Browse > Article
http://dx.doi.org/10.7472/jksii.2022.23.4.87

A study on machine learning-based defense system proposal through web shell collection and analysis  

Kim, Ki-hwan (Corporate Strategy Team, ETRI)
Shin, Yong-tae (Spartan SW Education Center, Soongsil University)
Publication Information
Journal of Internet Computing and Services / v.23, no.4, 2022 , pp. 87-94 More about this Journal
Abstract
Recently, with the development of information and communication infrastructure, the number of Internet access devices is rapidly increasing. Smartphones, laptops, computers, and even IoT devices are receiving information and communication services through Internet access. Since most of the device operating environment consists of web (WEB), it is vulnerable to web cyber attacks using web shells. When the web shell is uploaded to the web server, it is confirmed that the attack frequency is high because the control of the web server can be easily performed. As the damage caused by the web shell occurs a lot, each company is responding to attacks with various security devices such as intrusion prevention systems, firewalls, and web firewalls. In this case, it is difficult to detect, and in order to prevent and cope with web shell attacks due to these characteristics, it is difficult to respond only with the existing system and security software. Therefore, it is an automated defense system through the collection and analysis of web shells based on artificial intelligence machine learning that can cope with new cyber attacks such as detecting unknown web shells in advance by using artificial intelligence machine learning and deep learning techniques in existing security software. We would like to propose about. The machine learning-based web shell defense system model proposed in this paper quickly collects, analyzes, and detects malicious web shells, one of the cyberattacks on the web environment. I think it will be very helpful in designing and building a security system.
Keywords
Web service; WebShell attack; Machine learning; WebShell collection and analysis; Defense System;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Korea Internet & Security Agency, "Cyber Threat Trend Report(thefirsthalf2022)", accessed July.12, 2022. https://www.krcert.or.kr/data/reportView.do?bulletin_writing_sequence=66820
2 S.H Hong, "Study on defense countermeasures against Webshell attacks of the Industrial Information System", Journal of Industrial Convergence, Vol. 16, No. 4, 47-52, 2018. https://doi.org/10.22678/JIC.2018.16.4.047   DOI
3 K.H. Kim, "A Study on Detection Method of Malicious Code Based on Artificial Intelligence Machine Learning", ICONI, 2017.
4 C.R. Han, S.H Yun, M.J Han, I.G Lee., "Machine Learning-Based Malicious URL Detection Technique," Journal of the Korea Institute of Information Security & Cryptology, 32(3), 555-564, 2022.
5 K.H. Kim, S.S. Choi, Y.T Shin, "Development of artificial intelligence application of web shell collection and analysis system Trend Analysis", Korean Internet and Information Society, Vol. 19, No. 2, 2018.
6 J.B. Lee, "A Study on the improvement of countermeasures for webshell hacking", Dongguk University, 2019.
7 Gil Min-kwon, "Web Hacking Starts from 'Web Shell' ", dailysecu, 2011. https://www.dailysecu.com/news/articleView.html?idxno =15,2011.06.02.
8 O.Y. Han, "Artificial Intelligence Trend Research and Technology Trend Analysis in the Era of the 4th Industrial Revolution", Proceedings of the Korea Internet and Information Society, Vol. 18, No. 2, 2017.
9 J.U. Park, "Deep Learning-based Malicious Code Detection Using API Features", Graduate School of Konkuk University, 2017.
10 H.J Jung, H.Y. Ryu, "Deobfuscation Processing and DeepLearning-Based Detection Method for PowerShellBased Malware," Journal of the Korea Institute of Information Security& Cryptology, 32(3), 501-511, 2022
11 Jaehong Yoo, "A Study on the Improvement of Website Security Vulnerabilities", Domestic Master's Dankook University, 2021.
12 Cisco Visual Networking Index 2017-2022 Outlook and Trends", 2018. https://www.cisco.com/c/dam/global/ko_kr/solutions/service-provider/visual-networking-index-vni/pdfs/white-paper-c11-741490-kr.pdf
13 K. A. Kim, "A Study on Design of Improved Security Vulnerability of Web Application", Hanbat University GraduateSchoolofInformationand Communication, 2016.
14 U. Chung, J.S. Moon, "Study on security requirements for the web based operation system of a shipping company", Journal of Korean Society for Internet Information, vol. 23, no. 1, p. 49-68, 2022. https://doi.org/10.7472/jksii.2022.23.1.49   DOI
15 Kihwan Kim, Lee DongGeun, Hyoung Yi, Yongtae Shin, "A Study on Sliding Window based Machine Learning for Web Shell Detection," Proceedings of the Korean Society of Computer Information Conference, 27(2), 121-122, 2019. https://koreascience.kr/article/CFKO201920461758039.page