Abstract
Cyber-attacks to websites are increasing steadily affecting the integrity and availability of information, so the implementation of safeguards to mitigate or reduce to acceptable levels the risks generated are necessary. Computer incidents produce economic and reputational impacts to different organizations. It has identified an increase in computer attacks on different organizations where one of them, and highly reputational impact, is the “Defacement” attack, which consists of unauthorized modification or alteration to the web sites using wordpress cms , affecting the integrity of information. The result of this article proposes the development of a model for establishing a security control to perform the containment and reporting of this attack type, which currently have focused on the websites of the government entities. The development model allows online control the attack on Web sites by constant reading of certain parts of the source code making the detection and maintenance of the integrity of information.
Highlights
Internet is a technology that connects around 3 billion of users in the world (Cerf & Quaynor, 2014)
The web pages could be compromised with different vulnerabilities; the most representatives are: SQL injection, broken authentication and session management, cross-site scripting, insecure direct object references, security misconfiguration, insecure cryptographic storage, failure to restrict URL access, cross-site request forgery, security misconfiguration, invalidated redirects and forwards, and insufficient transport layer protection (Harper, Harris, Ness, Eagle, Lenkey, & Williams, 2015)
This article contains information about a security control based in anomaly detection, that is, the solution permits to monitor and to correct the defacement in web pages
Summary
Internet is a technology that connects around 3 billion of users in the world (Cerf & Quaynor, 2014) This technology permits that the people and the companies can make different works, for example: the diffusion of the information in the web pages, communication, connection, and others. Web pages contain static or dynamic files and this depends of the information flow between the server and the web browser (unidirectional or bidirectional respectively). The web pages could be compromised with different vulnerabilities; the most representatives are: SQL injection, broken authentication and session management, cross-site scripting, insecure direct object references, security misconfiguration, insecure cryptographic storage, failure to restrict URL access, cross-site request forgery, security misconfiguration, invalidated redirects and forwards, and insufficient transport layer protection (Harper, Harris, Ness, Eagle, Lenkey, & Williams, 2015). Some frameworks are proposed for website analysis
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
