Technological developments that make it easier for organizations to carry out their operations are no longer difficult, through websites organizations can display their reputation, products, services and achievements through websites that can be accessed by the public 24 hours a day. However, there is a threat that the more famous a website is, the more vulnerable it is to becoming a target for attacks. Broken Access Control is one of the causes of websites becoming victims of defacement attacks which can be detrimental both financially and reduce reputation. In this article we will discuss the causes of websites becoming infected with outbreaks, how to prevent them, and technological proposals that have implemented AI to prevent them. The method used in the research is the System Literature Review method which has been carried out by previous researchers who have successfully applied AI technology to prevent Broken Access Control attacks. The results obtained from the development of prevention technology are satisfactory with the success of detecting and rejecting 100% of the 10 simulated attacks. It is important to protect websites because it affects reputation, financial loss, violations regarding personal data protection, and damage to organizational operations which will have very detrimental impacts in the short, medium and long term.

J. Mupokosera, Financial Services Information Security Culture: The Effect of Technology, People and Environment, Proc. 2023 2nd Zimbabwe Conf. Inf. Commun. Technol. ZCICT 2023, 2023, doi: 10.1109/ZCICT59466.2023.10552881.

J. B. Ullrich and J. Lam, Defacing websites via SQL injection, Netw. Secur., vol. 2008, no. 1, pp. 910, Jan. 2008, doi: 10.1016/S1353-4858(08)70007-2.

G. Davanzo, E. Medvet, and A. Bartoli, Anomaly detection techniques for a web defacement monitoring service, Expert Syst. Appl., vol. 38, no. 10, pp. 1252112530, Sep. 2011, doi: 10.1016/J.ESWA.2011.04.038.

Biz Serve IT Blog | Insights on Cybersecurity. https://www.bizserveit.com/blogs/horizontal-privilege-escalation-broken-access-control (accessed Jan. 12, 2025).

A. Anas, A. A. Alhelbawy, S. El Gamal, and B. Youssef, BACAD: AI-based framework for detecting vertical broken access control attacks, Egypt. Informatics J., vol. 28, p. 100571, Dec. 2024, doi: 10.1016/J.EIJ.2024.100571.

F. Younas, A. Raza, N. Thalji, L. Abualigah, R. A. Zitar, and H. Jia, An efficient artificial intelligence approach for early detection of cross-site scripting attacks, Decis. Anal. J., vol. 11, p. 100466, Jun. 2024, doi: 10.1016/J.DAJOUR.2024.100466.

C. Hou, J. Shi, M. Cui, and Q. Yang, Attack versus Attack: Toward Adversarial Example Defend Website Fingerprinting Attack, Proc. - 2021 IEEE 20th Int. Conf. Trust. Secur. Priv. Comput. Commun. Trust. 2021, pp. 766773, 2021, doi: 10.1109/TRUSTCOM53373.2021.00111.

D. Arnaldy and A. R. Perdana, Implementation and Analysis of Penetration Techniques Using the Man-In-The-Middle Attack, Proc. - 2019 2nd Int. Conf. Comput. Informatics Eng. Artif. Intell. Roles Ind. Revolut. 4.0, IC2IE 2019, pp. 188192, Sep. 2019, doi: 10.1109/IC2IE47452.2019.8940872.

A01 Broken Access Control - OWASP Top 10:2021. https://owasp.org/Top10/A01_2021-Broken_Access_Control/ (accessed Jan. 11, 2025).

N. S. M. Farras, J. Loderick, H. A. Saputri, and A. C. Sari, Exploring Penetration Testing: A Comparative Analysis of Brute Force Directory Tools in Vulnerability Analysis Phase, 2024 2nd Int. Conf. Technol. Innov. Its Appl., pp. 16, Sep. 2024, doi: 10.1109/ICTIIA61827.2024.10761451.