Go to DBLP homepageMultidimensional Webshell Detection Method Based on Deep Learning
Abstract: Webshell is a kind of web backdoor. Aiming at the problems of weak universality and easy to be bypassed in current Webshell detection, this paper proposes a multidimensional detection method of Webshell based on deep learning, and expounds the key technologies of its implementation. This method detects Webshell from different dimensions such as traffic, log and page. For the unencrypted traffic, Extracting the feature fields in the HTTP(HyperText Transfer Protocol) message from the unencrypted traffic data, use the BERT(Bi-directional Encoder Representations from Transformers) model to generate word vectors, and use the trained convolutional neural network model for predict. For the encrypted traffic, Extract log information and page relevance and other information for comprehensive modeling analysis. This method can solve the problem of escape detection after encryption confusion of Webshell. Thus facilitating the discovery of unknown Webshell.
Loading