10-0287-8
eBook Packages: EngineeringEngineering (R0)