Next Article in Journal
Twitter-Based Safety Confirmation System for Disaster Situations
Previous Article in Journal
Long-Range Wireless Radio Technologies: A Survey
Open AccessArticle

Mitigating Webshell Attacks through Machine Learning Techniques

School of Computing Science and Engineering, Xi’an Technological University, Xi’an 710021, China
School of Computing, Engineering and Physical Sciences, University of the West of Scotland, High Street, Paisley PA1 2BE, UK
Author to whom correspondence should be addressed.
Future Internet 2020, 12(1), 12;
Received: 10 December 2019 / Revised: 24 December 2019 / Accepted: 2 January 2020 / Published: 14 January 2020
(This article belongs to the Special Issue Security and Privacy in Social Networks and Solutions)
A webshell is a command execution environment in the form of web pages. It is often used by attackers as a backdoor tool for web server operations. Accurately detecting webshells is of great significance to web server protection. Most security products detect webshells based on feature-matching methods—matching input scripts against pre-built malicious code collections. The feature-matching method has a low detection rate for obfuscated webshells. However, with the help of machine learning algorithms, webshells can be detected more efficiently and accurately. In this paper, we propose a new PHP webshell detection model, the NB-Opcode (naïve Bayes and opcode sequence) model, which is a combination of naïve Bayes classifiers and opcode sequences. Through experiments and analysis on a large number of samples, the experimental results show that the proposed method could effectively detect a range of webshells. Compared with the traditional webshell detection methods, this method improves the efficiency and accuracy of webshell detection. View Full-Text
Keywords: webshell attacks; machine learning; naïve Bayes; opcode sequence webshell attacks; machine learning; naïve Bayes; opcode sequence
Show Figures

Figure 1

MDPI and ACS Style

Guo, Y.; Marco-Gisbert, H.; Keir, P. Mitigating Webshell Attacks through Machine Learning Techniques. Future Internet 2020, 12, 12.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

Back to TopTop