Webshell detection method and device, medium and equipment

A detection method and technology to be detected, applied in the Internet field, can solve the problems of low webshell detection accuracy and insufficient response speed, and achieve the effect of quickly and accurately locating the position of the back door, improving the detection ability, and improving the emergency response speed.

Inactive Publication Date: 2021-04-20
BEIJING UNIV OF POSTS & TELECOMM +1
View PDF5 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of this, the purpose of the exemplary embodiments of the present invention is to propose a webshell detection metho

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Webshell detection method and device, medium and equipment
  • Webshell detection method and device, medium and equipment
  • Webshell detection method and device, medium and equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be described in further detail below in conjunction with specific embodiments and with reference to the accompanying drawings.

[0045] It should be noted that, unless otherwise defined, the technical terms or scientific terms used in the exemplary embodiments of the present invention shall have the common meanings understood by those skilled in the art to which the present invention belongs. "Comprising" or "comprising" and similar words mean that the elements or items appearing before the word include the elements or items listed after the word and their equivalents, without excluding other elements or items.

[0046] At present, there are many researches on webshell detection technology. The mainstream webshell detection tools include: D-Shield, Security Dog, SHELLPUB, findwebshell, CloudWalker, etc. The following is an introduction to these sof...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a webshell detection method and device, a medium and equipment, and the method comprises the steps: recognizing the dynamic characteristics of a to-be-detected file, and generating an abstract syntax tree of the to-be-detected file after the grammatical analysis and lexical analysis of the to-be-detected file; recording nodes with dynamic characteristics in the abstract syntax tree, and detecting whether the nodes with the dynamic characteristics have stain variables or not through Trojan horse analysis; determining that the to-be-detected file has a risk in response to the fact that the node with the dynamic characteristic has the stain variable; and determining that the to-be-detected file is safe in response to the fact that the node with the dynamic characteristic does not have the stain variable. According to the method, the dynamic characteristics of the to-be-detected file are taken as core characteristics, and the dynamic and static analysis technology is matched, so that the detection accuracy and the response efficiency of the webshell are improved.

Description

technical field [0001] Exemplary embodiments of the present invention relate to the technical field of the Internet, and in particular to a webshell detection method, device, medium and equipment. Background technique [0002] According to the "Report on Public Internet Network Security Situation and Threat Monitoring and Disposal in the First Half of 2020" issued by the National Internet Emergency Center (CNCERT), CNCERT has monitored 18,000 IP addresses inside and outside my country and 39,000 IP addresses in China. Malicious backdoors were implanted in 30 websites, and nearly 74,000 websites were tampered with. Compared with 2019, the number of websites implanted with backdoors in China has increased by more than 2.59 times. According to the "2019 Network Security Situational Awareness Report" released by Sangfor, web scanning and website backdoors (ie, webshells) have become the most commonly used web attack methods by attackers, accounting for 52% of the total. At the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06G06F21/56
Inventor 徐国爱徐国胜齐向东纪胜龙王少杰王浩宇柏杨
Owner BEIJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap