• Journal of Internet Computing and Services
• /
• v.23 no.4
• /
• pp.87-94
• /
• 2022

Recently, with the development of information and communication infrastructure, the number of Internet access devices is rapidly increasing. Smartphones, laptops, computers, and even IoT devices are receiving information and communication services through Internet access. Since most of the device operating environment consists of web (WEB), it is vulnerable to web cyber attacks using web shells. When the web shell is uploaded to the web server, it is confirmed that the attack frequency is high because the control of the web server can be easily performed. As the damage caused by the web shell occurs a lot, each company is responding to attacks with various security devices such as intrusion prevention systems, firewalls, and web firewalls. In this case, it is difficult to detect, and in order to prevent and cope with web shell attacks due to these characteristics, it is difficult to respond only with the existing system and security software. Therefore, it is an automated defense system through the collection and analysis of web shells based on artificial intelligence machine learning that can cope with new cyber attacks such as detecting unknown web shells in advance by using artificial intelligence machine learning and deep learning techniques in existing security software. We would like to propose about. The machine learning-based web shell defense system model proposed in this paper quickly collects, analyzes, and detects malicious web shells, one of the cyberattacks on the web environment. I think it will be very helpful in designing and building a security system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.303-306
• /
• 2010

Personal information being leaked, and personal assets that through a malicious web site for hackers to exploit. Other confidential information via the web site of the country, and your personal information by illegally accessing the data has been obtained who Hacker forces are operating in some countries. Due to the problem of web site management has many vulnerabilities that web sites, as well as programs. In this paper, in the trend world, as well as domestic XSS, SQL Injection, Web Shell analysis of the vulnerability to attacks and XSS, SQL Injection, Web Shell is a direct attack to attack. Security measures are presented what after the attack demonstrated the hack to data collection, analysis. In this study, web site management, web site security and safety can be improved and research will contribute.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2024.01a
• /
• pp.49-50
• /
• 2024

본 논문에서는 웹쉘 악성코드를 정확하게 분류하고, 빠른시간안에 자동으로 웹쉘 분류 및 분석을 통하여 웹쉘을 탐지하기 위하여 인공지능 머신러닝 기반의 Supervised AI ML 및 Classification 알고리즘을 적용하여 빠른 시간안에 분류, 정확한 분석을 통하여 자동화된 탐지시스템인 MWSDS를 제안하고 웹쉘 실험 데이터를 통하여 실증하였다. 본제안의 경우 웹쉘악성코드 공격에 대한 대응뿐만아니라 관리적인 정보보호 체계수립을 통하여 보다 효과적이며, 지속적으로 대응할 수 있을 것으로 전망된다.