eprintid: 4645
rev_number: 10
eprint_status: archive
userid: 321
dir: disk0/00/00/46/45
datestamp: 2021-12-10 01:12:16
lastmod: 2021-12-10 01:12:16
status_changed: 2021-12-10 01:12:16
type: article
metadata_visibility: show
creators_name: Le, Viet Ha
creators_name: Du, Phuong Hanh
creators_name: Nguyen, Ngoc Cuong
creators_name: Nguyen, Ngoc Hoa
creators_name: Hoang, Viet Long
creators_id: levietha@chinhphu.vn
creators_id: hanhdp@vnu.edu.vn
creators_id: cuongnn.hvan@gmail.com
creators_id: hoa.nguyen@vnu.edu.vn
creators_id: longhv08@gmail.com
title: A Proactive Method of the Webshell Detection and Prevention based on Deep Traffic Analysis
ispublished: inpress
subjects: Scopus
subjects: isi
divisions: fac_fit
abstract: The popularity of today's web application has led to web servers are frequently objects to injecting webshell attacks. In this paper, we propose a new deep inspection method, namely DLWD, to detect in real-time and proactively prevent webshell attacks. DLWSD is composed of both signature-based and DNN deep learning-based detection. Moreover, to avoid bottlenecks, DLWSD built-in DeepInspector inspects in real-time the large-scale traffic flows with a strategy of periodic sampling at a defined frequency and interval for only flows that do not satisfy any signature. DeepInspector can create/update rules from webshell attacking alert results to prevent in future. We also proposed a mechanism using the cross-entropy loss function to regulate the training imbalanced dataset. Our experiments allow validating the performance of DLWSD using a popular dataset CSE-CIC-IDS2018 with the metrics (Accuracy, F1-score, FPR) of (99.99%, 99.98%, 0.01%) respectively. It is also better compared with other studies using the same dataset.
date: 2021
publisher: InderScience
official_url: https://www.inderscience.com/jhome.php?jcode=ijwgs
full_text_status: none
publication: International Journal of Web and Grid Services
refereed: FALSE
issn: 1741-1114
citation:   Le, Viet Ha and Du, Phuong Hanh and Nguyen, Ngoc Cuong and Nguyen, Ngoc Hoa and Hoang, Viet Long  (2021) A Proactive Method of the Webshell Detection and Prevention based on Deep Traffic Analysis.  International Journal of Web and Grid Services .    ISSN 1741-1114    (In Press)