WebSHArk 1.0: A Benchmark Collection for Malicious Web Shell Detection
Web shells are programs that are written for a specific purpose in Web scripting languages, such as PHP, ASP, ASP.NET, JSP, PERL-CGI, etc. Web shells provide a means to communicate with the server’s operating system via the interpreter of the web scripting languages. Hence, web shells can execute OS...
Gespeichert in:
| Veröffentlicht in: | JIPS(Journal of Information Processing Systems) 2015-06, Vol.11 (2), p.229-238 |
|---|---|
| Hauptverfasser: | , , , |
| Format: | Artikel |
| Sprache: | kor |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 238 |
|---|---|
| container_issue | 2 |
| container_start_page | 229 |
| container_title | JIPS(Journal of Information Processing Systems) |
| container_volume | 11 |
| creator | Kim, Jinsuk Yoo, Dong-Hoon Jang, Heejin Jeong, Kimoon |
| description | Web shells are programs that are written for a specific purpose in Web scripting languages, such as PHP, ASP, ASP.NET, JSP, PERL-CGI, etc. Web shells provide a means to communicate with the server’s operating system via the interpreter of the web scripting languages. Hence, web shells can execute OS specific commands over HTTP. Usually, web attacks by malicious users are made by uploading one of these web shells to compromise the target web servers. Though there have been several approaches to detect such malicious web shells, no standard dataset has been built to compare various web shell detection techniques. In this paper, we present a collection of web shell files, WebSHArk 1.0, as a standard dataset for current and future studies in malicious web shell detection. To provide baseline results for future studies and for the improvement of current tools, we also present some benchmark results by scanning the WebSHArk dataset directory with three web shell scanning tools that are publicly available on the Internet. The WebSHArk 1.0 dataset is only available upon request via email to one of the authors, due to security and legal issues. |
| format | Article |
| fullrecord | <record><control><sourceid>kiss_kisti</sourceid><recordid>TN_cdi_kisti_ndsl_JAKO201532434264301</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><kiss_id>3338614</kiss_id><sourcerecordid>3338614</sourcerecordid><originalsourceid>FETCH-LOGICAL-k501-d726e83a2eb34da1bedbe4b948208e6a17f820a49f190be1ceca8b910240d31c3</originalsourceid><addsrcrecordid>eNo9j8FLwzAYxYMoWOb-Ai-5eKzkS9K08Var29TJDhu4W0nSryw0ttLUg_-9hYmn93j83oN3QRLONE8Llh0vSQI6V6kGcbwmyxi9ZSzPMsUhS8jqA-1-U44dhXv2QEv6iL07fZo5qIYQ0E1-6Gk7jPTdBO_88B3pXKH7E4ZAn3A6EzfkqjUh4vJPF-Swej5Um3S7W79U5TbtMgZpk3OFhTAcrZCNAYuNRWm1LDgrUBnI29kZqVvQzCI4dKawGhiXrBHgxILcnWc7Hydf900M9Wv5tuMMMsGlkFxJwWDmbv-5WH-Nfj70UwshCgVS_AJ3X09V</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>WebSHArk 1.0: A Benchmark Collection for Malicious Web Shell Detection</title><source>Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals</source><creator>Kim, Jinsuk ; Yoo, Dong-Hoon ; Jang, Heejin ; Jeong, Kimoon</creator><creatorcontrib>Kim, Jinsuk ; Yoo, Dong-Hoon ; Jang, Heejin ; Jeong, Kimoon</creatorcontrib><description>Web shells are programs that are written for a specific purpose in Web scripting languages, such as PHP, ASP, ASP.NET, JSP, PERL-CGI, etc. Web shells provide a means to communicate with the server’s operating system via the interpreter of the web scripting languages. Hence, web shells can execute OS specific commands over HTTP. Usually, web attacks by malicious users are made by uploading one of these web shells to compromise the target web servers. Though there have been several approaches to detect such malicious web shells, no standard dataset has been built to compare various web shell detection techniques. In this paper, we present a collection of web shell files, WebSHArk 1.0, as a standard dataset for current and future studies in malicious web shell detection. To provide baseline results for future studies and for the improvement of current tools, we also present some benchmark results by scanning the WebSHArk dataset directory with three web shell scanning tools that are publicly available on the Internet. The WebSHArk 1.0 dataset is only available upon request via email to one of the authors, due to security and legal issues.