eprintid: 3375
rev_number: 5
eprint_status: archive
userid: 321
dir: disk0/00/00/33/75
datestamp: 2018-12-25 11:03:22
lastmod: 2018-12-25 11:03:22
status_changed: 2018-12-25 11:03:22
type: article
succeeds: 2508
metadata_visibility: show
creators_name: Le, Van Giap
creators_name: Nguyen, Huu Tung
creators_name: Pham, Duy Phuc
creators_name: Nguyen, Ngoc Hoa
creators_id: giaplvk57@gmail.com
creators_id: htung.nht@gmail.com
creators_id: duyphuc@vnu.edu.vn
creators_id: hoa.nguyen@vnu.edu.vn
title: GuruWS: A Hybrid Platform for Detecting Malicious Web Shells and Web Application Vulnerabilities
ispublished: pub
subjects: IT
subjects: Scopus
subjects: isi
divisions: fac_fit
abstract: Web application/service is now omnipresent but its security risks, such as malware and vulnerabilities, are indeed underestimated. In this paper, we propose a protective, extensible and hybrid platform, named GuruWS, for automatically detecting both web application vulnerabilities and malicious web shells. Based on the original PHP vulnerability scanner THAPS, we propose E-THAPS which implements a novel detection mechanism, an improved SQL injection, Cross-site Scripting and vulnerability detection capabilities. For malicious web shell detection, taint analysis and pattern matching methods are chosen to be implemented in GuruWS. A number of extensive experiments are carried out to prove the outstanding performance of our proposed platform in comparison with several existing solutions in detecting either web application vulnerabilities or malicious web shells.
date: 2018-12-19
date_type: published
publisher: Springer
official_url: https://link.springer.com/chapter/10.1007/978-3-662-58611-2_5
id_number: 10.1007/978-3-662-58611-2_5
full_text_status: none
publication: Transactions on Computational Collective Intelligence
volume: 11370
number: XXXII
pagerange: 182-208
refereed: FALSE
issn: 2190-9288
citation:   Le, Van Giap and Nguyen, Huu Tung and Pham, Duy Phuc and Nguyen, Ngoc Hoa  (2018) GuruWS: A Hybrid Platform for Detecting Malicious Web Shells and Web Application Vulnerabilities.  Transactions on Computational Collective Intelligence, 11370  (XXXII).   pp. 182-208.  ISSN 2190-9288