1. Field
The present system relates to Internet Web server computer systems. More particularly, it relates to an anti-alteration system for prohibiting illegal alteration and defacement of Web contents.
2. Description of the Related Art
The Internet-based TCP/IP protocol can provide a communication environment in which users may communicate easily with each other from anywhere on the network. There is, however, a corresponding security disadvantage.
Today's businesses rely on Web servers (HTTP servers). There are about one million new Web sites generated each month. Web sites consist of Web servers and Web contents. Web servers can store various Web contents including static files such as html, text, gif, wav, mp3, mov, jpeg, au, etc., and dynamic files such as per, php, java script, etc. The Web server will return the Web contents or the computed results when it gets a request from a Web browser. If a hacker (intruder) has invaded the Web server computer, then the Web contents may be easily altered and, subsequently, distributed when requested by a Web browser.
Since 1990, many security technologies and security products have been developed to defend against cyberattack, such as cryptograph authentication, firewall, anti-virus software, CA, VPN, intrusion detection, etc. The growth rate of Web-attack technology, however, is always ahead of existing security products. Unfortunately, current security products cannot defend against all cyberattacks and, consequently, are useless in preventing the latest wave of hacker tools and technologies.
Experts have the, “A firewall can add another layer of security to your systems, but it cannot stop a really determined cracker from penetrating your internal network.” (Gary Palmer & Alex Nash, FreeBSD Handbook, ch. 8.7).
The FBI reported the results of one survey: “38% of the respondents said their Web sites have been broken into over the past year. 70% of organizations reported online graffiti, usually the simplest and least damaging type of attack. A graffiti hacker replaces the Web site's front page with his or her own text and, sometimes, offensive pictures.” (FBI Survey, Apr. 7, 2002, http://bit-shield.com/webattack.html).
One anti-alteration technology called “file scanning” periodically checks all Web contents on the Web servers. This iterative technology is shown in FIG. 1:
P1→P2→P3→ . . . Pi→ . . . →Ps→ . . . ∝Pn→P1→P2→ . . .
If content has been changed without authorization, Web sites employing “file scanning” may recover the original files or stop the Web servers.
One problem with the above “file scanning” technology is that it allows the Web servers to send altered content during the time that it takes to check every file. During the comparison period, the Web servers will send altered content upon request from the Web site visitor. Thus, Web site visitors will view the altered content.
For large Web sites, it may take between ten minutes to one hour, or even more, in order to check all of the Web pages. During that time, illegally changed data may be sent to users. In other words, this technology cannot prevent 100% of the illegal alterations to Web content.
Moreover, this technology must run constantly in order to monitor the Web content, which may waste computer resources, reduce computer performance, and delay system response speed. It is not suitable for large Web sites with much content.
No current technology guarantees that the Web pages seen by visitors are the original messages sent by the Web owner. Web site owners cannot trust distribution of Web content over the Internet because there is no adequate technology to check the contents of Web sites that have been altered by hackers before that content is sent to Web site visitors.
In addition, almost all Web sites connect with a database. Hackers and Web attackers may, therefore, intrude these databases through the Web servers. Because almost all Web programs are plain text, hackers may steal information about how to access connected databases, such as IP addresses, passwords, names, etc., from Web programs such as php files and perl files, which are often stored on the Web servers.
Today's Web contents are exposed to unauthorized and illegal alteration over the Internet each day. There is no adequate protection for this content, and there is no adequate check before this content is sent to Web site visitors. This is the biggest vulnerability of distributing content over the Internet.