research-article

A Website Defacement Detection Method Based on Machine Learning Techniques

Author:

Xuan Dau HoangAuthors Info & Claims

SoICT '18: Proceedings of the 9th International Symposium on Information and Communication Technology

Pages 443 - 448

https://doi.org/10.1145/3287921.3287975

Published: 06 December 2018 Publication History

Get Access

Abstract

Website defacement attacks have been one of major threats to websites and web portals of private and public organizations. The attacks can cause serious consequences to website owners, including interrupting the website operations and damaging the owner's reputation, which may lead to big financial losses. A number of techniques have been proposed for website defacement monitoring and detection, such as checksum comparison, diff comparison, DOM tree analysis and complex algorithms. However, some of them only work on static web pages and the others require extensive computational resources. In this paper, we propose a machine learning-based method for website defacement detection. In our method, machine learning techniques are used to build classifiers (detection profile) for page classification into either Normal or Attacked class. As the detection profile can be learned from training data, our method can work well for both static and dynamic web pages. Experimental results show that our approach achieves high detection accuracy of over 93% and low false positive rate of less than 1%. In addition, our method does not require extensive computational resources, so it is practical for online deployment.

References

[1]

Digistar.vn. 2018. What is web defacement attack and defensive measures, https://www.digistar.vn/tan-cong-giao-dien-deface-la-gi-va-cach-khac-phuc/, last accessed 2018/06/20.

Google Scholar

[2]

M. Romagna, N.J. van den Hout. 2017. Hacktivism and Website Defacement: Motivations, Capabilities and Potential Threats. In: 27th Virus Bulletin International Conference, Vol. 1, Madrid, Spain, 2017.

Google Scholar

[3]

Wang Wei. 2018. Rise in website Defacement attacks by Hackers around the World, https://thehackernews.com/2013/11/rise-in-website-defacement-attacks-by.html, last accessed 2018/06/20.

Google Scholar

[4]

VNCS. 2018. VNCS -- Central website monitoring solution, http://vncs.vn/portfolio/giai-phap-giam-sat-websites-tap-trung, last accessed 2018/06/20.

Google Scholar

[5]

Nagios. 2018. Nagios Web Application Monitoring Software, https://www.nagios.com/solutions/web-application-monitoring/, last accessed 2018/06/20.

Google Scholar

[6]

W. Kim, J. Lee, E. Park, S. Kim. 2006. Advanced Mechanism for Reducing False Alarm Rate in Web Page Defacement Detection. National Security Research Institute, Korea, 2006.

Google Scholar

[7]

E. Medvet, C. Fillonand and A. Bartoli. 2007. Detection of Web Defacements by means of Genetic Programming. In: IAS 2007 -- Manchester, UK (2007).

Digital Library

Google Scholar

[8]

G. Davanzo, E. Medvet and A. Bartoli. 2008. A Comparative Study of Anomaly Detection Techniques in Web Site Defacement Detection. In SEC-2008: Proceedings of The IFIP TC 11 23rd International Information Security Conference, pp.711--716 (2008).

Google Scholar

[9]

A. Bartoli, G. Davanzo and E. Medvet. 2010. A Framework for Large-Scale Detection of Web Site Defacements. ACM Transactions on Internet Technology, Vol.10, No.3, Article 10 (2010).

Digital Library

Google Scholar

[10]

G. Davanzo, E. Medvet and A. Bartoli. 2011. Anomaly detection techniques for a web defacement monitoring service. Journal of Expert Systems with Applications, 38 (2011) 12521--12530, Elsevier (2011).

Digital Library

Google Scholar

[11]

K. Borgolte, C. Kruegel and G. Vigna. 2015. Meerkat: Detecting Website Defacements through Image-based Object Recognition. In: Proceedings of the 24th USENIX Security Symposium (USENLX Security) (2015).

Digital Library

Google Scholar

[12]

Zone-H. 2018. http://zone-h.org, last accessed 2018/06/20.

Google Scholar

[13]

Weka. 2018. https://www.cs.waikato.ac.nz/ml/weka/, last accessed 2018/06/20.

Google Scholar

Cited By

View all

Dadiyala CMotwani RSingh NPatekar RLawate PKhandelwal A(2024)Enhancing Web Monitoring: An Open-Source Solution for Real-Time Detection and Alerts2024 Third International Conference on Intelligent Techniques in Control, Optimization and Signal Processing (INCOS)10.1109/INCOS59338.2024.10527584(1-6)Online publication date: 14-Mar-2024
https://doi.org/10.1109/INCOS59338.2024.10527584
Albalawi NAlamrani NAloufi RAlbalawi MAljaedi AAlharbi A(2023)The Reality of Internet Infrastructure and Services Defacement: A Second Look at Characterizing Web-Based VulnerabilitiesElectronics10.3390/electronics1212266412:12(2664)Online publication date: 14-Jun-2023
https://doi.org/10.3390/electronics12122664
Kumar ASharma I(2023)Performance Evaluation of Machine Learning Algorithms for Website Defacement Attack Detection2023 International Conference on Smart Systems for applications in Electrical Sciences (ICSSES)10.1109/ICSSES58299.2023.10201194(1-6)Online publication date: 7-Jul-2023
https://doi.org/10.1109/ICSSES58299.2023.10201194
Show More Cited By

