A Solution for Automatically Malicious Web Shell and Web Application Vulnerability Detection
According to Internet Live Stats, it is evident that organizations and developers are underestimating security issues on their system. In this paper, we propose a protective and extensible solution for automatically detecting both the Web application vulnerabilities and malicious Web shells. Based o...
Saved in:
Published in | Computational Collective Intelligence pp. 367 - 378 |
---|---|
Main Authors | , , , |
Format | Book Chapter |
Language | English |
Published |
Cham
Springer International Publishing
|
Series | Lecture Notes in Computer Science |
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | According to Internet Live Stats, it is evident that organizations and developers are underestimating security issues on their system. In this paper, we propose a protective and extensible solution for automatically detecting both the Web application vulnerabilities and malicious Web shells. Based on the original THAPS, we proposed E-THAPS that has a new detecting mechanism, improved SQLi, XSS and vulnerable functions detecting capabilities. For malicious Web shell detection, taint analysis and pattern matching methods are selected as the main approach. The broad experiment that we performed showed our outstanding results in comparison with other solutions for detecting the Web application vulnerabilities and malicious Web shells. |
---|---|
ISBN: | 9783319452425 3319452428 |
ISSN: | 0302-9743 1611-3349 |
DOI: | 10.1007/978-3-319-45243-2_34 |