Design And Implementation Of Network Tamper Detection System

In the Internet age,information is circulating at a high speed.The website becomes an important access point for obtaining required data.As China gradually deepens the "Internet and government service",the government website has become an important window for the government to interact with the public,to provide services,to publicize national policies and guidelines,and to demonstrate national democratic politics.However,most government websites,especially the portal websites of county and municipal administrative units,lack the support of the local webpage anti-tampering system,which make them in high risk of being maliciously attacked.The tampering of web pages on the website will not only affect the normal operation of the website and cause certain economic losses,including political attacks and religious tampering,but also cause serious damage to the reputation and the credibility of the government.Mature and powerful tamper-proof products in the market generally aim at enterprises users,which is expensive for the government to afford.Therefore,it is necessary and meaningful to design and implement a tamper detection system designed for government websites with both economic applicability and practicality.This thesis focuses on the cheap tampering detection technique for the government website.Firstly,we conduct in-depth literature survey and technical analysis of different implementation methods,the pros and cons of the webpage tampering detection technology based on the local server and remote client of the website.On the basis,considering the security status of the government website,we focus on the abnormal tampering detection of webpage structure,the tampering detection of government website bulletin board,the detection of new pages and the detection method of hidden hyperlink attack based on machine learning.A reverse proxy-based webpage tampering detection system is then designed and realized,which can improve the tampering detection accuracy and efficiency,and provides a cost effective and promissing website security protection solution.The primary work mainly includes the following aspects:1.By analyzing the layout features and page variation characteristics of the government website,the dynamic update area of the webpage is located through the CSS selector.The tampering detection of web pages is divided into structural change detection,static area detection and content tampering detection based on announcement list.2.Firstly,the overall structure tampering detection of the webpage is realized.Secondly,for the dynamically updated webpage advertisement publishing area,a highly accurate tampering detection algorithm is proposed.And for the new pages in the announcement list,a hierarchical node weighting algorithm based on Myers' diff algorithm is investigated.3.For the problem of hidden hyperlink attacks that may be encountered in government websites,a machine learning-based hidden hyperlink detection method,which is shown to be superior to traditional hidden hyperlink detection technology.This method utilizes the malicious webpage analysis data set of the National Internet Emergency Center.By extracting features related to hidden hyperlink related structural features,anchor text features,domain name features and feature extensions are studied.Through the random forest and XGBoost algorithm,the classification model is trained to realize automatic identification and accurate detection of web pages embedded with hidden hyperlink.