Research On Multi-level Website Security System

The rapid development of network and dramatic increase of Netizens, and the growing informationization of daily life,make the website to dominate an essential role in the Internet life, being an important carrier of information. Website is playing important role in enriching people's life. Meanwhile, the attacks towards the website start to be active, which brings to website a great security risk. Website security issues have spawned a variety of protective measures and products that play an important role in safeguarding the website security. However, various common security measures and products only concern with one level of the problem, while the website security is a multi-level problem, and lack of any level of protection will lead to the successful capture of the website. This paper, aiming at the fact that single website security protection is not able to solve the current website security problem, does research on a multi-level website security protection system.The paper, firstly doing a general introduction for the current situation and research status of the website security, makes analysis of the advantages and disadvantages of the common security protection, and thus puts forwards the research content of this paper: research on the multi-level website security protection system. Then the paper makes an exploration of the website security involved in this paper, which includes the injection attacks, cross site script attack(XSS), tamper-resistant technology, WebShell etc. In the third part it focuses on the introduction of multi-level website security system and also the design and implementation of the system. Firstly it makes the overall design of the multi-level website security protection system, including the anti-injection/anti-XSS attack system, website tamper-resistant system, WebShell and the special folders (special files) detection system, and then gives a detailed account of each part:(1) Anti-injection/anti-XSS attack system mainly used to solve such problems as SQL injection attacks, cross site scripting attacks etc, and thus to prevent the attackers from employing such kinds of attacks to obtain authority of administrator even the system. And it can also stop the attacks on the client user, Meanwhile, for more subtle and flexible for cookie injection attack, the system can timely detect and analyze the cookie data to guarantee that malicious code not be passed to the Web server, thereby protecting the normal operation of website. (2) The main function of the tamper-resistant level is to ensure the files in a website directory not be tampered unauthorizedly. It adopts the technology of File Filter Driver to make the block analysis in kernel mode of the file reading and writing operation request, under the conditions of specified detection directory, specified detection file type, and specified operating authority. If the strategy does not meet the requirement, it will immediately reject the request of IRP to realize the purpose of tamper-resistant. Furthermore, the tamper-resistant system in this paper realizes function of active analysis and block of the written file, so as to prevent the malicious file from being written into website directory.(3) The website background Trojan WebShell files and special folders (special file) detection system, is mainly employed to make detection of the website WebShell files to prevent the control of background Trojan to website and system. And it also monitors some special folders, special file (in the name of windows equipment),so as to clear the hiding place of Webshell Trojans and advertising links. The combination of these two detection methods can guarantee no-Trojans of website directory files. Finally, in the fourth part of this paper it verify the multi-level protection system through experiments. The experimental results show that the system in this paper can achieve the sound protection against the common website attacks, and the interaction of multiple levels can give a general protection effects on website security.