| With the widespread adoption of electronic commerce, website security is becoming more and more important. Through the website or system vulnerabilities, hackers can upload WebShell to the website server and create a back door for further attacks. Therefore, it is very important in website security to detect the WebShell.The main work includes: Firstly, through analyzing the web page source code files,detect the WebShell. Secondly, through the analysis of Web log files, identify the logs which contains attack events, find attacks from these logs, and what vulnerabilities ware exploited.Firstly, the paper introduces some related theories, including the introduction of WebShell, the support vector machine(SVM), the principle of genetic algorithm and artificial neural network model. Then about detecting WebShell, this paper proposes the improved one-class support vector machines(OC-SVM), which is based on improving the decision function of OC-SVM to reduce the rate of false positives. About the solution to recognize the way to upload WebShell, this paper takes the evolutionary neural network detection model.First of all, cluster the Web log and then analysis the clustering results artificially to get nine categories. Combine the existing artificial neural network with genetic algorithm to optimize the weights of neural network and thus improve the detection rate of model and reduce the rate of false positives. Finally, through the data collected in the actual environment and the contrast experiment, the paper proofs the validity of the model and the method can effectively improve the detection performance. |
PDF Full Text Request