本文選題：網(wǎng)站數(shù)據(jù)完整性　切入點(diǎn)：惡意篡改　出處：《中國(guó)海洋大學(xué)》2014年碩士論文　論文類型：學(xué)位論文

【摘要】：隨著互聯(lián)網(wǎng)的普及與發(fā)展，網(wǎng)絡(luò)平臺(tái)已逐漸成為各行業(yè)對(duì)外進(jìn)行展示、信息溝通最方便快捷的橋梁。政府利用網(wǎng)絡(luò)平臺(tái)傳遞政聲，學(xué)校利用網(wǎng)絡(luò)平臺(tái)推進(jìn)家庭教育工作，醫(yī)療機(jī)構(gòu)利用網(wǎng)絡(luò)平臺(tái)提高醫(yī)保透明度，企業(yè)利用網(wǎng)絡(luò)平臺(tái)對(duì)產(chǎn)品進(jìn)行推廣宣傳等等，而網(wǎng)絡(luò)平臺(tái)中必不可缺的部分就是構(gòu)建網(wǎng)站，網(wǎng)站不僅是向公眾發(fā)布信息的媒體載體，還是讓公眾了解各行各業(yè)的窗口，它就像人的眼睛，通過(guò)它可以直接和一個(gè)企業(yè)的靈魂溝通。但是，網(wǎng)站正面臨著遭受黑客攻擊篡改的安全威脅，一旦被篡改，將會(huì)給人民甚至國(guó)家遭受極大的危害，因此，網(wǎng)站數(shù)據(jù)完整性的保護(hù)尤為重要。 網(wǎng)站數(shù)據(jù)完整性檢測(cè)工具是網(wǎng)站安全防護(hù)的重要手段，能及時(shí)發(fā)現(xiàn)網(wǎng)站是否被攻擊。目前，已有的網(wǎng)站數(shù)據(jù)完整性檢測(cè)工具主要是網(wǎng)頁(yè)防篡改工具，不僅效率低，而且大都忽略了DNS劫持的檢測(cè)，而DNS劫持是近期黑客攻擊采用的熱門手段之一，并且DNS服務(wù)是訪問(wèn)網(wǎng)站的第一步，如果DNS出現(xiàn)故障，正常的訪問(wèn)被解析到錯(cuò)誤的服務(wù)器地址，網(wǎng)站必然會(huì)受到影響。針對(duì)上述問(wèn)題，設(shè)計(jì)并實(shí)現(xiàn)了網(wǎng)站數(shù)據(jù)完整性檢測(cè)工具。 網(wǎng)站數(shù)據(jù)完整性檢測(cè)工具是集網(wǎng)頁(yè)惡意篡改檢測(cè)、DNS劫持檢測(cè)、異常發(fā)現(xiàn)檢測(cè)于一體的檢測(cè)工具。在網(wǎng)頁(yè)惡意篡改檢測(cè)模塊，運(yùn)用了正則表達(dá)式提取技術(shù)、中文分詞技術(shù)、TF-IDF加權(quán)技術(shù)和余弦相似性算法，實(shí)現(xiàn)了網(wǎng)頁(yè)內(nèi)容的相似性比對(duì)，來(lái)檢測(cè)網(wǎng)頁(yè)內(nèi)容是否被篡改。DNS劫持檢測(cè)模塊，運(yùn)用了DNS解析技術(shù)，實(shí)現(xiàn)了域名到IP地址的映射，并進(jìn)行IP地址比對(duì)，來(lái)檢測(cè)DNS是否被劫持。異常發(fā)現(xiàn)檢測(cè)模塊，通過(guò)網(wǎng)頁(yè)提取出的關(guān)鍵詞與數(shù)據(jù)庫(kù)中的異常詞匯比對(duì)，實(shí)現(xiàn)了網(wǎng)頁(yè)是否存在異常詞匯的檢測(cè)。檢測(cè)工具還具有報(bào)警的功能，當(dāng)發(fā)現(xiàn)存在異常時(shí)，，立即發(fā)送郵件給網(wǎng)站管理人員，及時(shí)發(fā)現(xiàn)問(wèn)題，減少危害。 經(jīng)測(cè)試，使用網(wǎng)站數(shù)據(jù)完整性檢測(cè)工具對(duì)網(wǎng)站進(jìn)行安全性檢測(cè)，提高了檢測(cè)效率，擴(kuò)大了適用范圍，對(duì)網(wǎng)站安全防護(hù)水平的提升有積極的推動(dòng)作用。
[Abstract]:With the popularization and development of the Internet, the network platform has gradually become the most convenient bridge for all industries to display and communicate information. The government uses the network platform to transmit political sound, and schools use the network platform to promote family education. Medical institutions use the network platform to improve the transparency of medical insurance, enterprises use the network platform to promote the products, and so on, and the indispensable part of the network platform is to build a website, which is not only a media carrier to release information to the public. Or let the public know the window of various industries, it is like the human eye, can communicate directly with the soul of an enterprise through it. However, the website is facing the security threat of being hacked and tampered with, once tampered with, Will give people and even the country suffered great harm, therefore, the website data integrity protection is particularly important. Web site data integrity detection tool is an important means of website security protection, can timely find whether the website is attacked. At present, the existing website data integrity detection tool is mainly a tamper-proof tool, which is not only inefficient, but also effective. And most of them ignore the detection of DNS hijacking, and DNS hijacking is one of the popular methods used in recent hacker attacks, and DNS service is the first step to visit a website. If DNS fails, the normal access is resolved to the wrong server address. The website will inevitably be affected. Aiming at the above problems, the paper designs and implements the data integrity checking tool of the website. Web site data integrity detection tool is a web page malicious tampering detection DNS hijacking detection, anomaly detection detection in one detection tool. In the web page malicious tamper detection module, the use of regular expression extraction technology, The Chinese word segmentation technology includes TF-IDF weighted technology and cosine similarity algorithm, which realizes the similarity comparison of web content, to detect whether the web content is tampered with. DNS hijacking detection module. The mapping of domain name to IP address is realized by using DNS parsing technology. And IP address comparison to detect whether DNS is hijacked. Anomaly detection module, the key words extracted from the web page are compared with the abnormal words in the database. The detection tool also has the function of alarm. When there is an anomaly, it sends an email to the website administrator immediately to discover the problem and reduce the harm. After testing, using the website data integrity inspection tool to carry on the security inspection to the website, has improved the detection efficiency, expanded the scope of application, has the positive promotion function to the website security protection level enhancement.
【學(xué)位授予單位】：中國(guó)海洋大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP393.092

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 喻建平,謝維信,閆巧;網(wǎng)絡(luò)安全與防范技術(shù)[J];半導(dǎo)體技術(shù);2002年01期

2 胡軍偉;秦奕青;張偉;;正則表達(dá)式在Web信息抽取中的應(yīng)用[J];北京信息科技大學(xué)學(xué)報(bào)(自然科學(xué)版);2011年06期

3 楊飛;;網(wǎng)頁(yè)防篡改技術(shù)[J];計(jì)算機(jī)安全;2008年09期

4 汪前進(jìn);施s

本文編號(hào)：1622238