DOI: https://doi.org/10.14710/interaksi.%25v.%25i.%25p

Desain dan Implementasi Deteksi WebShell Malicious Web Shell (Backdoor Trap)

*Raditya Faisal Waliulu orcid scopus  -  Politeknik Saint Paul Sorong, Indonesia
Santrinita Trhessya Jumame  -  Politeknik Saint Paul Sorong, Indonesia
Open Access Copyright (c) 2020 JSINBIS (Jurnal Sistem Informasi Bisnis)

Citation Format:
Abstract

We present a report on hacker attacks against production servers on increased PHP vulnerabilities through SQL Injection attacks, XSS (Cross Site-Scripting), Cookie hijack, miss configuration, social engineering, CSRF (cross site request forgery), OTP bypass (take over account) and others. Hacker attacks leave a backdoor or webshell that will be accessed remotely (remote), this is common in blackhat hackers. Provides a shelltrap framework to use for and perform and clean the backdoor on the server. Because the back door has characteristics, namely: (1) taking over the physical server or localrooting; (2) adaptation to the run time environment; (3) using global variables to access the server. Have evaluated shelltrap on realworld server tame PHP Script and PHP backdoor. The experimental results get high level detection results of 98 %.

Fulltext View|Download
Keywords: Web Security; Web Shells; Backdoor; Intrusion Detection; Probability Analysis: Security Linux

Article Metrics:

