本文關(guān)鍵詞： 防篡改 核心內(nèi)嵌 時(shí)間輪詢 跨平臺(tái) 安全性　出處：《西安工業(yè)大學(xué)》2014年碩士論文　論文類型：學(xué)位論文

【摘要】：隨著互聯(lián)網(wǎng)的高速發(fā)展,網(wǎng)站已成為政府、企業(yè)、高校等部門進(jìn)行信息發(fā)布的主要平臺(tái)。但是互聯(lián)網(wǎng)暴露在一個(gè)相對(duì)開放的環(huán)境當(dāng)中,它在為人們提供便利服務(wù)的同時(shí),也極易成為黑客攻擊和破壞的目標(biāo)。由于Web應(yīng)用系統(tǒng)的固有開發(fā)特點(diǎn),導(dǎo)致Web應(yīng)用出現(xiàn)了很多漏洞,病毒、木馬和惡意代碼泛濫。黑客利用網(wǎng)站的漏洞肆意的對(duì)網(wǎng)站上的信息進(jìn)行篡改,造成了極大的社會(huì)影響及經(jīng)濟(jì)損失。為了保護(hù)web網(wǎng)站不發(fā)送被篡改內(nèi)容并及時(shí)進(jìn)行自動(dòng)恢復(fù),提高網(wǎng)站信息安全性、完整性,以解決網(wǎng)頁篡改所帶來的損失和影響,本文提出了一套網(wǎng)頁實(shí)時(shí)防篡改系統(tǒng)的解決方案。 本文首先研究了多種網(wǎng)頁防篡改軟件的原理,以及網(wǎng)頁防篡改相關(guān)技術(shù),其中包括時(shí)間輪詢技術(shù),核心內(nèi)嵌技術(shù),文件過濾驅(qū)動(dòng)技術(shù)和事件觸發(fā)技術(shù)等。然后從性能、效率、安全性等方面比較了各種技術(shù)的優(yōu)缺點(diǎn)。最終本文選擇了時(shí)間輪詢技術(shù)結(jié)合核心內(nèi)嵌技術(shù)作為本論文的研究和實(shí)現(xiàn)方向。 本文提出的網(wǎng)頁實(shí)時(shí)防篡改解決方案包括輪詢掃描模塊與實(shí)時(shí)檢測模塊兩部分。系統(tǒng)分為監(jiān)測端和管理端,首先管理端對(duì)每個(gè)網(wǎng)頁文件生成數(shù)字水印,將生成的數(shù)字水印存儲(chǔ)在管理端的Web服務(wù)器上,監(jiān)測端通過文件同步復(fù)制系統(tǒng)把網(wǎng)頁文件以及水印文件同步到指定位置,系統(tǒng)啟動(dòng)后輪詢掃描模塊對(duì)網(wǎng)頁文件進(jìn)行定時(shí)掃描比對(duì),核心內(nèi)嵌模塊對(duì)每次訪問請(qǐng)求進(jìn)行驗(yàn)證。當(dāng)發(fā)現(xiàn)數(shù)字水印與原水印值不匹配,則驗(yàn)證不通過,同時(shí)向后臺(tái)發(fā)出警報(bào)并對(duì)被篡改的網(wǎng)頁進(jìn)行自動(dòng)恢復(fù),以達(dá)到網(wǎng)頁實(shí)時(shí)防篡改的目的。 本文對(duì)系統(tǒng)的技術(shù)平臺(tái)、用例、系統(tǒng)流程和系統(tǒng)的架構(gòu)進(jìn)行了詳細(xì)的闡述。系統(tǒng)采用了跨平臺(tái)的技術(shù)實(shí)現(xiàn),使得在Windows和Linux平臺(tái)下都可運(yùn)行。并通過了對(duì)系統(tǒng)的功能和性能的測試,從而達(dá)到了設(shè)計(jì)要求。最終使得系統(tǒng)能夠及時(shí)的發(fā)現(xiàn)篡改行為并進(jìn)行自動(dòng)恢復(fù),使得應(yīng)用的網(wǎng)站得到安全的保障。
[Abstract]:With the rapid development of the Internet, websites have become the main platform for the government, enterprises, universities and other departments to publish information. But the Internet is exposed to a relatively open environment. At the same time, it is easy to be the target of hacker attack and destruction. Because of the inherent development characteristics of Web application system, there are many vulnerabilities and viruses in Web application. Trojan horse and malicious code flooding. Hackers take advantage of the site vulnerability wantonly tampering with the information on the site. In order to protect the web website from sending tampered content and carry on the automatic recovery in time, improve the information security and integrity of the website. In order to solve the loss and influence caused by web page tampering, this paper presents a solution of real time tamper-proof system for web pages. First of all, this paper studies the principles of various anti-tamper software, as well as the relevant technologies of anti-tampering, including time polling technology, core embedded technology. File filter driver technology and event trigger technology etc. Then from the performance, efficiency. The advantages and disadvantages of various technologies are compared in terms of security. Finally, this paper chooses time polling technology combined with core embedded technology as the research and implementation direction of this paper. The proposed real-time tamper-proof solution includes polling scanning module and real-time detection module. The system is divided into two parts: monitor end and management end. Firstly, the management end generates digital watermark for each web page file. The generated digital watermark is stored on the Web server of the management terminal, and the monitoring end synchronizes the web page file and the watermark file to the specified location through the file synchronization replication system. After the system started, the system polling scanning module to the page file timing scanning comparison, the core embedded module to verify each access request. When it is found that the digital watermark and the original watermark value does not match, the verification does not pass. At the same time, alarm is issued to the background and the tampered pages are automatically restored to achieve the purpose of real-time tamper-proof. In this paper, the system technology platform, use cases, system flow and system architecture are described in detail. The system uses cross-platform technology implementation. It can be run on both Windows and Linux platform, and has passed the test of the function and performance of the system. Finally, the system can detect the tampering behavior in time and recover automatically, so that the application website can be safeguarded.
【學(xué)位授予單位】：西安工業(yè)大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP393.092;TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 劉大勇;校園網(wǎng)站網(wǎng)頁防篡改技術(shù)研究與應(yīng)用[J];電腦知識(shí)與技術(shù);2005年20期