Index Terms

A Website Defacement Detection Method Based on Machine Learning Techniques
1. Security and privacy
  1. Software and application security
    1. Web application security

Recommendations

Website Defacements Detection Based on Support Vector Machine Classification Method
ICCDE '18: Proceedings of the 2018 International Conference on Computing and Data Engineering

Website defacements can inflict significant harm on the website owner through the loss of reputation, the loss of money, or the leakage of information. Due to the complexity and diversity of all kinds of web application systems, especially a lack of ...
A Multi-layer Model for Website Defacement Detection
SoICT '19: Proceedings of the 10th International Symposium on Information and Communication Technology

Website defacements have long been considered one of major threats to websites and web portals of enterprises and government organizations. Defacement attacks can bring in serious consequences to website owners, including immediate interruption of ...
Investigating Web Defacement Campaigns at Large
ASIACCS '18: Proceedings of the 2018 on Asia Conference on Computer and Communications Security

Website defacement is the practice of altering the web pages of a website after its compromise. The altered pages, calleddeface pages, can negatively affect the reputation and business of the victim site. Previous research has focused primarily on ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

SoICT '18: Proceedings of the 9th International Symposium on Information and Communication Technology

December 2018

496 pages

ISBN:9781450365390

DOI:10.1145/3287921

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

SOICT: School of Information and Communication Technology - HUST
NAFOSTED: The National Foundation for Science and Technology Development

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 December 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

Ministry of Science and Technology, Vietnam

Conference

SoICT 2018

SoICT 2018: The Ninth International Symposium on Information and Communication Technology

December 6 - 7, 2018

Danang City, Viet Nam

Acceptance Rates

Overall Acceptance Rate 147 of 318 submissions, 46%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

11
Total Citations
View Citations
219
Total Downloads

Downloads (Last 12 months)29
Downloads (Last 6 weeks)0

Reflects downloads up to 21 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Dadiyala CMotwani RSingh NPatekar RLawate PKhandelwal A(2024)Enhancing Web Monitoring: An Open-Source Solution for Real-Time Detection and Alerts2024 Third International Conference on Intelligent Techniques in Control, Optimization and Signal Processing (INCOS)10.1109/INCOS59338.2024.10527584(1-6)Online publication date: 14-Mar-2024
https://doi.org/10.1109/INCOS59338.2024.10527584
Albalawi NAlamrani NAloufi RAlbalawi MAljaedi AAlharbi A(2023)The Reality of Internet Infrastructure and Services Defacement: A Second Look at Characterizing Web-Based VulnerabilitiesElectronics10.3390/electronics1212266412:12(2664)Online publication date: 14-Jun-2023
https://doi.org/10.3390/electronics12122664
Kumar ASharma I(2023)Performance Evaluation of Machine Learning Algorithms for Website Defacement Attack Detection2023 International Conference on Smart Systems for applications in Electrical Sciences (ICSSES)10.1109/ICSSES58299.2023.10201194(1-6)Online publication date: 7-Jul-2023
https://doi.org/10.1109/ICSSES58299.2023.10201194
Rendón-Segador FÁlvarez-García JVarela-Vaca A(2023)Paying attention to cyber-attacksComputers and Security10.1016/j.cose.2023.103318132:COnline publication date: 1-Sep-2023
https://dl.acm.org/doi/10.1016/j.cose.2023.103318
Albalawi MAloufi RAlamrani NAlbalawi NAljaedi AAlharbi A(2022)Website Defacement Detection and Monitoring Methods: A ReviewElectronics10.3390/electronics1121357311:21(3573)Online publication date: 1-Nov-2022
https://doi.org/10.3390/electronics11213573
Seyyar YYavuz AUnver H(2022)An Attack Detection Framework Based on BERT and Deep LearningIEEE Access10.1109/ACCESS.2022.318574810(68633-68644)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3185748
Odeh AKeshta IAbdelfattah E(2021)Machine LearningTechniquesfor Detection of Website Phishing: A Review for Promises and Challenges2021 IEEE 11th Annual Computing and Communication Workshop and Conference (CCWC)10.1109/CCWC51732.2021.9375997(0813-0818)Online publication date: 27-Jan-2021
https://doi.org/10.1109/CCWC51732.2021.9375997
Elyashar AUziel SParadise APuzis R(2020)The Chameleon Attack: Manipulating Content Display in Online Social MediaProceedings of The Web Conference 202010.1145/3366423.3380165(848-859)Online publication date: 20-Apr-2020
https://dl.acm.org/doi/10.1145/3366423.3380165
Aslam MYe DHanif MAsad M(2020)Adaptive Machine learning: A Framework for Active Malware Detection2020 16th International Conference on Mobility, Sensing and Networking (MSN)10.1109/MSN50589.2020.00025(57-64)Online publication date: Dec-2020
https://doi.org/10.1109/MSN50589.2020.00025
Martinez Santander CMoreno HHernandez Alvarez M(2020)The evolution from Traditional to Intelligent Web Security: Systematic Literature Review2020 International Symposium on Networks, Computers and Communications (ISNCC)10.1109/ISNCC49221.2020.9297240(1-9)Online publication date: 20-Oct-2020
https://doi.org/10.1109/ISNCC49221.2020.9297240
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Website Defacements Detection Based on Support Vector Machine Classification Method

A Multi-layer Model for Website Defacement Detection

Investigating Web Defacement Campaigns at Large