• Title/Summary/Keyword: 웹쉘공격

Search Result 6, Processing Time 0.019 seconds

Study on defense countermeasures against Webshell attacks of the Industrial Information System (산업정보시스템의 웹쉘공격에 대한 방어 대응책 연구)

  • Hong, Sunghyuck
    • Journal of Industrial Convergence
    • /
    • v.16 no.4
    • /
    • pp.47-52
    • /
    • 2018

  • WebShell is a web script file created by a hacker to remotely commands to a web server. The hacker can bypass the security system using the web shell, access the system, control the system such as file modification, copying and deletion, install malicious code in the web source code, attack the user's PC, And so on. There are many types of WebShell attack, but we study about attacks on PHP and JSP based web server which are used as representative ones. And we propose the method of web page management, method of development, and several other methods. By using these countermeasures, it is possible to effectively prevent damage caused by WebShell attacks.

  • https://doi.org/10.22678/JIC.2018.16.4.047 인용 PDF

A study on machine learning-based defense system proposal through web shell collection and analysis (웹쉘 수집 및 분석을 통한 머신러닝기반 방어시스템 제안 연구)

  • Kim, Ki-hwan;Shin, Yong-tae
    • Journal of Internet Computing and Services
    • /
    • v.23 no.4
    • /
    • pp.87-94
    • /
    • 2022

  • Recently, with the development of information and communication infrastructure, the number of Internet access devices is rapidly increasing. Smartphones, laptops, computers, and even IoT devices are receiving information and communication services through Internet access. Since most of the device operating environment consists of web (WEB), it is vulnerable to web cyber attacks using web shells. When the web shell is uploaded to the web server, it is confirmed that the attack frequency is high because the control of the web server can be easily performed. As the damage caused by the web shell occurs a lot, each company is responding to attacks with various security devices such as intrusion prevention systems, firewalls, and web firewalls. In this case, it is difficult to detect, and in order to prevent and cope with web shell attacks due to these characteristics, it is difficult to respond only with the existing system and security software. Therefore, it is an automated defense system through the collection and analysis of web shells based on artificial intelligence machine learning that can cope with new cyber attacks such as detecting unknown web shells in advance by using artificial intelligence machine learning and deep learning techniques in existing security software. We would like to propose about. The machine learning-based web shell defense system model proposed in this paper quickly collects, analyzes, and detects malicious web shells, one of the cyberattacks on the web environment. I think it will be very helpful in designing and building a security system.

  • https://doi.org/10.7472/jksii.2022.23.4.87 인용 PDF KSCI HTML

Proposal and empirical study of web shell detection system (MWSDS) applying machine learning-based supervised learning and classification (머신러닝기반의 지도학습과 분류 알고리즘을 적용한 웹쉘 탐지시스템(MWSDS)제안 연구)

  • Ki-hwan Kim;Sangdo Lee;Yongtae Shin
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • 2024.01a
    • /
    • pp.49-50
    • /
    • 2024

  • 본 논문에서는 웹쉘 악성코드를 정확하게 분류하고, 빠른시간안에 자동으로 웹쉘 분류 및 분석을 통하여 웹쉘을 탐지하기 위하여 인공지능 머신러닝 기반의 Supervised AI ML 및 Classification 알고리즘을 적용하여 빠른 시간안에 분류, 정확한 분석을 통하여 자동화된 탐지시스템인 MWSDS를 제안하고 웹쉘 실험 데이터를 통하여 실증하였다. 본제안의 경우 웹쉘악성코드 공격에 대한 대응뿐만아니라 관리적인 정보보호 체계수립을 통하여 보다 효과적이며, 지속적으로 대응할 수 있을 것으로 전망된다.

  • PDF

A Study on Sliding Window based Machine Learning for Web Shell Detection (슬라이딩윈도우 기반 머신러닝을 활용한 웹쉘탐지 방안 연구)

  • Kim, Kihwan;Lee, DongGeun;Yi, Hyoung;Shin, Yongtae
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • 2019.07a
    • /
    • pp.121-122
    • /
    • 2019

  • 본 논문에서는 웹쉘을 탐지하기 위한 방법 중 하나로 슬라이딩윈도우 기반 머신러닝을 활용하는 방안을 제안하고자 한다. 웹 공격에 많이 활용되는 웹쉘의 탐지를 위하여 제안하는 슬라이딩윈도우 기반의 탐지 기법은 시간이 지남에 따라 발전해가는 웹쉘 탐지 우회 기술에 대응하여 보다 정확한 탐지를 제공하는 기술이며, 이를 기반으로 웹쉘의 다양한 변종 또한 탐지할 수 있다. 본제안의 경우 코드의 부분별 위험도를 측정 및 제공하여 보다 효과적으로 대응할 수 있을 것으로 전망된다.

  • PDF

A Design of Secure Coding Program and Web Shell Linkage System (시큐어코딩 프로그램 웹쉘 연동 시스템 설계)

  • Kim, Minjin;Song, Seokhwa;Kim, Mansik;Kang, Jungho;Jun, Moon-Soeg
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2016.10a
    • /
    • pp.290-292
    • /
    • 2016

  • 시큐어 코딩은 2014년부터 행정자치부에서 법제화되어 의무사용이 이뤄지고 있다. 기존 소프트웨어 시장의 성장과 함께 여러 해킹방법도 고도화됨에 따라 근본적인 설계 및 코딩단계에서의 취약점 보완 필요성이 제시 되었다. 특히 웹쉘 공격은 해킹당하는 웹 페이지의 대부분이 해당 공격으로 피해를 받고 있으며, 위장하여 침투하기 때문에 백신으로 인한 검출도 어렵다. 따라서 본 논문에서는 시큐어코딩 프로그램을 웹쉘과 연동하여 취약점 분석하는 시스템을 제안하고 동작 과정에서 웹쉘 분석 후 생성되는 파일리스트를 확인해 보았다. 이것은 각 파일을 동기화하고 이후 운영과정에서도 변경되는 소스코드들을 반영하기 때문에 웹쉘로부터 웹 페이지를 효과적으로 방어할 수 있을 것으로 기대된다.

  • https://doi.org/10.3745/PKIPS.y2016m10a.290 인용 PDF

An Efficient Detecting Scheme of Web-based Attacks through Monitoring HTTP Outbound Traffics (HTTP Outbound Traffic 감시를 통한 웹 공격의 효율적 탐지 기법)

  • Choi, Byung-Ha;Choi, Sung-Kyo;Cho, Kyung-San
    • Journal of the Korea Society of Computer and Information
    • /
    • v.16 no.1
    • /
    • pp.125-132
    • /
    • 2011

  • A hierarchical Web Security System, which is a solution to various web-based attacks, seemingly is not able to keep up with the improvement of detoured or compound attacks. In this paper, we suggest an efficient detecting scheme for web-based attacks like Malware, XSS, Creating Webshell, URL Spoofing, and Exposing Private Information through monitoring HTTP outbound traffics in real time. Our proposed scheme detects web-based attacks by comparing the outbound traffics with the signatures of HTML tag or Javascript created by the attacks. Through the verification analysis under the real-attacked environment, we show that our scheme installed in a hierarchical web security system has superior detection capability for detoured web-based attacks.

  • https://doi.org/10.9708/jksci.2011.16.1.125 인용 PDF KSCI