摘要
常用Web服务器本身缺乏页面完整性验证机制,无法防止站点文件被篡改。为确保文件的完整性,防止用户访问页面被篡改,提出一种Web程序防篡改系统。采用MD5算法校验文件完整性的Web防篡改机制,计算目标文件的数字指纹,运用快照技术恢复被篡改文件,以解决多数防篡改系统对动态站点保护失效及小文件恢复难的问题。描述防篡改系统的工作过程、功能结构及实现方法。实验结果证明,与现有系统相比,该系统能有效完成篡改防护及快照恢复工作,在保障文件安全的同时,对服务器工作效率影响极少。
Commonly used Web servers lack page integrity protection mechanisms, which makes the target website exploitable to potential attackers. To ensure the integrity of the website and prevent users from visiting the tampered page, this paper proposes a tamper-proof mechanism, based on the technique of file content hash. By calculating the target file fingerprints, adopting the snapshot technology to recover the tampered files, the system can provide protection for dynamic websites to recover from failure or targeted attacks efficiently. This paper presents the design and implementation of a tamper-proof system for Web applications in detail. Experimental results show that compared with existing systems, the system can implement the tamper protection and the snapshot recovery effectively, and imposes little runtime cost on the server being protected.
出处
《计算机工程》
CAS
CSCD
2014年第5期149-153,共5页
Computer Engineering
基金
国家自然科学基金资助项目(61173166)
湖南省教育厅科研基金资助项目(11C0600)
湖南科技学院科研基金资助项目(12X KYTB005)
