• Christian Camilo Urcuqui Universidad Icesi, Cali
  • Melisa García Peña Universidad Icesi, Cali
  • José Luis Osorio Quintero Universidad Icesi, Cali
  • Andrés Navarro Cadavid Universidad Icesi, Cali



Defacement, Web application, security, vulnerability, Web security, integrity.


Internet connects around three billions of users worldwide, a number increasing every day. Thanks to this technology, people, companies and devices perform several tasks, such as information broadcasting through websites. Because of the large volumes of sensitive information and the lack of security in the websites, the number of attacks on these applications has been increasing significantly. Attacks on websites have different purposes, one of these is the introduction of unauthorized modifications (defacement). Defacement is an issue which involves impacts on both, system users and company image, thus, the researchers community has been working on solutions to reduce security risks. This paper presents an introduction to the state of the art about techniques, methodologies and solutions proposed by both, the researchers community and the computer security industry.

Author Biographies

  • Christian Camilo Urcuqui, Universidad Icesi, Cali
    Systems Engineer (emphasis in Management and Computing) and Master in Informatics and Telecommunications from Universidad Icesi (Cali-Colombia). Member of Informatics and Telecommunications research group [i2t]. His areas of interest include: artificial intelligence, machine learning and security applied to informatics 
  • Melisa García Peña, Universidad Icesi, Cali
    Systems Engineering student at the Universidad Icesi (Cali-Colombia); she participates of Informatics and Telecommunications (i2t) research group activities 
  • José Luis Osorio Quintero, Universidad Icesi, Cali
    Systems Engineering student at the Universidad Icesi (Cali-Colombia). He participates of Informatics and Telecommunications (i2t) research group activities
  • Andrés Navarro Cadavid, Universidad Icesi, Cali
    Full professor and Director of i2t (Informatics and Telecommunications research group) at the Universidad Icesi (Cali, Colombia). Electronics Engineer and Master in Technology Management (Universidad Pontificia Bolivariana de Medellín (Colombia), and Ph.D. in Telecommunications (Universidad Politécnica de Valencia, España). His main areas of interest are: spectrum management, radio propagation and m-health


Alhamed, M., & Alsuhaibany, O. M. (2013). U.S. Patent No. 8,549,637. Washington, DC: U.S. Patent and Trademark Office.

Aman, H., Yamashita, A., Sasaki, T., & Kawahara, M. (2014, August). Multistage growth model for code change events in open source software development: An example using development of Nagios. In: Software Engineering and Advanced Applications (SEAA), 2014 40th EUROMICRO Conference on (pp. 207-212). IEEE.

Amanatidis, T., & Chatzigeorgiou, A. (2016). Studying the evolution of PHP web applications. Information and Software Technology, 72, 48-67.

Barnes, J. (2013, February 18). Free real user monitoring [StatusCake]. Retrieved from:

Barreno, M., Nelson, B., Joseph, A. D., & Tygar, J. D. (2010). The security of machine learning. Machine Learning, 81(2), 121-148.

Bartoli, A., Davanzo, G., & Medvet, E. (2009). The reaction time to web site defacements. IEEE Internet Computing, 13(4), 52-58.

Bartoli, A., Davanzo, G., & Medvet, E. (2010). A framework for large-scale detection of website defacements. ACM Transactions on Internet Technology (TOIT), 10(3), 10.

Batyuk, L., Herpich, M., Camtepe, S. A., Raddatz, K., Schmidt, A. D., & Albayrak, S. (2011, October). Using static analysis for automatic assessment and mitigation of unwanted and malicious activities within Android applications. In: Malicious and Unwanted Software (MALWARE), 2011 6th International Conference on (pp. 66-72). IEEE.

Borgolte, K., Kruegel, C., & Vigna, G. (2015). Meerkat: Detecting website defacements through image-based object recognition. In: 24th USENIX Security Symposium (USENIX Security 15) (pp. 595-610).

Caswell, B., Beale, J., & Baker, A. (2007). Snort intrusion detection and prevention toolkit. Syngress.

Cerf, V. G., & Quaynor, N. (2014). The Internet of Everyone. Internet Computing, IEEE, 18(3), 96-96.

Dalai, A. K., & Jena, S. K. (2011, February). Evaluation of web application security risks and secure design patterns. In: Proceedings of the 2011 International Conference on Communication, Computing & Security (pp. 565-568). ACM.

Davanzo, G., Medvet, E., & Bartoli, A. (2011). Anomaly detection techniques for a web defacement monitoring service. Expert Systems with Applications, 38(10), 12521-12530.

Diakopoulos, N., & Cass, S. (2015). Interactive: The top programming languages 2015. IEEE Spectrum, online, July, 20. Retrieved from:

Eshete, B., Villafiorita, A., & Weldemariam, K. (2011, July). Malicious website detection: Effectiveness and efficiency issues. In: SysSec Workshop (SysSec), 2011 First (pp. 123-126). IEEE.

Fujimura, N., & Mei, J. (2007, October). Implementation of file interpolation detection system. In: Proceedings of the 35th annual ACM SIGUCCS fall conference (pp. 118-121). ACM.

Futoransky, A., Gutesman, E., & Waissbein, A. (2007). A dynamic technique for enhancing the security and privacy of web applications. In: Proc. Black Hat USA.

Gross, G. (2015, June). US Army website defaced, then brought down. Retrieved from:

Gupta, S., & Gupta, B. B. (2015, May). PHP-sensor: a prototype method to discover workflow violation and XSS vulnerabilities in PHP web applications. In: Proceedings of the 12th ACM International Conference on Computing Frontiers (p. 59). ACM.

