VNU-UET Repository

An Efficient Hybrid Webshell Detection Method for Webserver of Marine Transportation Systems

Le, Viet Ha and Nguyen, Ngoc Tu and Nguyen, Ngoc Hoa and Le, Linh (2021) An Efficient Hybrid Webshell Detection Method for Webserver of Marine Transportation Systems. IEEE Transactions on Intelligent Transportation Systems . ISSN 1524-9050

This is the latest version of this item.

Full text not available from this repository.

Abstract

An increase in the number of Maritime Intelligent Transport Systems (MITSs) also means an increase in the number of information security risks. Usually, the administration and operation of MITSs are done through web servers that are frequently targeted by hackers. In marine transportation industry, malicious code injection attacks (webshell) has been widely exploited by hackers to take full control of Web servers. Traditional webshell detection methods based on pattern matching that are no longer effective against new types of webshell. This motivates us to investigate the problem of detecting obfuscation or unknown webshells, termed OUW problem. In this work, we propose a pattern-matching-deep-learning hybrid ASP.NET webshell detection method (H-DLPMWD) to address the OUW problem. H-DLPMWD is based on Yara-based pattern matching to clean dataset; modeling ASP.NET code files as an operation code index (OCI) vectors; and applying CNN method to train and predict webshell in OCI vectors. To validate H-DLPMWD, our rigorous experimentation demonstrates that H-DLPMWD achieves an excellent accuracy of 98.49%, F1-score of 99.01%, and a low false positive rate of 1.75%.

Item Type: Article
Subjects: Scopus-indexed journals
ISI-indexed journals
Divisions: Faculty of Information Technology (FIT)
Depositing User: Assoc.Prof Hoá NGUYỄN Ngọc
Date Deposited: 16 Nov 2021 04:36
Last Modified: 16 Nov 2021 04:36
URI: http://eprints.uet.vnu.edu.vn/eprints/id/eprint/4644

Available Versions of this Item

Actions (login required)

View Item View Item
EPrints Logo
VNU-UET Repository is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.