Furthermore, detecting unknown webshells has always been a problem in the field of webshell detection. Existing webshell detection methods, such as using pattern matching for webshell detection, can be easily bypassed by attackers using the file include and user-defined functions. 1 College of Electronic Engineering, National University of Defense Technology, Hefei 230037, China (J.Z.) (K.Z.) (L.Y.) 2 Anhui Province Key Laboratory of Cyberspace Security Situation Awareness and Evaluation, Hefei 230037, China 3 School of Computer Science and Engineering, Central South University, Changsha 410083, China * Correspondence: Abstract: Webshells are a malicious scripts that can remotely control a webserver to execute arbitrary commands, steal sensitive files, and further invade the internal network.
This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license ( /licenses/by/ 4.0/).
Academic Editor: Juan-Carlos Cano Received: Accepted: 19 August 2021 Published: 23 August 2021 Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affil- iations. WTA: A Static Taint Analysis Framework for PHP Webshell. Applied sciences Article WTA: A Static Taint Analysis Framework for PHP Webshell Jiazhen Zhao 1,2, Yuliang Lu 1,2, *, Xin Wang 3, Kailong Zhu 1,2 and Lu Yu 1,2 Citation: Zhao, J.
0 kommentar(er)
