Zhao et al., 2020 - Google Patents
Wsld: detecting unknown webshell using fuzzy matching and deep learningZhao et al., 2020
- Document ID
- 15700857710106625737
- Author
- Zhao Z
- Liu Q
- Song T
- Wang Z
- Wu X
- Publication year
- Publication venue
- Information and Communications Security: 21st International Conference, ICICS 2019, Beijing, China, December 15–17, 2019, Revised Selected Papers 21
External Links
Snippet
Web applications have become one of the most common targets for attackers to exploit vulnerabilities in recent years. After successfully attacking the webserver, hackers upload webshell to maintain long-term and secret access to the server. Nowadays, webshell written …
- 238000001514 detection method 0 abstract description 117
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/36—Image preprocessing, i.e. processing the image information without deciding about the identity of the image
- G06K9/46—Extraction of features or characteristics of the image
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/62—Methods or arrangements for recognition using electronic means
- G06K9/6217—Design or setup of recognition systems and techniques; Extraction of features in feature space; Clustering techniques; Blind source separation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/62—Methods or arrangements for recognition using electronic means
- G06K9/68—Methods or arrangements for recognition using electronic means using sequential comparisons of the image signals with a plurality of references in which the sequence of the image signals or the references is relevant, e.g. addressable memory
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Ren et al. | CSKG4APT: A cybersecurity knowledge graph for advanced persistent threat organization attribution | |
| Fang et al. | FastEmbed: Predicting vulnerability exploitation possibility based on ensemble machine learning algorithm | |
| Chowdhury et al. | Malware analysis and detection using data mining and machine learning classification | |
| Vinayakumar et al. | Evaluating deep learning approaches to characterize and classify malicious URL’s | |
| Tian et al. | CNN-webshell: malicious web shell detection with convolutional neural network | |
| Zhang et al. | Webshell traffic detection with character-level features based on deep learning | |
| Hussain et al. | Malware detection using machine learning algorithms for windows platform | |
| Mimura et al. | Towards efficient detection of malicious VBA macros with LSI | |
| Pan et al. | Webshell detection based on executable data characteristics of php code | |
| Qiu et al. | Predicting the impact of android malicious samples via machine learning | |
| Gonzalez et al. | Authorship attribution of android apps | |
| Zhao et al. | Wsld: detecting unknown webshell using fuzzy matching and deep learning | |
| Rafiq et al. | AndroMalPack: enhancing the ML-based malware classification by detection and removal of repacked apps for Android systems | |
| Kristiansen et al. | Cti-twitter: Gathering cyber threat intelligence from twitter using integrated supervised and unsupervised learning | |
| Mehta et al. | SQLIML: A comprehensive analysis for SQL injection detection using multiple supervised and unsupervised learning schemes | |
| Si et al. | Malware detection using automated generation of yara rules on dynamic features | |
| Liu et al. | A new method for webshell detection based on bidirectional gru and attention mechanism | |
| Sun et al. | A matrix decomposition based webshell detection method | |
| Fang et al. | Pbdt: Python backdoor detection model based on combined features | |
| Angadi et al. | Malicious URL detection using machine learning techniques | |
| Pei et al. | Combining multi-features with a neural joint model for Android malware detection | |
| Rayyan et al. | Uniform resource locator classification using classical machine learning & deep learning techniques | |
| Oudah et al. | SQL injection detection using machine learning with different TF-IDF feature extraction approaches | |
| Gupta et al. | Blockchain based detection of android malware using ranked permissions | |
| Liu et al. | A Markov detection tree-based centralized scheme to automatically identify malicious webpages on cloud platforms |