CN108540466A - Based on webpage tamper monitoring and alarming system - Google Patents
Based on webpage tamper monitoring and alarming system Download PDFInfo
- Publication number
- CN108540466A CN108540466A CN201810277707.5A CN201810277707A CN108540466A CN 108540466 A CN108540466 A CN 108540466A CN 201810277707 A CN201810277707 A CN 201810277707A CN 108540466 A CN108540466 A CN 108540466A
- Authority
- CN
- China
- Prior art keywords
- monitoring
- module
- configuration
- field
- alarming system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention relates to technical field of network security, are based particularly on webpage tamper monitoring and alarming system.Monitoring configuration is flexible, and configuration webpage summary info field is set as basic version, and monitoring web network paths abstract fields compare field increase and decrease with basic version;Special web page summary info field can be also set simultaneously and carry out early warning.It is carried out accurately identifying whether webpage information is distorted according to configuration field, does not increase additional running equipment and operating cost, realize Cybersecurity Operation.It makes a phone call or SMS alarm prompt administrator checks whether the network operation is safe, and administrator's timely processing network distorts situation.Monitoring module configures multiple web network paths, realizes that multiple spot website monitors simultaneously.This system is run on the server of java virtual machines, and system suitability is stronger and operating cost reduces.
Description
Technical field
The present invention relates to technical field of network security, are based particularly on webpage tamper monitoring and alarming system.
Background technology
With the development of Internet technology, more and more criminals dislike normal website by Internet technology
Meaning Tampering attack is made a very bad impression with carrying out illegally publicity and financial swindling etc., has even more aggravated the negative of website maintenance personnel
Load.To mitigate the burden of maintenance personnel, network operation safety is improved.A kind of monitoring system of market in urgent need, to allow maintenance personnel
The case where webpage is tampered can be found in first time, handled with shortest time, harmful effect is preferably minimized.
Invention content
The present invention solves that the deficiencies in the prior art provide a kind of operational safety, being monitored based on webpage tamper for real time monitoring is reported
Alert system.
The technical solution adopted by the present invention to solve the technical problems is:
Based on webpage tamper monitoring and alarming system, it is characterised in that including monitoring module, timing module and alarm module, the prison
Control module, timing module and alarm module;
Monitoring module is the configuration of web network paths, monitoring abstract fields configuration, and web page digest information field is set as base edition
This, monitoring web network paths abstract fields compare field increase and decrease situation with basic version;
Timing module configures for monitoring frequency, by adjusting monitoring frequency cycle monitoring web network path abstract fields;
Alarm module be monitoring management person's phone number configuration, web network path abstract fields make a phone call when increasing or decreasing or
Sending short message prompt administrator checks abstract.
The monitoring module further includes the configuration of peak value the number of visiting people, and the number of visiting people is more than peak value the number of visiting people, passes through alarm
Module is made a phone call or sending short message prompt administrator verifies network and accesses situation.
Web network paths abstract fields are monitored in the monitoring module compares field increase and decrease situation with basic version,
Field comparison is unchanged, into next monitoring period;It makes a phone call when field increases or decreases or sending short message prompt administrator's core
To abstract.
Special web page summary info field is configured in the monitoring module, specific information field occurs in web network paths
It makes a phone call or sending short message prompt administrator checks abstract.
The server operation of the monitoring module, timing module and alarm module based on existing JAVA virtual machine.
The monitoring module configures multiple web network paths.
The monitoring frequency of the monitoring module configures 5-10min.
Described information field increase and decrease is compared by MD5 algorithms.
Beneficial effects of the present invention are:
1, monitoring configuration is flexible, and configuration webpage summary info field is set as basic version, monitoring web network paths abstract fields with
Basic version compares field increase and decrease;Special web page summary info field can be also set simultaneously and carry out early warning.
2, carried out accurately identifying whether webpage information is distorted according to configuration field, do not increase additional running equipment and operation at
This, realizes Cybersecurity Operation.
3, it makes a phone call or SMS alarm prompt administrator checks whether the network operation is safe, and administrator's timely processing network is usurped
Change situation.
4, monitoring module configures multiple web network paths, realizes that multiple spot website monitors simultaneously.
5, this system is run on the server of java virtual machines, and system suitability is stronger and operating cost reduces.
Description of the drawings
Fig. 1 is the system operation sequence diagram of the present invention.
Specific implementation mode
Based on webpage tamper monitoring and alarming system, including monitoring module, timing module and alarm module, the monitoring mould
Block, timing module and alarm module;
Monitoring module is the configuration of web network paths, monitoring abstract fields configuration, and web page digest information field is set as base edition
This, monitoring web network paths abstract fields compare field increase and decrease situation with basic version;
Timing module configures for monitoring frequency, by adjusting monitoring frequency cycle monitoring web network path abstract fields;
Alarm module be monitoring management person's phone number configuration, web network path abstract fields make a phone call when increasing or decreasing or
Sending short message prompt administrator checks abstract.
The monitoring module further includes the configuration of peak value the number of visiting people, and the number of visiting people is more than peak value the number of visiting people, passes through alarm
Module is made a phone call or sending short message prompt administrator verifies network and accesses situation.Multi objective monitoring is realized by monitoring access personnel,
It is further comprehensive to promote network operation safety.
