Security control for website defacement

Authors

  • Oscar Mondragón Sikkerdata SAS
  • Andrés Felipe Mera Arcos Sikkerdata SAS
  • Christian Urcuqui Universidad Icesi, Cali
  • Andrés Navarro Cadavid Universidad Icesi, Cali

DOI:

https://doi.org/10.18046/syt.v15i41.2442

Keywords:

Defacement, web application, security, vulnerability, web security, integrity.

Abstract

Cyber-attacks to websites are increasing steadily affecting the integrity and availability of information, so the implementation of safeguards to mitigate or reduce to acceptable levels the risks generated are necessary. Computer incidents produce economic and reputational impacts to different organizations. It has identified an increase in computer attacks on different organizations where one of them, and highly reputational impact, is the “Defacement” attack, which consists of unauthorized modification or alteration to the web sites using wordpress cms , affecting the integrity of information. The result of this article proposes the development of a model for establishing a security control to perform the containment and reporting of this attack type, which currently have focused on the websites of the government entities. The development model allows online control the attack on Web sites by constant reading of certain parts of the source code making the detection and maintenance of the integrity of information.

Author Biographies

  • Oscar Mondragón, Sikkerdata SAS
    Engineer in Electronics and Telecommunication (Universidad del Cauca, Popayán-Colombia) and Master in Informatics and Telecommunications (Universidad Icesi, Cali-Colombia). He has participated in two projects focused in information security developed by the Universidad Icesi’s i2t research group. He is founder partner of Sikkerdata SAS, company dedicated to cyber security
  • Andrés Felipe Mera Arcos, Sikkerdata SAS
    Engineer in Electronics and Telecommunication (Universidad del Cauca, Popayán-Colombia) and Master in Informatics and Telecommunications (Universidad Icesi, Cali-Colombia). He has participated in two projects focused in information security developed by the Universidad Icesi’s i2t research group. He is founder partner of Sikkerdata SAS, company dedicated to cyber security
  • Christian Urcuqui, Universidad Icesi, Cali

    Systems Engineer (emphasis in Management and Computing) and Master in Informatics and Telecommunications from Universidad Icesi (Cali-Colombia). Member of Informatics and Telecommunications research group [i2t]. His areas of interest include: artificial intelligence, machine learning and security applied to informatics 

  • Andrés Navarro Cadavid, Universidad Icesi, Cali

    Full professor and Director of i2t (Informatics and Telecommunications research group) at the Universidad Icesi (Cali, Colombia). Electronics Engineer and Master in Technology Management (Universidad Pontificia Bolivariana de Medellín (Colombia), and Ph.D. in Telecommunications (Universidad Politécnica de Valencia, España). His main areas of interest are: spectrum management, radio propagation and m-health 

Downloads

Published

2017-08-01

Issue

Vol. 15 No. 41 (2017)

Section

Original Research

License

This journal is licensed under the terms of the CC BY 4.0 licence (https://creativecommons.org/licenses/by/4.0/legalcode).