The invention discloses a method and a system for detecting a hostile attack on an Internet information system. The method comprises the following steps: A, regularly crawling and saving the content of an Internet web page; B, conducting a Trojan detection analysis, a sensitive word detection analysis, a sensitive image detection analysis, a directory change detection analysis, a host information audit detection analysis, a broken link/wrong link detection analysis, a page change detection analysis and/or log collection detection analysis to the crawled content of the Internet web page according to a predefined rule; and C, according to the results of the detection analyses, generating corresponding detection reports, and outputting and displaying the detection reports. The method for detecting the hostile attack on the Internet information system has the advantages that the detection is comprehensive, the defection safety is increased, the workload is reduced, the human cost is reduced, and the method provides convenience for users.