Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Website backdoor detection method based on convolutional neural network model

A convolutional neural network and detection method technology, which is applied in the field of website backdoor detection based on the convolutional neural network model, can solve problems such as inability to detect web page backdoor files, and achieve the effects of high accuracy, fast speed, and wide application.

Inactive Publication Date: 2020-06-09
UNIV OF ELECTRONIC SCI & TECH OF CHINA
View PDF0 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

It is impossible to detect by this detection method
Therefore, there is a problem in the prior art that it is impossible to detect the specially processed webpage backdoor files

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Website backdoor detection method based on convolutional neural network model
  • Website backdoor detection method based on convolutional neural network model
  • Website backdoor detection method based on convolutional neural network model

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0057] The ROC curve of the inventive method is as image 3 As shown, it can be seen from the figure that the detection performance of the present invention is very good; the model trained by the present invention does not extract some features with obvious visibility, and has a good detection effect on some Webshells that bypass feature matching detection through obfuscation coding , and there is no special requirement for the Webshell language, one model can satisfy the detection of Webshells in many different languages.

[0058] Through the test, the detection accuracy of the model is 97.29%, the recall rate is 96.97%, and the F1 is 96.58%.

[0059] The symbols appearing in the present invention are as follows:

[0060] Webpage backdoor (WebShell): Also known as a website backdoor tool, WebShell is a command execution environment that exists in the form of webpage files such as asp, php, jsp, or cgi, and can also be called a webpage backdoor. After a hacker invades a webs...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of computer security, and relates to an anomaly detection method in website security, in particular to a website backdoor detection method based on a convolutional neural network model. The method comprises the following steps: 1, extracting a common webpage file sample from a website server, searching malicious backdoor file samples from the internet,deleting redundant information such as annotations and the like, and dividing into a training set and a test set; 2, preprocessing the data extracted in the step 1; 3, establishing a convolutional neural network, and training the convolutional neural network according to the data obtained in the step 2 to obtain a convolutional neural network model; and 4, detecting whether the webpage file samplein the website server has a backdoor file sample in real time according to the model obtained in the step 3. The model trained by the method can detect Webshells of multiple languages, has a good detection effect on samples hidden through obfuscated coding, and is high in accuracy and good in recall rate and F1 value effect.

Description

technical field [0001] The invention belongs to the technical field of computer security and relates to an anomaly detection method in website security, in particular to a website backdoor detection method based on a convolutional neural network model. Background technique [0002] At present, in the actual work of server security scanning, that is, in judging whether a script file or executable file is a safe file and excluding this file as a web backdoor, keywords and high-risk functions used in script files are usually used , file modification time, file permissions, file owner, and association with other files to generate a feature library, match the content of the file to be detected with the feature library, and judge whether the file to be detected exists in the feature library. Whether the file is a web page backdoor (WebShell), also known as a website backdoor tool. [0003] If special processing is performed on the execution file or script file, for example, encry...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06N3/04G06N3/08H04L29/06
CPCG06N3/08H04L63/1416G06N3/045
Inventor 李婷婷任春辉郭劲宏付毓生
Owner UNIV OF ELECTRONIC SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com