@inproceedings{9dff1d149cd449d3a17d3cad60809300,
title = "WebShell Detection Based on CodeBERT and Deep Learning Model",
abstract = "The web shell attacks (WebShells) have long been a source of persistent annoyance for administrators. They have become a major security concern in cloud computing environments since the scalability and distributed nature of the cloud services could intensify the potential risks and impacts of such attacks. In response, researchers have proposed numerous strategies to shield assets from WebShell intrusions. Consequently, this study proposes a method that utilizes the BPE (Byte Pair Encoding) for tokenization, the CodeBERT for extracting the word embedding vector of a given source code piece, and a deep model (GRU or Bidirectional GRU) for determining whether the code contains a WebShell. This architecture is designed to detect the presence of WebShells in PHP code through analysis of the source code. Our experimental results indicate that, the proposed method with GRU achieves the best performance, with an accuracy of 99.72%, a precision of 99.36%, and an F1-score of 99.36%. Furthermore, it outperforms the methods proposed in the prior related studies as presented in the paper.",
keywords = "Bidirectional GRU, BPE, CodeBERT, GRU, WebShell",
author = "Wang, {Guan Yu} and Ko, {Hung Jui} and Chiang, {Chang Po} and Wang, {Wei Jen}",
note = "Publisher Copyright: {\textcopyright} 2024 Owner/Author.; 5th International Conference on Computing, Networks and Internet of Things, CNIOT 2024 ; Conference date: 24-05-2024 Through 26-05-2024",
year = "2024",
month = may,
day = "24",
doi = "10.1145/3670105.3670190",
language = "???core.languages.en_GB???",
series = "ACM International Conference Proceeding Series",
publisher = "Association for Computing Machinery",
pages = "484--489",
booktitle = "CNIOT 2024 - Conference Proceeding, 2024 5th International Conference on Computing, Networks and Internet of Things",
}