TY  - INPR
ID  - SisLab2508
UR  - http://www.springer.com/series/8851
A1  - Le, Van Giap
A1  - Nguyen, Huu Tung
A1  - Pham, Duy Phuc
A1  - Nguyen, Ngoc Hoa
Y1  - 2017/11//
N2  - According to Internet Live Stats, it is evident that organizations and developers are underestimating security issues on their system. In this paper, we propose a protective and extensible solution for automatically detecting both the Web application vulnerabilities and malicious Web shells. Based on the original THAPS, we proposed E-THAPS which implemented a new detection mechanism, improved SQLi, XSS and vulnerable detection capabilities. For malicious Web shell detection, taint analysis and pattern matching methods are chosen to be main approaches. The broad experiment that we performed showed an outstanding result in comparison with other solutions for both detecting Web application vulnerabilities and malicious Web shells.
PB  - Springer
JF  - Transactions on Computational Collective Intelligence
SN  - 2190-9288
TI  - A hybrid solution for detecting malicious Web shells and Web application vulnerabilities
AV  - none
ER  -