Article Info
Section: Research Articles
Language : EN
Recent articles
Pemilihan Smartphone Berdasarkan Rekomendasi Profile User: Integrasi Fuzzy Analytical Hierarchy Process dan Rule Based Penerapan Soft System Methodology dalam Ekstraksi Pengetahuan Tentang Akreditasi Universitas XYZ Sistem Informasi Evaluasi Perkuliahan dengan Sentimen Analisis Menggunakan Naïve Bayes dan Smoothing Laplace More recent articles
Most cited articles
Sistem Panel Kinerja Untuk Program Studi Sarjana Berbasis BAN PT Algoritma K-Means Clustering Untuk Pengelompokan Ayat Al Quran Pada Terjemahan Bahasa Indonesia Sistem Pendukung Keputusan Penilaian Proposal Kegiatan PNPM MPd Menggunakan Metode Profile Matching dan Analytic Hierarchy Process (AHP) Sistem Informasi Penyebaran Penyakit Demam Berdarah Menggunakan Metode Jaringan Syaraf Tiruan Backpropagation Kajian Data Mining Customer Relationship Management pada Lembaga Keuangan Mikro More cited articles
  1. Bantun, S., Ashari, A., & Karim, R., 2020. Analisis Kinerja Raspberry Pi Sebagai SIP Server Untuk Aplikasi Video Phone. Semarang: Technocom
  2. Barth, A., Caballero, J., & Song, D., 2009. Secure content sniffing for web browsers, or how to stop papers from reviewing themselves. IEEE Symposium on Security and Privacy , 360-371
  3. Chao, W., Zhizhong, Wu, Z.W., Xi, L., Xuehai, Z., Aili, W. & Patrick C.K.H., 2014. SmartMal: a service-oriented behavioral malware detection framework for mobile devices. The Scientific World Journal , 2014 (101986,)
  4. Duda, R., Hard, P., & D.G.S., 2012. Pattern Classification 2nd. In J. W. Sons. New York
  5. Eman, A., Amin, S., Mohammed, S., & Ayman, B.-E. 2017. A cloud-based malware detection framework. International Journal of Interactive Mobile Technologies , 11 (2), 113-127
  6. Garfinkel, S., 2007. Anti-Forensics: techniques, detection and countermeasures. 2nd International Conference in i-Warefare and Security , 79
  7. Haboob, T., 2018. File Upload Restrictions Bypass. Haboob
  8. Hung-Jen, L., Chun-Hung, R. L., Ying-Chih, L., & Kuang-Yuan, T., 2013. Intrusion detection system: A comprehensive review. Journal of Network and Computer Applications , 16-24
  9. Irfan, T.A. & Akbar, A.A.M., 2019. How To Using Online Meeting On Jitsi Meet Aplication. 1-13
  10. John, L.C., 2016. GVFS metadata: Shellbags for Linux. Digital Investigation , 16, 12 - 18
  11. Josh, A., Richard, B., Benton, C., Zakir, D., Peter, E., Alan, F.-L., 2019. Let’s Encrypt: An Automated Certificate Authority to Encrypt the Entire Web. ACM SIGSAC Conference on Computer and Communications Security , 2019 (Session 10 E : Certificate), 2473 - 2487
  12. Khattab, M.A.A., Anna, G. and Klaus, D., 2015. An Intrusion Detection System Against Malicious Attacks on the Communication Network of Driverless Cars. Consumer Communications and Networking Conference (CNCC) , 916-921
  13. Kim, D.W., Yan, P., & Zhang, J., 2015. Detecting fake anti-virus software distribution webpages. Computers & Security , 49, 95 - 106
  14. Li, Y., Huang, J., Ikusan, A., Mitchell, M., Zhang, J., & Dai, R., 2019. ShellBreaker: automatically detecting PHP-based malicious web shells. Journal of Computers and Security , 87
  15. Lin, Y.-D., Chen, S.-H., Lin, P.-C., & Lai, Y.-C., 2008. Designing and evaluating interleaving decompressing and virus scanning in a stream-based mail proxy. The Journal of Systems and Software , 81, 1517 - 1524
  16. Maha A.S., 2020. Providing a secure environment for e-commerce sites using SSL Technology. Journal of Education and Science , 29 (1), 174 - 191
  17. Manesh, T., Brijith, B., Bhraguram, T. M., & Bhadran, V.K., 2013. Network forensic investigation of https protocol. International Journal of Modern Engineering Research (IJMER), 3 (5), 3096 - 3106
  18. McDaniel, P., & Rubin, A.D., 2005. Web security. Comput. Netw. United State: Elsevier
  19. Shweta, P., & Abhishek, S.C., 2013. Secure Content sniffing for web browsers. International Journal of Advanced Research in Computer and Communication Engineering , 2 (9), 3595-3601
  20. Simson, G., 2007. Anti-Forensics: techniques, detection and countermeasures, 2nd International Conference in i-Warefare and Security
  21. Son, S., & Shmatikov, V., 2011. Finding semantic vulnerabilities in PHP applications. Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security (pp. 1-13). NY, United States: Association for Computing Machinery
  22. Stiborek, J., Pevny, T., & Rehak, M., 2018. Probalistic Analysis of Dynamic Malware Traces. Computer & Security , 221-239
  23. Vazquez, A., 2016. Learn CentOS Linux Network Services. Apress, Berkeley, CA
  24. Waliulu, R. F., & Iskandar, A.T.H., 2018. Reverse engineering analysis forensic malware WEBC2-DIV. Jurnal &Penelitian Teknik Informatika) , 113 - 119
  25. Wassermann, G., & Su, Z., (2008. Static detection of cross-site scripting vulnerabilities. In: Proceedings of the 30th International Conference on Software Engineering , 171-180
  26. Xie, Y., & Aiken, A., 2016. Static Detection of Security Vulnerabilities in Scripting Languages. USENIX Security Symposium , 15, 179-192
  27. Xue, L., & Sun, G., 2014. Design and implementation of a malware detection system based on network behavior. Security and Communication Networks , 8, 459 - 470
  28. Yujie, F., Yanfang, Y., & Lifei, C., 2016. Malicious sequential pattern mining for automatic malware detection. Expert Systems With Applications , 16-25
  29. Zahra, S., Ashkan, S., & Mahboobe, G., 2017. MAAR: Robust features to detect malicious activity based on API calls, their arguments and return values. Engineering Applications of Artificial Intelligence , 93-102

Last update:

No citation recorded.

Last update: 2024-11-21 01:03:33

No citation recorded.