2 李楓;劉志永;馬麗;;網(wǎng)頁防篡改技術(shù)研究及應(yīng)用[J];電力信息化;2008年07期

3 吳煜煌;;基于數(shù)字水印技術(shù)的網(wǎng)頁保護(hù)系統(tǒng)設(shè)計(jì)[J];計(jì)算機(jī)安全;2008年09期

4 楊飛;;網(wǎng)頁防篡改技術(shù)[J];計(jì)算機(jī)安全;2008年09期

5 姚瀅;;網(wǎng)頁防篡改系統(tǒng)的研究與設(shè)計(jì)方案[J];計(jì)算機(jī)安全;2010年06期

6 申建明;;網(wǎng)頁防篡改技術(shù)探討[J];山西電力;2008年05期

7 羅利民;黃漢永;;網(wǎng)頁防篡改技術(shù)的一種實(shí)現(xiàn)[J];福建電腦;2008年11期

8 于艷杰;;網(wǎng)站安全防范淺析[J];科技創(chuàng)新與應(yīng)用;2013年16期

9 胡麗琴;郭紅俊;;WEB服務(wù)器的網(wǎng)頁防篡改設(shè)計(jì)[J];北京城市學(xué)院學(xué)報(bào);2005年04期

10 張鑫;閃永強(qiáng);;一種新型網(wǎng)頁防篡改策略的研究與部署[J];河南師范大學(xué)學(xué)報(bào)(自然科學(xué)版);2011年05期

，

本文編號(hào)：1493508