Website defacement detection techniques

Posted on October 14, 2009 in Research • Tagged with defacement, detection, website monitoring • 4 min read

Table of Contents

1. Website defacement
2. Anomaly detection systems
2.1 Checksum comparison
2.2 Diff comparison
2.3 DOM tree analysis
2.4 Complex algorithms
3. Signature detection
4. Thresholds and worst cases

1. Website defacement

A website defacement is the unauthorized substitution of a web page or a part of it by a system cracker. A defacement is generally meant as a kind of electronic graffiti, although recently it has become a means to spread messages by politically motivated cyber protesters or hacktivists.
This is a very common form of attack that seriously damages the trust and …

Continue reading