本文已被:浏览 716次 下载 1389次
Received:October 27, 2020 Revised:December 02, 2020
Received:October 27, 2020 Revised:December 02, 2020
中文摘要: Webshell是一种隐蔽性较高的Web攻击工具, 其作用是获取服务器的操作权限. 在编写Webshell时, 攻击者通过一系列免杀技术来绕过防火墙, 这导致现有方法检测Webshell的效果不佳. 针对这一现状, 本文从文本分类的角度出发, 提出一种基于Bi-GRU的Webshell检测方法. 首先将网页脚本文件进行编译, 得到opcode指令; 然后, 通过word2vec算法将指令转换为特征向量; 最后, 使用多种深度学习模型进行训练, 以准确率、误报率、漏报率作为评估标准. 最终实验结果表明, Bi-GRU检测效果优于其他算法模型, 证明该算法是可行的.
Abstract:Webshell is a highly concealed tool for Web attack, which is used to obtain the operating authority of servers. When writing Webshell, the attacker uses a series of anti-virus techniques to bypass the firewall, which leads to ineffective Webshell detection by existing methods. In response to this situation, we propose a Bi-GRU-based Webshell detection method from the perspective of text classification. Firstly, this method compiles webpage script files to obtain the opcode instructions. Secondly, the instructions are converted to feature vectors by the Word2Vec algorithm. Finally, a variety of deep learning models are used for training with accuracy, false positive rate, and false negative rate as evaluation criteria. The experimental results confirm the feasibility of the Bi-GRU-based Webshell detection since it is better than other algorithm models.
keywords: Webshell RNN Bi-GRU malicious code network security
文章编号: 中图分类号: 文献标志码:
基金项目:
引用文本:
李帅刚,王全民.基于Bi-GRU的Webshell检测.计算机系统应用,2021,30(7):259-264
LI Shuai-Gang,WANG Quan-Min.Webshell Detection Based on Bi-GRU.COMPUTER SYSTEMS APPLICATIONS,2021,30(7):259-264
李帅刚,王全民.基于Bi-GRU的Webshell检测.计算机系统应用,2021,30(7):259-264
LI Shuai-Gang,WANG Quan-Min.Webshell Detection Based on Bi-GRU.COMPUTER SYSTEMS APPLICATIONS,2021,30(7):259-264
