Session-Based Webshell Detection Using Machine Learning in Web Logs
المؤلفون المشاركون
Huang, Cheng
Wu, Yixin
Sun, Yuqiang
Jia, Peng
Liu, Luping
المصدر
Security and Communication Networks
العدد
المجلد 2019، العدد 2019 (31 ديسمبر/كانون الأول 2019)، ص ص. 1-11، 11ص.
الناشر
Hindawi Publishing Corporation
تاريخ النشر
2019-11-22
دولة النشر
مصر
عدد الصفحات
11
التخصصات الرئيسية
تكنولوجيا المعلومات وعلم الحاسوب
الملخص EN
Attackers upload webshell into a web server to achieve the purpose of stealing data, launching a DDoS attack, modifying files with malicious intentions, etc.
Once these objects are accomplished, it will bring huge losses to website managers.
With the gradual development of encryption and confusion technology, the most common detection approach using taint analysis and feature matching might become less useful.
Instead of applying source file codes, POST contents, or all received traffic, this paper demonstrated an intelligent and efficient framework that employs precise sessions derived from the web logs to detect webshell communication.
Features were extracted from the raw sequence data in web logs while a statistical method based on time interval was proposed to identify sessions specifically.
Besides, the paper leveraged long short-term memory and hidden Markov model to constitute the framework, respectively.
Finally, the framework was evaluated with real data.
The experiment shows that the LSTM-based model can achieve a higher accuracy rate of 95.97% with a recall rate of 96.15%, which has a much better performance than the HMM-based model.
Moreover, the experiment demonstrated the high efficiency of the proposed approach in terms of the quick detection without source code, especially when it only considers detecting for a period of time, as it takes 98.5% less time than the cited related approach to get the result.
As long as the webshell behavior is detected, we can pinpoint the anomaly session and utilize the statistical method to find the webshell file accurately.
نمط استشهاد جمعية علماء النفس الأمريكية (APA)
Wu, Yixin& Sun, Yuqiang& Huang, Cheng& Jia, Peng& Liu, Luping. 2019. Session-Based Webshell Detection Using Machine Learning in Web Logs. Security and Communication Networks،Vol. 2019, no. 2019, pp.1-11.
https://search.emarefa.net/detail/BIM-1210360
نمط استشهاد الجمعية الأمريكية للغات الحديثة (MLA)
Wu, Yixin…[et al.]. Session-Based Webshell Detection Using Machine Learning in Web Logs. Security and Communication Networks No. 2019 (2019), pp.1-11.
https://search.emarefa.net/detail/BIM-1210360
نمط استشهاد الجمعية الطبية الأمريكية (AMA)
Wu, Yixin& Sun, Yuqiang& Huang, Cheng& Jia, Peng& Liu, Luping. Session-Based Webshell Detection Using Machine Learning in Web Logs. Security and Communication Networks. 2019. Vol. 2019, no. 2019, pp.1-11.
https://search.emarefa.net/detail/BIM-1210360
نوع البيانات
مقالات
لغة النص
الإنجليزية
الملاحظات
Includes bibliographical references
رقم السجل
BIM-1210360
قاعدة معامل التأثير والاستشهادات المرجعية العربي "ارسيف Arcif"
أضخم قاعدة بيانات عربية للاستشهادات المرجعية للمجلات العلمية المحكمة الصادرة في العالم العربي
تقوم هذه الخدمة بالتحقق من التشابه أو الانتحال في الأبحاث والمقالات العلمية والأطروحات الجامعية والكتب والأبحاث باللغة العربية، وتحديد درجة التشابه أو أصالة الأعمال البحثية وحماية ملكيتها الفكرية. تعرف اكثر