Next Article in Journal
Homogenous Granulation and Its Epsilon Variant
Previous Article in Journal
Security Pattern for Cloud SaaS: From System and Data Security to Privacy Case Study in AWS and Azure
Article Menu

Export Article

Open AccessArticle

Detecting Website Defacements Based on Machine Learning Techniques and Attack Signatures

Posts and Telecommunications Institute of Technology, Hanoi 100000, Vietnam
*
Author to whom correspondence should be addressed.
Computers 2019, 8(2), 35; https://doi.org/10.3390/computers8020035
Received: 23 February 2019 / Revised: 4 May 2019 / Accepted: 7 May 2019 / Published: 8 May 2019
  |  
PDF [1946 KB, uploaded 8 May 2019]
  |  

Abstract

Defacement attacks have long been considered one of prime threats to websites and web applications of companies, enterprises, and government organizations. Defacement attacks can bring serious consequences to owners of websites, including immediate interruption of website operations and damage of the owner reputation, which may result in huge financial losses. Many solutions have been researched and deployed for monitoring and detection of website defacement attacks, such as those based on checksum comparison, diff comparison, DOM tree analysis, and complicated algorithms. However, some solutions only work on static websites and others demand extensive computing resources. This paper proposes a hybrid defacement detection model based on the combination of the machine learning-based detection and the signature-based detection. The machine learning-based detection first constructs a detection profile using training data of both normal and defaced web pages. Then, it uses the profile to classify monitored web pages into either normal or attacked. The machine learning-based component can effectively detect defacements for both static pages and dynamic pages. On the other hand, the signature-based detection is used to boost the model’s processing performance for common types of defacements. Extensive experiments show that our model produces an overall accuracy of more than 99.26% and a false positive rate of about 0.27%. Moreover, our model is suitable for implementation of a real-time website defacement monitoring system because it does not demand extensive computing resources. View Full-Text
Keywords: defacement attacks of websites; defacement monitoring and detection; anomaly-based defacement detection; signature-based defacement detection; machine learning-based defacement detection defacement attacks of websites; defacement monitoring and detection; anomaly-based defacement detection; signature-based defacement detection; machine learning-based defacement detection
Figures

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).
SciFeed

Share & Cite This Article

MDPI and ACS Style

Hoang, X.D.; Nguyen, N.T. Detecting Website Defacements Based on Machine Learning Techniques and Attack Signatures. Computers 2019, 8, 35.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics

1

Comments

[Return to top]
Computers EISSN 2073-431X Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top