{"title":"一个动态的、异构的web应用程序,通过使用多样化的PHP代码来防御webshell攻击","authors":"Weichao Li, Zheng Zhang, Liqun Wang","doi":"10.1145/3290420.3290438","DOIUrl":null,"url":null,"abstract":"Malicious code injection attacks often bypass rules based filtering methods by various deformable methods. Based on the PHP web application environment, we proposed a method of using code diversification, and then defended the PHP webshell attack threat by constructing a dynamic and heterogeneous PHP web application which uses the redundancy adjudication and dynamic transformation method. Finally, this method is verified in cloud service environment.","PeriodicalId":259201,"journal":{"name":"International Conference on Critical Infrastructure Protection","volume":"479 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-11-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"A dynamic and heterogeneous web application to defense webshell attacks by using diversified PHP code\",\"authors\":\"Weichao Li, Zheng Zhang, Liqun Wang\",\"doi\":\"10.1145/3290420.3290438\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Malicious code injection attacks often bypass rules based filtering methods by various deformable methods. Based on the PHP web application environment, we proposed a method of using code diversification, and then defended the PHP webshell attack threat by constructing a dynamic and heterogeneous PHP web application which uses the redundancy adjudication and dynamic transformation method. Finally, this method is verified in cloud service environment.\",\"PeriodicalId\":259201,\"journal\":{\"name\":\"International Conference on Critical Infrastructure Protection\",\"volume\":\"479 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-11-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Conference on Critical Infrastructure Protection\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3290420.3290438\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Critical Infrastructure Protection","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3290420.3290438","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A dynamic and heterogeneous web application to defense webshell attacks by using diversified PHP code
Malicious code injection attacks often bypass rules based filtering methods by various deformable methods. Based on the PHP web application environment, we proposed a method of using code diversification, and then defended the PHP webshell attack threat by constructing a dynamic and heterogeneous PHP web application which uses the redundancy adjudication and dynamic transformation method. Finally, this method is verified in cloud service environment.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
