Ensemble machine learning approaches for webshell detection in Internet of things environments. Issue 6 (18th August 2020)
- Record Type:
- Journal Article
- Title:
- Ensemble machine learning approaches for webshell detection in Internet of things environments. Issue 6 (18th August 2020)
- Main Title:
- Ensemble machine learning approaches for webshell detection in Internet of things environments
- Authors:
- Yong, Binbin
Wei, Wei
Li, Kuan‐Ching
Shen, Jun
Zhou, Qingguo
Wozniak, Marcin
Połap, Dawid
Damaševičius, Robertas - Abstract:
- Abstract: The Internet of things (IoT), made up of a massive number of sensor devices interconnected, can be used for data exchange, intelligent identification, and management of interconnected "things." IoT devices are proliferating and playing a crucial role in improving the living quality and living standard of the people. However, the real IoT is more vulnerable to attack by countless cyberattacks from the Internet, which may cause privacy data leakage, data tampering and also cause significant harm to society and individuals. Network security is essential in the IoT system, and Web injection is one of the most severe security problems, especially the webshell. To develop a safe IoT system, in this article, we apply essential machine learning models to detect webshell to build secure solutions for IoT network. Future, ensemble methods including random forest (RF), extremely randomized trees (ET), and Voting are used to improve the performances of these machine learning models. We also discuss webshell detection in lightweight and heavyweight computing scenarios for different IoT environments. Extensive experiments have been conducted on these models to verify the validity of webshell intrusion. Simulation results show that RF and ET are suitable for lightweight IoT scenarios, and Voting method is effective for heavyweight IoT scenarios. Abstract : A dataset including 1551 malicious PHP webshells and 2593 normal PHP scripts are collected and analyzed for IoT serverAbstract: The Internet of things (IoT), made up of a massive number of sensor devices interconnected, can be used for data exchange, intelligent identification, and management of interconnected "things." IoT devices are proliferating and playing a crucial role in improving the living quality and living standard of the people. However, the real IoT is more vulnerable to attack by countless cyberattacks from the Internet, which may cause privacy data leakage, data tampering and also cause significant harm to society and individuals. Network security is essential in the IoT system, and Web injection is one of the most severe security problems, especially the webshell. To develop a safe IoT system, in this article, we apply essential machine learning models to detect webshell to build secure solutions for IoT network. Future, ensemble methods including random forest (RF), extremely randomized trees (ET), and Voting are used to improve the performances of these machine learning models. We also discuss webshell detection in lightweight and heavyweight computing scenarios for different IoT environments. Extensive experiments have been conducted on these models to verify the validity of webshell intrusion. Simulation results show that RF and ET are suitable for lightweight IoT scenarios, and Voting method is effective for heavyweight IoT scenarios. Abstract : A dataset including 1551 malicious PHP webshells and 2593 normal PHP scripts are collected and analyzed for IoT server security experiments. The traditional machine learning models and their ensemble models for LWDS IoT scenarios are studied. Feature importances for webshell detection are evaluated, and top‐10 relevant opcodes to identify webshells are ranked. … (more)
- Is Part Of:
- Transactions on emerging telecommunications technologies. Volume 33:Issue 6(2022)
- Journal:
- Transactions on emerging telecommunications technologies
- Issue:
- Volume 33:Issue 6(2022)
- Issue Display:
- Volume 33, Issue 6 (2022)
- Year:
- 2022
- Volume:
- 33
- Issue:
- 6
- Issue Sort Value:
- 2022-0033-0006-0000
- Page Start:
- n/a
- Page End:
- n/a
- Publication Date:
- 2020-08-18
- Subjects:
- Telecommunication -- Periodicals
384.05 - Journal URLs:
- http://onlinelibrary.wiley.com/journal/10.1002/(ISSN)1541-8251 ↗
http://onlinelibrary.wiley.com/journal/10.1002/(ISSN)2161-3915 ↗
http://onlinelibrary.wiley.com/ ↗ - DOI:
- 10.1002/ett.4085 ↗
- Languages:
- English
- ISSNs:
- 2161-5748
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 22071.xml