[1]
The NIST definition of Cloud computing, https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-145.pdf, 2010.
[4]
Web shell, https://en.wikipedia.org/wiki/Webshell, 2023.
[5]
Acunetix Web Application Vulnerability Report 2019, https://www.acunetix.com/acunetix-web-application-vulnerability-report/, 2020.
[6]
Zend Engine 2 Opcodes, https://php-legacy-docs.zend.com/manual/php5/en/internals2.opcodes, 2022.
[7]
J. Devlin, M. W. Chang, K. Lee, and K. Toutanova, BERT: Pre-training of deep bidirectional transformers for language understanding, in Proc. 2019 Conf. North American Chapter of the Association for Computational Linguistics : Human Language Technologies, Volume 1 (Long and Short Papers ), Minneapolis, MN, USA, 2018, pp. 4171–4186.
[8]
O. Starov, J. Dahse, S. S. Ahmad, T. Holz, and N. Nikiforakis, No honor among thieves: A large-scale analysis of malicious web shells, in Proc. 25 th Int. Conf. World Wide Web, Montréal, Canada, 2016, pp. 1021–1032.
[9]
Usage statistics of PHP for websites, https://w3techs.com/technologies/details/pl-php, 2020.
[10]
AMPQ Homepage, https://www.amqp.org/, 2022.
[11]
PSR-12: Extended Coding Style, https://www.php-fig.org/psr/psr-12/, 2020.
[12]
Z. Li, D. Zou, S. Xu, X. Ou, H. Jin, S. Wang, Z. Deng, and Y. Zhong, VulDeePecker: A deep learning-based system for vulnerability detection, in Proc. Network and Distributed System Security Symp., San Diego, CA, USA, 2018, pp. 1–15.
[13]
A. Vaswani, N. Shazeer, N. Parmar, J. Uszkoreit, L. Jones, A. N. Gomez, L. Kaiser, and I. Polosukhin, Attention is all you need, arXiv preprint arXiv:1706.03762, 2023.
[14]
Activation function-wikipedia, https://en.wikipedia.org/wiki/Activation_function, 2023.
[15]
J. F. Kolen and S. C. Kremer, Gradient flow in recurrent nets: The difficulty of learning long-term dependencies, in A Field Guide to Dynamical Recurrent Networks. Los Alamitos, MX, USA: Wiley-IEEE Press, 2001, pp. 237−243.
[16]
U. Alon, M. Zilberstein, O. Levy, and E. Yahav, code2vec: Learning distributed representations of code, arXiv preprint arXiv:1803.09473, 2018.
[17]
U. Alon, S. Brody, O. Levy, and E. Yahav, code2seq: Generating sequences from structured representations of code, arXiv preprint arXiv:1808.01400, 2019.
[18]
M. Allamanis, M. Brockschmidt, and M. Khademi, Learning to represent programs with graphs, arXiv preprint arXiv:1711.00740, 2018.
[19]
Z. Wu, S. Pan, F. Chen, G. Long, C. Zhang, and P. S. Yu, A comprehensive survey on graph neural networks, arXiv preprint arXiv:1901.00596, 2019.
[20]
Z. Li, D. Zou, S. Xu, H. Jin, H. Qi, and J. Hu, VulPecker: An automated vulnerability detection system based on code similarity analysis, in Proc. 32 nd Annu. Conf. Computer Security Applications, Los Angeles, CA, USA, 2016, pp. 201−213.
[21]
Y. Li, C. Gu, T. Dullien, O. Vinyals, and P. Kohli, Graph matching networks for learning the similarity of graph structured objects, arXiv preprint arXiv:1904.12787, 2019.
[24]
K. Alieyan, A. Almomani, M. Anbar, M. Alauthman, R. Abdullah, and B. B. Gupta, DNS rule-based schema to botnet detection, Enterp. Inf. Syst., vol. 15, no. 4, pp. 545–564, 2021.
[25]
A. Dahiya and B. B. Gupta, A PBNM and economic incentive-based defensive mechanism against DDoS attacks, Enterp. Inf. Syst., vol. 16, no. 3, pp. 406–426, 2022.
[26]
J. Dahse and T. Holz, Simulation of built-in PHP features for precise static code analysis, in NDSS’14, San Diego, CA, USA, 2014, pp. 23–26.
[27]
N. Jovanovic, C. Kruegel, and E. Kirda, Pixy: A static analysis tool for detecting web application vulnerabilities, in Proc. 2006 IEEE Symp. Security and Privacy, Berkeley/Oakland, CA, USA, 2006, pp. 258–263.
[28]
D. Balzarotti, M. Cova, V. Felmetsger, N. Jovanovic, E. Kirda, C. Krügel, and G. Vigna, Saner: Composing static and dynamic analysis to validate sanitization in web applications, in Proc. 2008 IEEE Symp. Security and Privacy, Oakland, CA, USA, 2008, pp. 387–401.
[29]
NeoPI, https://github.com/CiscoCXSecurity/NeoPI, 2023.
[31]
V. G. Le, H. T. Nguyen, D. N. Lu, and N. H. Nguyen, A solution for automatically malicious web shell and web application vulnerability detection, in Proc. 8 th Int. Conf. Computational Collective Intelligence, Halkidiki, Greece, 2016, pp. 367–378.
[35]
J. Pennington, R. Socher, and C. Manning, Glove: Global vectors for word representation, in Proc. 2014 Conf. Empirical Methods in Natural Language Processing (EMNLP ), Doha, Qatar, 2014, pp. 1532–1543.
[36]
H. Cui, D. Huang, F. Yong, L. Liang, and H. Cheng, Webshell detection based on random forest-gradient boosting decision tree algorithm, in Proc. 2018 IEEE Third Int. Conf. Data Science in Cyberspace (DSC), Guangzhou, China, 2018, pp. 153–160.
[37]
Y. Fang, Y. Qiu, L. Liu, and C. Huang, Detecting webshell based on random forest with FastText, in Proc. 2018 Int. Conf. Computing and Artificial Intelligence, Chengdu, China, 2018, pp. 52–56.
[39]
Z. Zhou, L. Li, and X. Zhao, Webshell detection technology based on deep learning, in Proc. 2021 7 th IEEE Int. Conf. Big Data Security on Cloud (BigDataSecurity), IEEE Int. Conf. High Performance and Smart Computing (HPSC), and IEEE Int. Conf. Intelligent Data and Security (IDS), New York, NY, USA, 2021, pp. 52–56.
[40]
B. Gogoi, T. Ahmed, and R. G. Dinda, PHP web shell detection through static analysis of AST using LSTM based deep learning, in Proc. 2022 First Int. Conf. Artificial Intelligence Trends and Pattern Recognition (ICAITPR), Hyderabad, India, 2022, pp. 1–6.
[41]
L. Qi, R. Kong, Y. Lu, and H. Zhuang, An end-to-end detection method for WebShell with deep learning, in Proc. 2018 Eighth Int. Conf. Instrumentation & Measurement, Computer, Communication and Control (IMCCC), Harbin, China, 2018, pp. 660–665.
[42]
G. Betarte, E. Giménez, R. Martínez, and Á. Pardo, Machine learning-assisted virtual patching of web applications, arXiv preprint arXiv:1803.05529, 2018.
[43]
L. Nataraj, S. Karthikeyan, G. Jacob, and B. S. Manjunath, Malware images: Visualization and automatic classification, in Proc. 8 th Int. Symp. Visualization for Cyber Security, Pittsburgh, PA, USA, 2011, p. 4.