Web network paths abstract fields are monitored in the monitoring module compares field increase and decrease situation with basic version,
Field comparison is unchanged, into next monitoring period;It makes a phone call when field increases or decreases or sending short message prompt administrator's core
To abstract.Setting network field basis version mode checks malice and distorts mode.
Special web page summary info field is configured in the monitoring module, specific information field occurs in web network paths
It makes a phone call or sending short message prompt administrator checks abstract.Set illegal specific information field monitoring, violation or sensitive field.
The server operation of the monitoring module, timing module and alarm module based on existing JAVA virtual machine.
The monitoring module configures multiple web network paths.The monitoring frequency of the monitoring module configures 5-10min, and
When early warning distort situation, distort situation conducive to administrator's timely processing within 5-10 minutes, prevent from distorting and endanger network security.
Network Security Monitor System of this system based on java language developments can directly run on existing java virtual machines.
It is applied widely.Described information field increase and decrease is compared by MD5 algorithms, specific implementation monitoring configuration:
Configure the addresses webpage URL to be monitored;
The field monitored and access personnel are needed in configuration monitoring webpage;
Configure webmaster's cell-phone number;
Configuration monitoring frequency.
This system automatically generates timer according to the monitored item configured, according to monitoring frequency timing request web page monitored
URL, is verified and the content to be filtered out according to the overanxious item of configuration, and result life will be obtained according to MD5 general-purpose algorithms
At summary info and it is recorded as basic version.Every time obtain request results followed by basic version compared, if result one
Cause then returns to FALSE, it is believed that does not distort, returns to TRUE if result is inconsistent, it is believed that distort.If distorting comparison knot
Fruit is TRUE, then the webmaster configured in being configured to monitoring that sends short messages carries out manual handle.
Illustrate the embodiment of this system by taking the folk prescription website of monitoring as an example:
Monitoring configuration:Configure the webpage URL address [http to be monitored://www.dfwang.cn];Configurating filtered access people
Number, and it is set as number, because the number of visiting people can change always, as long as the change of this label is verified during detection in this way
The part of change is that number just filters out this partial content;Configure webmaster's cell-phone number;Configuration monitoring frequency is 10 minutes.
Monitoring operation:System automatically generated was with 10 minutes timers for frequency.System will be frequency timing with 10 minutes
Access URL [http://www.dfwang.cn], request results are verified to and are filtered out the content of label, with general MD5 algorithms
It generates summary info and keeps a record, the summary info that first time request results generate is set to basic version.Request knot is obtained every time
Fruit followed by basic version compared, if result unanimously if return to FALSE, it is believed that do not distort, terminate this flow, such as
Fruit result is inconsistent, returns to TRUE, it is believed that distorts.If it is TRUE to distort comparing result, send short messages in being configured to monitoring
The webmaster configured alarms.
Maintenance personnel does not have to periodically go whether detection webpage is tampered manually, largely alleviates the burden of maintenance personnel, together
When also greatly ensured website operation safety.
Claims (8)
1. being based on webpage tamper monitoring and alarming system, it is characterised in that described including monitoring module, timing module and alarm module
Monitoring module, timing module and alarm module;
Monitoring module is the configuration of web network paths, monitoring abstract fields configuration, and web page digest information field is set as base edition
This, monitoring web network paths abstract fields compare field increase and decrease situation with basic version;
Timing module configures for monitoring frequency, by adjusting monitoring frequency cycle monitoring web network path abstract fields;
Alarm module be monitoring management person's phone number configuration, web network path abstract fields make a phone call when increasing or decreasing or
Sending short message prompt administrator checks abstract.
2. according to claim 1 be based on webpage tamper monitoring and alarming system, it is characterised in that the monitoring module also wraps
The configuration of peak value the number of visiting people is included, the number of visiting people is more than peak value the number of visiting people, is made a phone call by alarm module or sending short message prompt pipe
Reason person verifies network and accesses situation.
3. according to claim 1 be based on webpage tamper monitoring and alarming system, it is characterised in that supervised in the monitoring module
Control web network paths abstract fields compare field increase and decrease situation with basic version, and field comparison is unchanged, and entrance is next
Monitor the period;It makes a phone call when field increases or decreases or sending short message prompt administrator checks abstract.
4. according to claim 1 be based on webpage tamper monitoring and alarming system, it is characterised in that match in the monitoring module
Special web page summary info field is set, occurs specific information field in web network paths and makes a phone call or sending short message prompt administrator
Verification abstract.
5. according to any one of claims 1 to 4 be based on webpage tamper monitoring and alarming system, it is characterised in that the monitoring
The server operation of module, timing module and alarm module based on existing JAVA virtual machine.
6. according to claim 1 be based on webpage tamper monitoring and alarming system, it is characterised in that the monitoring module configuration
Multiple web network paths.
7. according to claim 1 be based on webpage tamper monitoring and alarming system, it is characterised in that the prison of the monitoring module
Control frequency configuration 5-10min.
