Former UCR graduate student Anirban Banerjee wants to make the Internet safer one Web site at a time.

Even before he graduated from UCR in November 2008, the 27-year-old was working full time to help launch the startup Stopthehacker.com.

The service now operates under the Riverside-based company Jaal LLC. Stopthehacker.com identifies how a Web site has been broken into, fixes it and protects it from future attacks. The company is still in its first year of operation and has just four employees who work out of a one-room office in Riverside. While there are many Web-based security services, Banerjee said there was a definite need for a service that aims to protect the site itself, rather than the computer.

"Nine out of every 10 Web sites have a problem, and I would say five out of 10 have serious problems," said Banerjee, who now serves as the chief security officer for the company. "And by serious I say you could take it down by downloading one or two pieces of software from the Internet. It's not hard at all."

Banerjee said with Web sites becoming increasingly easy for people to develop on their own, many don't know how to make sure their Web sites are secure. Hackers have made a business out of incorporating malware, or malicious software, onto sites. Visitors to those sites in turn also get infected.

"It's a relatively new attack," said Michalis Faloutsos, the chief technology officer for the company who was also Banerjee's professor in the computer science department. "Hackers have become very clever.

"They break into the system but don't want to create visible destruction. They put malware on the Web page and infect everyone else that goes to the Web site. By infection, all visitors become bots, and the hacker has those bots under their command."

Faloutsos said while many companies claim to provide network security such as antivirus or antispamming services, most of their services are based on protecting computers from attacks, not the sites themselves.

Stopthehacker.com doesn't provide protection for computers; it is focused solely on protecting Web sites, a relatively new concept in the technology industry.

"We realized there's a niche market out there; we want to capitalize on what we are good at and are focused on what we say we do," Banerjee said. "We don't try to throw the full gamut of security tools at a Web site and say we take care of everything. We do something very specialized and felt we can capitalize on that."

However, deleting the malware is only one step that needs to be taken. Faloutsos said most Web sites that have been hacked once become prime targets for future attacks. Some hackers have made a business out of their attacks, allowing companies to pay one another to attack the Web site of a competitor.

According to Web site risk management company White Hat Security, 63 percent of all Web sites have a high, critical or urgent security issue. On average, every Web site has an average of seven vulnerabilities. But Faloutsos said it only takes a single vulnerability on a Web site for it to be compromised.

The company has not begun any marketing efforts and has established only a handful of clients through word-of-mouth advertising. They plan to collaborate with other local companies that manage or host Web sites. They also want to create relationship with Web designers, to test out Web sites before they are launched to see how secure they are.

As for launching a business in the tough economy, Web security is something Faloutsos compares to health care. It's not something you can choose to do without. The company has been operating with funds provided by a National Science Foundation Small Business Innovation Research grant and is now working to establish a second round of funding.

"Security is not a one-shot thing, it is always evolving and you always have to innovate, learn new tricks to counter the ones the hackers come up with," Faloutsos said. "There are new domains we can expand into, different levels of security, but we don't want to deviate too much. We do something very specific and we're good at it."