|
[1] Netcraft, “February 2024 Web Server Survey,” Available at: https://www.netcraft.com/blog/february-2024-web-server-survey/. (Accessed 23 Apr., 2024). [2] M. Jangjou and M.K. Sohrabi, "A Comprehensive Survey on Security Challenges in Different Network Layers in Cloud Computing," Arch Computat Methods Eng, vol. 29, pp. 3587–3608, (2022). [3] Acunetix, “Spring 2021 Edition: Acunetix Web Vulnerability Report”. Available at: https://www.acunetix.com/white-papers/acunetix-web-application-vulnerability-report-2021/. (Accessed 23 Apr., 2024). [4] Microsoft, “Web shell attacks continue to rise”. Available at: https://www.microsoft.com/en-us/security/blog/2021/02/11/web-shell-attacks-continue-to-rise/. (Accessed 23 Apr., 2024). [5] CISA, “Malware Analysis Report”. Available at: https://www.cisa.gov/sites/default/files/2023-06/mar-10365227.r3.v1.clear_.pdf. (Accessed 23 Apr., 2024). [6] Kaspersky, “PHP language source code compromise attempt”. Available at: https://www.kaspersky.com/blog/php-git-backdor/39191/. (Accessed 23 Apr., 2024). [7] W. Yang, B. Sun, and B. Cui, “A Webshell Detection Technology Based on HTTP Traffic Analysis,” Innovative Mobile and Internet Services in Ubiquitous Computing, pp.336-342. Springer (2019). [8] H.V. Le, H.V. Vo, T.N. Nguyen, H.N. Nguyen, and, H.T. Du, “Towards a Webshell Detection Approach Using Rule-Based and Deep HTTP Traffic Analysis,” Computational Collective Intelligence, pp.571-584. Springer (2022). [9] W. Kang, S. Zhong, K. Chen, J. Lai, and G. Xu, “RF-AdaCost: WebShell Detection Method that Combines Statistical Features and Opcode,” Frontiers in Cyber Security, pp.667-682. Springer (2020). [10] Z. Pan, Y. Chen, Y. Chen, Y. Shen, and X. Guo, “Webshell detection based on executable data characteristics of PHP code,” Wireless Communications and Mobile Computing, vol. 2021, no. 12, article 5533963. (2021). [11] N.-H. Nguyen, V.-H. Le, V.-O. Phung, and P.-H. Du, “Toward a Deep Learning Approach for Detecting PHP Webshell,” in Proceedings of the 10th International Symposium on Information and Communication Technology (SoICT '19), Pages 514–521, December 2019. ACM Digital Library, New York, United States (2019). [12] Z. Ai, N. Luktarhan, Y. Zhao, and C. Tang, “WS-LSMR: Malicious WebShell Detection Algorithm Based on Ensemble Learning,” IEEE Access, vol. 8, pp. 75785-75797, (2020). [13] A. Hannousse, M.C. Nait-Hamoud, and S. Yahiouche, “A deep learner model for multi-language webshell detection,” Int. J. Inf. Secur., vol. 22, pp. 47–61, (2023). [14] Y. Fang, Y. Qiu, L. Liu, and C. Huang, “Detecting Webshell Based on Random Forest with FastText,” in Proceedings of the 2018 International Conference on Computing and Artificial Intelligence (ICCAI '18). Pages 52–56, March 2018. ACM Digital Library, New York, United States (2018). [15] T. Li, C. Ren, Y. Fu, J. Xu, J. Guo, and X. Chen, “Webshell Detection Based on the Word Attention Mechanism,” IEEE Access, vol. 7, pp. 185140-185147, (2019). [16] W. Huang et al., “Enhancing the Feature Profiles of Web Shells by Analyzing the Performance of Multiple Detectors,” Advances in Digital Forensics XVI, vol 589. Springer (2022). [17] Z. Feng, D. Guo, D. Tang, N. Duan, X. Feng, M. Gong, L. Shou, B. Qin, T. Liu, and D. Jiang, “CodeBERT: A Pre-Trained Model for Programming and Natural Languages,” arXiv preprint arXiv:2002.08155, (2020). [18] C. Niu, C. Li, V. Ng, D. Chen, J. Ge, and B. Luo, “An Empirical Comparison of Pre-Trained Models of Source Code,” arXiv preprint arXiv:2302.04026, (2023). [19] D. Guo, S. Ren, S. Lu, Z. Feng, D. Tang, S. Liu, L. Zhou, N. Duan, A. Svyakovskiy, S. Fu, M. Tufano, S.K. Deng, C. Clement, D. Drain, N. Sundaresan, J. Yin, D. Jiang, and M. Zhou, “GraphCodeBERT: Pre-training Code Representations with Data Flow,” arXiv preprint arXiv:2009.08366, (2020). [20] Ö. Aslan and R. Samet, “Investigation of Possibilities to Detect Malware Using Existing Tools,” in 2017 IEEE/ACS 14th International Conference on Computer Systems and Applications (AICCSA), Hammamet, Tunisia, pp. 1277-1284. IEEE, (2017). [21] R. Sennrich, B. Haddow, and A. Birch, “Neural Machine Translation of Rare Words with Subword Units,” arXiv preprint arXiv:1508.07909, (2016). [22] A. Vaswani, N. Shazeer, N. Parmar, J. Uszkoreit, L. Jones, A.N. Gomez, L. Kaiser, and