Algorithm for Web Server Security

摘要

The Web application layer is the number one target for malicious online attacks. Millions of Web sites regulate access to highly sensitive information including social security numbers, credit card numbers, names, addresses, birthdates, intellectual property, financial records, trade secrets, medical data, and more. These data must be rigorously protected from intruders. To reduce the risk of losses, brand damage, theft of intellectual property, legal liability, and fines, enterprises need timely information about how Web sites are penetrated and how they can be defended. This article presents an algorithm to generate the security report. The proposed algorithm uses the experimental data of 69 different Indian research/educational Web sites and the generated security report took place after checking all the possible prospective of obtained experimental attributes dataset. This article also presents the changes in the security settings of the Indian Web sites within 3 years, on the bases of open port's study of 3 years experimental result. Based on port scanning, preventive security measures can be taken by organizations as a policy matter.