Download PDFOpen PDF in browserThe System to Monitor and Notifications Against Web Defacement AttacksEasyChair Preprint 131126 pages•Date: April 27, 2024AbstractThis article aims to study, monitor, and detect the characteristics of threats posed by website defacement attacks, specifically focusing on patterns of webpage alterations. The methodology involves utilizing web scraping techniques to extract webpage source code for comparative analysis. A custom analysis tool, developed using Python, is employed to compare source code data before and during monitoring. The targeted websites for testing include WordPress, web frameworks, and Bootstrap templates. The tool collects webpage data from registered URL links upon execution, encrypts it using SHA1 and MD5 algorithms for data integrity, and analyzes any discrepancies in source code to determine severity levels. Severity levels range from 100-90% indicating significant alterations, 90-60% implying substantial changes, 60-20% suggesting serious modifications, and less than 20% indicating minor adjustments warranting monitoring and verification. Severity levels fluctuate based on the percentage of altered source code. Upon detecting distorted data compared to the original, the tool sends notification alerts via LINE application within 15 seconds for website administrators to review and rectify. Historical records of monitoring activities are maintained for retrospective investigation, specifically focusing on defacement attacks. The article outlines testing procedures, including a 24-hour monitoring simulation and creation of threat scenario models ranging from content modification to website defacement attacks. Performance evaluation utilizes confusion matrix principles, with measurements including True Positive (TP), True Negative (TN), False Positive (FP), and False Negative. Researchers expect accuracy values to exceed 90% for successful performance assessment Keyphrases: monitor, scenario, source code, web defacement, website
|