L. Polosukhin, “Attention Is All You Need,” arXiv preprint arXiv:1706.03762, (2017). [23] J. Devlin, M.W. Chang, K. Lee, and K. Toutanova, “BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding,” arXiv preprint arXiv:1810.04805, (2018). [24] Y. Liu, M. Ott, N. Goyal, J. Du, M. Joshi, D. Chen, O. Levy, M. Lewis, L. Zettlemoyer, and V. Stoyanov, “RoBERTa: A Robustly Optimized BERT Pretraining Approach,” arXiv preprint arXiv:1907.11692, (2019). [25] T.B. Brown, B. Mann, N. Ryder, M. Subbiah, J. Kaplan, P. Dhariwal, A. Neelakantan, P. Shyam, G. Sastry, A. Askell, S. Agarwal, A. Herbert-Voss, G. Krueger, T. Henighan, R. Child, A. Ramesh, D.M. Ziegler, J. Wu, C. Winter, C. Hesse, M. Chen, E. Sigler, M. Litwin, S. Gray, B. Chess, J. Clark, C. Berner, S. McCandlish, A. Radford, I. Sutskever, and D. Amodei, “Language Models are Few-Shot Learners,” arXiv preprint arXiv:2005.14165, (2020). [26] M.N. Hossain, S.M. Milajerdi, J. Wang, B. Eshete, R. Gjomemo, R. Sekar, S. Stoller, and V.N. Venkatakrishnan, "{SLEUTH}: Real-Time Attack Scenario Reconstruction from {COTS} Audit Data," in Proceedings of the 26th {USENIX} Security Symposium, Vancouver, BC, Canada, August 16–18, 2017, pp. 487–504. USENIX Association, (2017). [27] K.S. Wong, K. Tanaka, K. Takagi, and Y. Nakajima, “An Efficient Hybrid Webshell Detection Method for Webserver of Marine Transportation Systems,” IEEE Transactions on Intelligent Transportation Systems, vol. 24, no. 2, pp. 2630-2642, (2023). [28] D-shield. D-shield. Available at: https://www.d99net.net/. (Accessed 23 Apr., 2024). [29] PHP-malware-finder. Available at: https://github.com/nbs-system/php-malware-finder. (Accessed 23 Apr., 2024). [30] X. Sun, X. Lu, and H. Dai, “A Matrix Decomposition based Webshell Detection Method,” in Proceedings of the 2017 International Conference on Cryptography, Security and Privacy (ICCSP '17). Pages 66–70, March 2017. ACM Digital Library, New York, United States (2017). [31] H. Zhang, M. Liu, Z. Yue, Z. Xue, Y. Shi, and X. He, “A PHP and JSP Web Shell Detection System with Text Processing Based on Machine Learning,” in 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Guangzhou, China, pp. 1584-1591. IEEE (2020). [32] T. Zhu, Z. Weng, L. Fu, and L. Ruan, "A Web Shell Detection Method Based on Multiview Feature Fusion," Applied Sciences, vol. 10, p. 6274, (2020). [33] H. Cui, D. Huang, Y. Fang, L. Liu, and C. Huang, "Webshell Detection Based on Random Forest–Gradient Boosting Decision Tree Algorithm," in 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC), Guangzhou, China, pp. 153-160, IEEE (2018). [34] Z. Zhang, M. Li, L. Zhu, and X. Li, "SmartDetect: A Smart Detection Scheme for Malicious Web Shell Codes via Ensemble Learning," Smart Computing and Communication. SmartCom 2018, pp. 218-230. Springer (2018). [35] B. Yong, W. Wei, K. Li, J. Shen, Q. Zhou, M. Wozniak, D. Połap, and R. Damaševiˇcius, "Ensemble machine learning approaches for webshell detection in Internet of things environments," Transactions on Emerging Telecommunications Technologies, (2020). [36] Z. Ai, N. Luktarhan, A. Zhou, and D. Lv, "WebShell Attack Detection Based on a Deep Super Learner," Symmetry, vol. 12, p. 1406, (2020). [37] Z. Liu, D. Li, L. Wei, and Y. Guo, "A New Method for WebShell Detection Based on Bidirectional GRU and Attention Mechanism," Security and Communication Networks, vol. 2022, (2022). [38] B. Cheng, Y. Guo, Y. Ren, G. Yang, and G. Xu, "MSDetector: A Static PHP Webshell Detection System Based on Deep-Learning,". Theoretical Aspects of Software Engineering. TASE 2022, pp. 257-269. Springer (2022). [39] T. An, X. Shui, and H. Gao, "Deep Learning Based Webshell Detection Coping with Long Text and Lexical Ambiguity," Information and Communications Security. ICICS 2022, pp. 123-137. Springer (2022). [40] Yakpro-po. Available at: https://github.com/pk-fr/yakpro-po. (Accessed 23 Apr., 2024). [41] Shell-Detector. Available at: https://github.com/emposha/Shell-Detector. (Accessed 23 Apr., 2024). [42] WebShellKiller. Available at: https://edr.sangfor.com.cn/api/download/WebShellKillerTool.zip. (Accessed 23 Apr., 2024). [43] CloudWalker. Available at: https://github.com/chaitin/cloudwalker. (Accessed 23 Apr., 2024).
|