Skip to main content
SpringerLink
Log in

A Webshell Detection Technology Based on HTTP Traffic Analysis

  • Conference paper
  • First Online:
Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS 2018)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 773))

Abstract

Webshell is a common backdoor program of web applications. After an attacker uploads Webshell successfully by using a vulnerability. Attacker can get a command execution environment to control the web server by access Webshell. In this paper, an attack detection technology based on SVM algorithm is proposed by analyzing the network traffic of attackers accessing Webshell. This technology realizes the detection of Webshell attack traffic in HTTP traffic by means of the method of supervised machine learning model. And this technology achieves high accuracy and recall rate. After detecting abnormal traffic, the system can locate the Webshell according to traffic information. And eliminate the backdoor in time to ensuring the security and stability of the web server. So it also can help to monitor the trend of intrusion and network security.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Duan, L.H., Zhang, Z.F., Chen, et al.: Survey of web backdoor detection and protection. Institute of Computer Science and Technology of Peking University, pp. 893–899 (2014)

    Google Scholar 

  2. Jian, K., Ma, D., et al.: Research on Webshell detection method based on decision tree. Netw. New Media Technol. 6, 15–19 (2012). https://doi.org/10.3969/j.issn.2095-347X.2012.06.004

    Article  Google Scholar 

  3. Biwei, H.: Research on Webshell detection method based on Bayesian theory. Sci. Technol. Square 6, 66–70 (2016). https://doi.org/10.3969/j.issn.1671-4792.2016.06.016

    Article  Google Scholar 

  4. Chen, J.-X.: A Method for Detecting Webshell on Windows Platform, pp. 533–535 (2011)

    Google Scholar 

  5. Du, H., Fang, Y.: PHP real time dynamic detection of Webshell. Netw. Secur. Technol. Appl. 12, 120–121, 125 (2014). https://doi.org/10.3969/j.issn.1009-6833.2014.12.074.4. Michalewi

  6. Tu, R.D., Guang, C., Xiaojun, G., et al.: Webshell detection techniques in web applications, pp. 1–7. School of Computer Science & Engineering, Southeast University, Nanjing, China (2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, China

    Wenchuan Yang

  2. Nation Engineering Laboratory for Mobile Network Security, Beijing University of Post and Telecommunications, Beijing, China

    Bang Sun & Baojiang Cui

Authors
  1. Wenchuan Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bang Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Baojiang Cui
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bang Sun .

Editor information

Editors and Affiliations

  1. Department of Information and Communication Engineering, Fukuoka Institute of Technology, Fukuoka, Japan

    Leonard Barolli

  2. Technical University of Catalonia, Barcelona, Spain

    Fatos Xhafa

  3. Department of Computer Science, COMSATS Institute of Information Technology, Islamabad, Pakistan

    Nadeem Javaid

  4. Rissho University, Tokyo, Japan

    Tomoya Enokido

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Yang, W., Sun, B., Cui, B. (2019). A Webshell Detection Technology Based on HTTP Traffic Analysis. In: Barolli, L., Xhafa, F., Javaid, N., Enokido, T. (eds) Innovative Mobile and Internet Services in Ubiquitous Computing. IMIS 2018. Advances in Intelligent Systems and Computing, vol 773. Springer, Cham. https://doi.org/10.1007/978-3-319-93554-6_31

Download citation

Publish with us

Policies and ethics

Search

Navigation