eprintid: 2508
rev_number: 6
eprint_status: archive
userid: 321
dir: disk0/00/00/25/08
datestamp: 2017-06-14 08:27:13
lastmod: 2017-06-14 08:27:13
status_changed: 2017-06-14 08:27:13
type: article
metadata_visibility: no_search
creators_name: Le, Van Giap
creators_name: Nguyen, Huu Tung
creators_name: Pham, Duy Phuc
creators_name: Nguyen, Ngoc Hoa
creators_id: giaplvk57@gmail.com
creators_id: htung.nht@gmail.com
creators_id: duyphuc@vnu.edu.vn
creators_id: hoa.nguyen@vnu.edu.vn
title: A hybrid solution for detecting malicious Web shells and Web application vulnerabilities
ispublished: inpress
subjects: IT
subjects: isi
divisions: fac_fit
abstract: According to Internet Live Stats, it is evident that organizations and developers are underestimating security issues on their system. In this paper, we propose a protective and extensible solution for automatically detecting both the Web application vulnerabilities and malicious Web shells. Based on the original THAPS, we proposed E-THAPS which implemented a new detection mechanism, improved SQLi, XSS and vulnerable detection capabilities. For malicious Web shell detection, taint analysis and pattern matching methods are chosen to be main approaches. The broad experiment that we performed showed an outstanding result in comparison with other solutions for both detecting Web application vulnerabilities and malicious Web shells.
date: 2017-11
date_type: completed
publisher: Springer
official_url: http://www.springer.com/series/8851
id_number: TCCI-S-17-00019
full_text_status: none
publication: Transactions on Computational Collective Intelligence
refereed: FALSE
issn: 2190-9288
citation:   Le, Van Giap and Nguyen, Huu Tung and Pham, Duy Phuc and Nguyen, Ngoc Hoa  (2017) A hybrid solution for detecting malicious Web shells and Web application vulnerabilities.  Transactions on Computational Collective Intelligence .    ISSN 2190-9288    (In Press)