| With the continuous increase of internet users, the internet plays an increasinglyimportant role in China’s political, economic, cultural and social life. Because of theinternet’s growing influence and rising status, it becomes more and more important tomaintain network security. According to the recently reports of CERNET/CC, websitetamper events frequently happened in our country. This type of network security issueis at the top of all. If a website is tampered and doesn’t be recovered in time, it maybring negative impact on the society. How to ensure the website’s security efficientlyhas become an important issue which is urgently needed to be solved. In view of thissituation, the website tamper-proof technology emerges and become more and moremature after developing.Given that the development and monitoring forms of most of the currenttamper-proof systems are too single. This paper presents a tamper-proof system whichis distributed deployment, centralized management and multi-layer protection. Theso-called centralized management means to deploy a monitoring client on everywebsite server which needs to be protected, and these clients will be managed by aseparate management server. This deployment method makes managing multiplewebsite servers become possible. Also the unified management approach provides theuser with the most convenient monitoring conditions. The multi-layer provides eachwebsite server a three-layer defense system of advance defense, real-time monitoringand intercept afterwards. Advance defense can effectively filter SQL injection attacksand XSS attacks. Real-time monitoring can monitor the changes of website files withmessage digest technology. Intercept afterwards can prevent tampering website pagesfrom being accessed by users with core embedded technology. Such three-layerdefense system can maximize the security of a website. After testing, the system hasreached the design goal: It can be a good defense against SQL injection attacks andXSS attacks. It can quickly respond and recover the website files once they change. Itcan prevent the tampering web pages from being accessed by users. And after thesystem is deployed, the website’s access speed only5.06%’s decrease. |
PDF Full Text Request