Study Of Tamper Detection Technology Of Webpage Tamper-Proof

With the rapid development of Science and Technology, the Internet influence more and more in our life, web application is simple and convenient, timeliness, and brings great convenience to the user. But the harm of network security events emerge in an endless stream, the most common events are website unauthorized tampering. If a formal government website of the users trust has been illegally tampered, spreading false earthquake information, the reactionary information and so on, will make very bad impact in the economy, politics and society. And eliminate the tampered webpage file flow only through,the web website managers to make artificial regulation is not enough, the website tamper-proof system is very necessary.Webpage tamper is an attacker’s adding, deleting and changing webpage files from the various levels after got the permission. Now the theoretical techniques of tampering detection are mainly the following three categories:(1)Cyclic query technique, the technique uses a webpage detection program to read the webpage which should be monitored in a cyclic query mode and compared with the real webpage to judge the integrity of webpage’s content.(2)The core of embedded technology, this technique using the support of the web server software for function expansion, embedded the tampering detection module into the web server software, it checks each webpage’s plausibility when a webpage outflows to prevent the outflow of the site has been tampered, and gives alarm and recovery.(3)File filter driver technology, the technology uses the intercepted ability of file operation request of the operating system’s file filter driver,checks the lawfulness of the operation when the webpage file is modified and alarming for illegal operation and recovery.In this paper, the existing webpage anti tampering system were learned, embedded technology cyclic query technology and driving technology are the tamper detection technology with studied mainly. We achieved the three major tamper detection technology on the windows operation system and apache platform and carried out the improvements of its performance:the cyclic query technology through the introduction of the cyclic query table is no longer blind polling, but the criteria of cyclic query; the digital watermarking files makes the rate of watermark comparison greatly enhanced when the files stored from traditional database to memory; Using the file system filter driver is not only to protect the site files, but also transmits the change of legitimate website files to watermark table and cyclic query table in time and reduces the server’s load; We formed a perfect set of tamper detection system by using process communication to integrate the three kinds of tampering technology.Experiments show that for a variety of webpage tampered situation, webpage tamper-proof system can quickly and effectively detect. Meanwhile, the detection efficiency and safety has been greatly improved because of the above-described performance improvements described above without affecting the detection of quality.