Haq, N. F., Onik, A. R., Hridoy, M. A. K., Rafni, M., Shah, F. M., & Farid, D. M. (2015). Application of Machine Learning Approaches in Intrusion Detection System: A Survey. IJARAI- International Journal of Advanced Research in Artificial Intelligence, 4(3), 9-18.

Harper, A., Harris, S., Ness, J., Eagle, C., Lenkey, G., & Williams, T. (2015). Gray hat hacking the ethical hackers handbook. McGraw-Hill Osborne Media.

Hollander, Y. (2000). Prevent web site defacement. Internet Security Advisor, 3(6), 22.

Howard, G. M., Gutierrez, C. N., Arshad, F. A., Bagchi, S., & Qi, Y. (2014, June). pSigene: Webcrawling to Generalize SQL Injection Signatures. In:

Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on (pp. 45-56). IEEE.
IPVTec (2014). What´s IPVmon? Retrieved from:

Jericho & Munge. (2000). Hard-core web defacement statistics trends and analysis. In: Black Hat USA 2000. Retrieved from:

Jingling, Z., & Rulin, G. (2015, July). A New Framework of Security Vulnerabilities Detection in PHP Web Application. In: Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2015 9th International Conference on (pp. 271-276). IEEE.

Kim, G. H., & Spafford, E. H. (1994, November). The design and implementation of tripwire: A file system integrity checker. In: Proceedings of the 2nd ACM Conference on Computer and Communications Security (pp. 18-29). ACM.

Kim, W., Lee, J., Park, E., & Kim, S. (2006). Advanced mechanism for reducing false alarm rate in web page defacement detection. In: The 7th International Workshop on Information Security Applications.

Kumar, M. (2015, May). Hacked, 10 Million User´s Details Exposed. Retrieved from:

Lui, Z. & Cinquini, M. J. (2012). Web content defacement protection system [U.S. Patent No. 8,145,908]. Washington, DC: U.S. Patent and Trademark Office.

Medvet, E., Fillon, C., & Bartoli, A. (2007, August). Detection of web defacements by means of genetic programming. In: Information Assurance and Security, 2007. IAS 2007. Third International Symposium on (pp. 227-234). IEEE.

Mohaisen, A. (2015, November). Towards automatic and lightweight detection and classification of malicious web contents. In: Hot Topics in Web Systems and Technologies (HotWeb), 2015 Third IEEE Workshop on (pp. 67-72). IEEE.

Muñoz, F. R., & Villalba, L. G. (2012). Preproceso de formularios para el análisis de seguridad de las aplicaciones web. Actas de la XII Reunión Española sobre Criptologıa y Seguridad de la Información (RECSI 2012), Donostia-San Sebastián, España.

Nguyen-Tuong, A., Guarnieri, S., Greene, D., Shirley, J., & Evans, D. (2005, May). Automatically hardening web applications using precise tainting. In: IFIP International Information Security Conference (pp. 295-307). Springer.

Open Web Application Security Project [OWASP]. (2013). OWASP Top 10 - 2013 The ten most critical web application security risks. Retrieved from:

Open Web Application Security Project [OWASP]. (2016). PHP Top 5. Retrieved from:

Roesch, M. (1999, November). Snort: Lightweight intrusion detection for networks. In LISA, 99(1), 229-238.

Shahriar, H., & Zulkernine, M. (2009, May). Mutec: Mutation-based testing of cross site scripting. In Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems (pp. 47-53). IEEE Computer Society.

Shani, O. (2008). System and method for identification, prevention and management of web-sites defacement attacks [Patent Application No. 12/531,728]. . Washington, DC: U.S. Patent and Trademark Office.

Socuri [Web site] (2016). Retrieved from:

Sommer, R., & Paxson, V. (2010, May). Outside the closed world: On using machine learning for network intrusion detection. In: 2010 IEEE symposium on security and privacy (pp. 305-316). IEEE.

Son, S., & Shmatikov, V. (2011, June). SAFERPHP: Finding semantic vulnerabilities in PHP applications. In: Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security (p. 8). ACM.

Stamm, S., Sterne, B., & Markham, G. (2010, April). Reining in the web with content security policy. In: Proceedings of the 19th international conference on World Wide Web (pp. 921-930). ACM.

Stuttard, D. & Pinto, M. (2011). The web application hacker's handbook: finding and exploiting security flaws. Hoboken, NJ: John Wiley & Sons.

Tanaka, T., Kai, T., Tamura, Y., & Sasaki, R. (2011, October). Development and evaluation of defaced sites automatic detection system DICE. In: Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP), 2011 Seventh International Conference on (pp. 196-201). IEEE.

Ullrich, J. B., & Lam, J. (2008). Defacing websites via SQL injection. Network Security, 2008(1), 9-10.

Urcuqui, C., & Navarro, A. (2016, April). Machine learning classifiers for android malware analysis. In: Communications and Computing (COLCOM), 2016 IEEE Colombian Conference on (pp. 1-6). IEEE.

Vanderaj. (2016). The open web application security project, PHP Top 5. Retrieved from:

Wei, W. (2015, November). Rise in website defacement attacks by hackers around the world. Retrieved from:

WhiteHat Security. (2016). Web applications security statistics report 2016. Retrieved from:

Xie, Y. & Aiken, A. (2006, July). Static detection of security vulnerabilities in scripting languages. In: USENIX Security, 6, 179-192.

Zhong, Y., Asakura, H., Takakura, H., & Oshima, Y. (2015, July). Detecting malicious inputs of web application parameters using character class sequences. In Computer Software and Applications Conference (COMPSAC), 2015 IEEE 39th Annual (Vol. 2, pp. 525-532). IEEE.

Zone-H [website]. (2016). Retrieved from: