A Solution for Automatically Malicious Web Shell and Web Application Vulnerability Detection

Capítulo de livro Revisado por pares

A Solution for Automatically Malicious Web Shell and Web Application Vulnerability Detection

2016; Springer Science+Business Media; Linguagem: Inglês

10.1007/978-3-319-45243-2_34

ISSN

1611-3349

Autores

Van-Giap Le, Huu-Tung Nguyen, Dang-Nhac Lu, Hoa N. Nguyen,

Tópico(s)

Spam and Phishing Detection

Resumo

According to Internet Live Stats, it is evident that organizations and developers are underestimating security issues on their system. In this paper, we propose a protective and extensible solution for automatically detecting both the Web application vulnerabilities and malicious Web shells. Based on the original THAPS, we proposed E-THAPS that has a new detecting mechanism, improved SQLi, XSS and vulnerable functions detecting capabilities. For malicious Web shell detection, taint analysis and pattern matching methods are selected as the main approach. The broad experiment that we performed showed our outstanding results in comparison with other solutions for detecting the Web application vulnerabilities and malicious Web shells.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

A Solution for Automatically Malicious Web Shell and Web Application Vulnerability Detection