DefaceIntel-Visionary: A robust Web Defacement Detection tool
DefaceIntel-Visionary
The purpose of this project is to develop a robust Web Defacement Detection tool that monitors websites for signs of defacement, an attack where the visual appearance of a website is altered by unauthorized users. The tool aims to promptly provide an alert if website content is manipulated, which is often a result of cyber attacks such as those carried out by hacktivists. The system utilizes two primary detection methods:
a) analyzing drastic changes in webpage size and
b) scanning for keywords and phrases associated with hacktivism, including those within images, using generative AI such as GPT that has been trained on large data including OSINT.
Details
- Generative AI
- A generative AI model such as GPT4 generates a list of new and potential keywords based on news, threat intelligence content it has access to. This proactive approach helps the tool stay one step ahead in detecting hacktivist content.
- Computer Vision
- By matching images found on websites against known images used by hacktivists,computer vision enables the identification and tracking of potential cyber threats and malicious activities
- In addition, Optical Character Recognition (OCR) is also used to process textual content of a webpage, including text embedded in images, to match keywords generated by the AI model.
- Reverse image lookup
- By performing reverse image lookup against new images not previously collected from the monitored website to help identify and provide additional context about these new images to derive intelligence.
- Webpage Size Monitor
- This module keeps track of the size of webpages. It fetches the webpage at regular intervals, records the size, and compares it with the baseline size to detect any drastic changes. A significant change in size is considered an indicator of potential defacement.
