Study On Hybrid Web Protection System Based On A Variety Of Defensive Technique

In recent years, with the Web application system increasing, more and more important information need to release through the Web platform. So, Web security becomes the most importanttopic for the current network information security. According to comting,90%of the outside Web access application, still accesses the Web server directly.On the other level, two-thirds Web servers can be attacked,and hackers can control and ruin servereasily. At present, the mainstreamattack methods of the Web system for hackers are:tampering with the webpage, SQL injection and XSS cross site scripting, etc.In this paper, the security problem of multiple Web defense technology is discussed and analysed. Based onprinciple and features of the mainstream Web attack technology, we design and realize Web protection system based on a variety of defense technology.The Web protection System are developedbased on the existing domestic mainstream tamper-proof technology, and it can make up the disadvantages of traditional tamper-proof technology.(1)We adopt the filter driver technology to monitor the backup Web.theillegal behavior tobackup Web directory, such as illegal uploading,write documents, CMD_Shell, will be restricted and filtered. This mechanism can improve the common tamper-proof technology in the backup Web security.(2) We replace traditional prevent tampering with digital watermarking recovery technology by using event trigger mechanism, through the event trigger mechanism found that Internet access user to release directory operation behavior. For the legal behavior such as image upload to release, for illegal behavior direct block and delete. For publishing Web update is mainly through the backup directory for one-way synchronization to release directory mode.(3)We will focus on the SQL statement to conduct in-depth analysis, and to understand the characteristics and attack mode. Different from the traditional anti SQL injection by hardware way, we mainly for the ISAPI filter (Internet Server Application Programming Interface) was studied, using ISAPI filters to defense such as SQL, XSS type application layer attacks, improve data packet filtering efficiency.