A webpage backdoor detection method and system based on data executable features

A web page backdoor and detection method technology, applied in the field of network security, can solve the problems of source code obfuscation and encryption, inability to detect and analyze, and achieve the effect of increasing the distinguishing ability, improving the obfuscation encryption, and improving the accuracy

Active Publication Date: 2020-09-22
NAT UNIV OF DEFENSE TECH
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Since statistical features can only be detected and analyzed from an overall point of view, due to the rapid development of current Web services, developers often obfuscate and encrypt the source code in order to avoid source code leakage, which leads to methods based on statistical features to detect web pages. A large number of false positives are generated during the backdoor, and effective detection and analysis cannot be carried out

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A webpage backdoor detection method and system based on data executable features
  • A webpage backdoor detection method and system based on data executable features
  • A webpage backdoor detection method and system based on data executable features

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0043] The specific implementation manners of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0044] This embodiment provides a webpage backdoor detection method based on data executable features, refer to figure 1 with 2 , the webpage backdoor detection method comprises the following steps:

[0045] Step 1. Obtain the sample source code training set and the source code to be tested.

[0046] In this embodiment, the sample source code training set includes normal sample source code and webpage backdoor sample source code. The normal sample source code is the source code of the latest version of the relatively well-known php language cms framework at home and abroad, and the webpage backdoor sample source code can be an open source php language webpage in github The backdoor collection items are constructed after duplication and error elimination.

[0047] Step 2: Perform opcode code extraction and word frequency featu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a webpage backdoor detection method based on data executable features. The webpage backdoor detection method comprises the steps of obtaining a sample source code training setand a to-be-tested source code; performing opcode code extraction and word frequency feature extraction on each sample source code in the sample source code training set and the to-be-tested source code in sequence; performing data executable feature extraction on each sample source code in the sample source code training set and the to-be-tested source code to obtain data executable features of each sample source code and the to-be-tested source code; constructing feature matrixes corresponding to the sample source codes and the to-be-tested source code respectively; performing webpage backdoor detection training on the feature matrixes corresponding to the sample source codes to obtain a webpage backdoor detection model; and inputting the feature matrix corresponding to the to-be-testedsource code into the webpage backdoor detection model for webpage backdoor detection. The invention further discloses a storage medium and a system. According to the invention, the accuracy of webpagebackdoor detection can be effectively improved, and misinformation is reduced.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a web page backdoor detection method and system based on data executable features. Background technique [0002] With the rapid development of the Internet and the rapid popularization of web applications, web service attacks have become more frequent, and implanting web page backdoors into target sites has become one of the most commonly used attack methods for attackers. Attackers use web page backdoors to obtain system information. Command execution environment, so as to further control the website server, to achieve the purpose of information sniffing, data theft or tampering. In order to combat web service attacks, the research on web backdoor detection has become one of the current important tasks. [0003] Webpage backdoor detection technology is currently divided into two methods: dynamic feature detection and static feature detection. Among them, dy...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/563
Inventor 潘祖烈沈毅陈远超李阳赵军施凡陈燏
Owner NAT UNIV OF DEFENSE TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap