Implementation of Web Defacement Detection Technique

Websites are no longer merely about having an “Internet presence” today, but are also used for commercial transactions and to transfer sensitive data like personal information, credit card number, etc. This rapid proliferation of website has also spawned new threat to business and other organizations. Hackers are developing new techniques to deface website and steal the data from Web server. One kind of such attack on website is Website defacement attack. The term ‘Website defacement’ refers to unauthorized change of the content made either on a single web page (usually default web page) or on entire web site. The content of a defaced web page may be partially changed or it may be fully replaced by another page. Detection of website defacement automatically is very difficult because today web pages are highly dynamic and their degree of dynamism may vary widely across different pages. This paper proposes a hash code based web defacement detection mechanism. The proposed system includes the development of a module for an Apache web server for defacement detection in web pages, and configured it so that defaced web page should not be served by web server to the legitimate user. The proposed system prevents the legitimate user from accessing defaced web pages.