</description><identifier>ISSN: 1976-913X</identifier><identifier>EISSN: 2092-805X</identifier><language>kor</language><publisher>한국정보처리학회</publisher><subject>Benchmark Test Collection ; Malicious Web Application ; Web Shell Collection ; Web Shell Detection ; Webshell</subject><ispartof>JIPS(Journal of Information Processing Systems), 2015-06, Vol.11 (2), p.229-238</ispartof><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>230,315,781,785,886</link.rule.ids></links><search><creatorcontrib>Kim, Jinsuk</creatorcontrib><creatorcontrib>Yoo, Dong-Hoon</creatorcontrib><creatorcontrib>Jang, Heejin</creatorcontrib><creatorcontrib>Jeong, Kimoon</creatorcontrib><title>WebSHArk 1.0: A Benchmark Collection for Malicious Web Shell Detection</title><title>JIPS(Journal of Information Processing Systems)</title><addtitle>JIPS(Journal of Information Processing Systems)</addtitle><description>Web shells are programs that are written for a specific purpose in Web scripting languages, such as PHP, ASP, ASP.NET, JSP, PERL-CGI, etc. Web shells provide a means to communicate with the server’s operating system via the interpreter of the web scripting languages. Hence, web shells can execute OS specific commands over HTTP. Usually, web attacks by malicious users are made by uploading one of these web shells to compromise the target web servers. Though there have been several approaches to detect such malicious web shells, no standard dataset has been built to compare various web shell detection techniques. In this paper, we present a collection of web shell files, WebSHArk 1.0, as a standard dataset for current and future studies in malicious web shell detection. To provide baseline results for future studies and for the improvement of current tools, we also present some benchmark results by scanning the WebSHArk dataset directory with three web shell scanning tools that are publicly available on the Internet. The WebSHArk 1.0 dataset is only available upon request via email to one of the authors, due to security and legal issues.</description><subject>Benchmark Test Collection</subject><subject>Malicious Web Application</subject><subject>Web Shell Collection</subject><subject>Web Shell Detection</subject><subject>Webshell</subject><issn>1976-913X</issn><issn>2092-805X</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2015</creationdate><recordtype>article</recordtype><sourceid>JDI</sourceid><recordid>eNo9j8FLwzAYxYMoWOb-Ai-5eKzkS9K08Var29TJDhu4W0nSryw0ttLUg_-9hYmn93j83oN3QRLONE8Llh0vSQI6V6kGcbwmyxi9ZSzPMsUhS8jqA-1-U44dhXv2QEv6iL07fZo5qIYQ0E1-6Gk7jPTdBO_88B3pXKH7E4ZAn3A6EzfkqjUh4vJPF-Swej5Um3S7W79U5TbtMgZpk3OFhTAcrZCNAYuNRWm1LDgrUBnI29kZqVvQzCI4dKawGhiXrBHgxILcnWc7Hydf900M9Wv5tuMMMsGlkFxJwWDmbv-5WH-Nfj70UwshCgVS_AJ3X09V</recordid><startdate>20150630</startdate><enddate>20150630</enddate><creator>Kim, Jinsuk</creator><creator>Yoo, Dong-Hoon</creator><creator>Jang, Heejin</creator><creator>Jeong, Kimoon</creator><general>한국정보처리학회</general><scope>HZB</scope><scope>Q5X</scope><scope>JDI</scope></search><sort><creationdate>20150630</creationdate><title>WebSHArk 1.0: A Benchmark Collection for Malicious Web Shell Detection</title><author>Kim, Jinsuk ; Yoo, Dong-Hoon ; Jang, Heejin ; Jeong, Kimoon</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-k501-d726e83a2eb34da1bedbe4b948208e6a17f820a49f190be1ceca8b910240d31c3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>kor</language><creationdate>2015</creationdate><topic>Benchmark Test Collection</topic><topic>Malicious Web Application</topic><topic>Web Shell Collection</topic><topic>Web Shell Detection</topic><topic>Webshell</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Kim, Jinsuk</creatorcontrib><creatorcontrib>Yoo, Dong-Hoon</creatorcontrib><creatorcontrib>Jang, Heejin</creatorcontrib><creatorcontrib>Jeong, Kimoon</creatorcontrib><collection>Korean Studies Information Service System (KISS)</collection><collection>Korean Studies Information Service System (KISS) B-Type</collection><collection>KoreaScience</collection><jtitle>JIPS(Journal of Information Processing Systems)</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Kim, Jinsuk</au><au>Yoo, Dong-Hoon</au><au>Jang, Heejin</au><au>Jeong, Kimoon</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>WebSHArk 1.0: A Benchmark Collection for Malicious Web Shell Detection</atitle><jtitle>JIPS(Journal of Information Processing Systems)</jtitle><addtitle>JIPS(Journal of Information Processing Systems)</addtitle><date>2015-06-30</date><risdate>2015</risdate><volume>11</volume><issue>2</issue><spage>229</spage><epage>238</epage><pages>229-238</pages><issn>1976-913X</issn><eissn>2092-805X</eissn><abstract>Web shells are programs that are written for a specific purpose in Web scripting languages, such as PHP, ASP, ASP.NET, JSP, PERL-CGI, etc. Web shells provide a means to communicate with the server’s operating system via the interpreter of the web scripting languages. Hence, web shells can execute OS specific commands over HTTP. Usually, web attacks by malicious users are made by uploading one of these web shells to compromise the target web servers. Though there have been several approaches to detect such malicious web shells, no standard dataset has been built to compare various web shell detection techniques. In this paper, we present a collection of web shell files, WebSHArk 1.0, as a standard dataset for current and future studies in malicious web shell detection. To provide baseline results for future studies and for the improvement of current tools, we also present some benchmark results by scanning the WebSHArk dataset directory with three web shell scanning tools that are publicly available on the Internet. The WebSHArk 1.0 dataset is only available upon request via email to one of the authors, due to security and legal issues.</abstract><pub>한국정보처리학회</pub><tpages>10</tpages><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1976-913X |
| ispartof | JIPS(Journal of Information Processing Systems), 2015-06, Vol.11 (2), p.229-238 |
| issn | 1976-913X 2092-805X |
| language | kor |
| recordid | cdi_kisti_ndsl_JAKO201532434264301 |
| source | Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals |
| subjects | Benchmark Test Collection Malicious Web Application Web Shell Collection Web Shell Detection Webshell |
| title | WebSHArk 1.0: A Benchmark Collection for Malicious Web Shell Detection |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-17T04%3A09%3A43IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-kiss_kisti&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=WebSHArk%201.0:%20A%20Benchmark%20Collection%20for%20Malicious%20Web%20Shell%20Detection&rft.jtitle=JIPS(Journal%20of%20Information%20Processing%20Systems)&rft.au=Kim,%20Jinsuk&rft.date=2015-06-30&rft.volume=11&rft.issue=2&rft.spage=229&rft.epage=238&rft.pages=229-238&rft.issn=1976-913X&rft.eissn=2092-805X&rft_id=info:doi/&rft_dat=%3Ckiss_kisti%3E3338614%3C/kiss_kisti%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_kiss_id=3338614&rfr_iscdi=true |