8. according to claim 1 or 4 be based on webpage tamper monitoring and alarming system, it is characterised in that described information field increases
Subtract variation to be compared by MD5 algorithms.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810277707.5A CN108540466A (en) | 2018-03-31 | 2018-03-31 | Based on webpage tamper monitoring and alarming system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810277707.5A CN108540466A (en) | 2018-03-31 | 2018-03-31 | Based on webpage tamper monitoring and alarming system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108540466A true CN108540466A (en) | 2018-09-14 |
Family
ID=63481937
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810277707.5A Pending CN108540466A (en) | 2018-03-31 | 2018-03-31 | Based on webpage tamper monitoring and alarming system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108540466A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111581672A (en) * | 2020-05-14 | 2020-08-25 | 杭州安恒信息技术股份有限公司 | Method, system, computer device and readable storage medium for webpage tampering detection |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102111267A (en) * | 2009-12-28 | 2011-06-29 | 北京安码科技有限公司 | Website safety protection method based on digital signature and system adopting same |
CN103685297A (en) * | 2013-12-24 | 2014-03-26 | 朱筱华 | Webpage monitoring tamper-proofing alarm system |
CN103716315A (en) * | 2013-12-24 | 2014-04-09 | 上海天存信息技术有限公司 | Method and device for detecting web page tampering |
US20140254796A1 (en) * | 2013-03-08 | 2014-09-11 | The Chinese University Of Hong Kong | Method and apparatus for generating and/or processing 2d barcode |
CN106599242A (en) * | 2016-12-20 | 2017-04-26 | 福建六壬网安股份有限公司 | Webpage change monitoring method and system based on similarity calculation |
CN106682529A (en) * | 2017-01-04 | 2017-05-17 | 北京国舜科技股份有限公司 | Anti-tampering method and anti-tampering terminal |
-
2018
- 2018-03-31 CN CN201810277707.5A patent/CN108540466A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102111267A (en) * | 2009-12-28 | 2011-06-29 | 北京安码科技有限公司 | Website safety protection method based on digital signature and system adopting same |
US20140254796A1 (en) * | 2013-03-08 | 2014-09-11 | The Chinese University Of Hong Kong | Method and apparatus for generating and/or processing 2d barcode |
CN103685297A (en) * | 2013-12-24 | 2014-03-26 | 朱筱华 | Webpage monitoring tamper-proofing alarm system |
CN103716315A (en) * | 2013-12-24 | 2014-04-09 | 上海天存信息技术有限公司 | Method and device for detecting web page tampering |
CN106599242A (en) * | 2016-12-20 | 2017-04-26 | 福建六壬网安股份有限公司 | Webpage change monitoring method and system based on similarity calculation |
CN106682529A (en) * | 2017-01-04 | 2017-05-17 | 北京国舜科技股份有限公司 | Anti-tampering method and anti-tampering terminal |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111581672A (en) * | 2020-05-14 | 2020-08-25 | 杭州安恒信息技术股份有限公司 | Method, system, computer device and readable storage medium for webpage tampering detection |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8819807B2 (en) | Apparatus and method for analyzing and monitoring sap application traffic, and information protection system using the same | |
CN106911514A (en) | SCADA network inbreak detection methods and system based on the agreements of IEC60870 5 104 | |
JP5430747B2 (en) | Network contents tampering prevention equipment, method and system | |
CN108933791A (en) | One kind being based on Electricity Information Network Safeguard tactics intelligent optimization method and device | |
CN103428186A (en) | Method and device for detecting phishing website | |
CN102111267A (en) | Website safety protection method based on digital signature and system adopting same | |
CN105678193B (en) | A kind of anti-tamper treating method and apparatus | |
CN107517214A (en) | System and method for providing computer network security | |
CN112711509A (en) | Method and system for improving operation and maintenance safety of data center machine room | |
CN110099060A (en) | A kind of network information security guard method and system | |
GB2532630A (en) | Network intrusion alarm method and system for nuclear power station | |
CN114418263A (en) | A defense system for power monitoring device of thermal power plant | |
CN113395694A (en) | Intelligent security defense system and defense method based on 5G and local area base station | |
CN115766235A (en) | Network security early warning system and early warning method | |
CN108540466A (en) | Based on webpage tamper monitoring and alarming system | |
KR102159399B1 (en) | Device for monitoring web server and analysing malicious code | |
Beigh et al. | Intrusion detection and prevention system: issues and challenges | |
WO2018035765A1 (en) | Method and apparatus for detecting network abnormity | |
Vigna et al. | Host-based intrusion detection | |
CN107277070A (en) | A kind of computer network instrument system of defense and intrusion prevention method | |
CN115442159B (en) | Household routing-based risk management and control method, system and storage medium | |
Agrawal et al. | A SURVEY ON ATTACKS AND APPROACHES OF INTRUSION DETECTION SYSTEMS. | |
Liu et al. | A framework for database auditing | |
Mithu et al. | Secure industrial control system with intrusion detection | |
CN113141274A (en) | Method, system and storage medium for detecting sensitive data leakage in real time based on network hologram |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180914 |
|
RJ01 | Rejection of invention patent application after publication |