Webshell Detection Based on Executable Data Characteristics of PHP Code

A webshell is a malicious backdoor that allows remote access and control to a web server by executing arbitrary commands. The wide use of obfuscation and encryption technologies has greatly increased the difficulty of webshell detection. To this end, we propose a novel webshell detection model leveraging the grammatical features extracted from the PHP code. The key idea is to combine the executable data characteristics of the PHP code with static text features for webshell classification. To verify the proposed model, we construct a cleaned data set of webshell consisting of 2,917 samples from 17 webshell collection projects and conduct extensive experiments. We have designed three sets of controlled experiments, the results of which show that the accuracy of the three algorithms has reached more than 99.40%, the highest reached 99.66%, the recall rate has been increased by at least 1.8%, the most increased by 6.75%, and the F1 value has increased by 2.02% on average. It not only confirms the efficiency of the grammatical features in webshell detection but also shows that our system significantly outperforms several state-of-the-art rivals in terms of detection accuracy and recall rate.

Download Full-text

An Opcode-Based Malware Detection Model Using Supervised Learning Algorithms

International Journal of Information Security and Privacy ◽

10.4018/ijisp.2021100102 ◽

2021 ◽

Vol 15 (4) ◽

pp. 18-30

Author(s):

Om Prakash Samantray ◽

Satya Narayan Tripathy

Keyword(s):

Supervised Learning ◽

Learning Algorithms ◽

Malware Detection ◽

Support Vector ◽

Detection Accuracy ◽

Detection Techniques ◽

Detection Model ◽

Proposed Model ◽

Tree Classifier ◽

Supervised Learning Algorithms

There are several malware detection techniques available that are based on a signature-based approach. This approach can detect known malware very effectively but sometimes may fail to detect unknown or zero-day attacks. In this article, the authors have proposed a malware detection model that uses operation codes of malicious and benign executables as the feature. The proposed model uses opcode extract and count (OPEC) algorithm to prepare the opcode feature vector for the experiment. Most relevant features are selected using extra tree classifier feature selection technique and then passed through several supervised learning algorithms like support vector machine, naive bayes, decision tree, random forest, logistic regression, and k-nearest neighbour to build classification models for malware detection. The proposed model has achieved a detection accuracy of 98.7%, which makes this model better than many of the similar works discussed in the literature.

Download Full-text

Key Parts of Transmission Line Detection Using Improved YOLO v3

The International Arab Journal of Information Technology ◽

10.34028/iajit/18/6/1 ◽

2021 ◽

Vol 18 (6) ◽

Author(s):

Tu Renwei ◽

Zhu Zhongjie ◽

Bai Yongqiang ◽

Gao Ming ◽

Ge Zhifeng

Keyword(s):

Transmission Line ◽

Detection Accuracy ◽

Data Sets ◽

Feature Maps ◽

Data Set ◽

Detection Model ◽

The Neural Network ◽

Low Efficiency ◽

The One ◽

Detection Speed

Unmanned Aerial Vehicle (UAV) inspection has become one of main methods for current transmission line inspection, but there are still some shortcomings such as slow detection speed, low efficiency, and inability for low light environment. To address these issues, this paper proposes a deep learning detection model based on You Only Look Once (YOLO) v3. On the one hand, the neural network structure is simplified, that is the three feature maps of YOLO v3 are pruned into two to meet specific detection requirements. Meanwhile, the K-means++ clustering method is used to calculate the anchor value of the data set to improve the detection accuracy. On the other hand, 1000 sets of power tower and insulator data sets are collected, which are inverted and scaled to expand the data set, and are fully optimized by adding different illumination and viewing angles. The experimental results show that this model using improved YOLO v3 can effectively improve the detection accuracy by 6.0%, flops by 8.4%, and the detection speed by about 6.0%.

Download Full-text

Content Noise Detection Model Using Deep Learning in Web Forums

Sustainability ◽

10.3390/su12125074 ◽

2020 ◽

Vol 12 (12) ◽

pp. 5074

Author(s):

Jiyoung Woo ◽

Jaeseok Yun

Keyword(s):

Machine Learning ◽

Deep Learning ◽

Learning Model ◽

Detection Model ◽

Proposed Model ◽

Web Forum ◽

Web Forums ◽

Conventional Machine ◽

Text Features ◽

Deep Learning Model

Spam posts in web forum discussions cause user inconvenience and lower the value of the web forum as an open source of user opinion. In this regard, as the importance of a web post is evaluated in terms of the number of involved authors, noise distorts the analysis results by adding unnecessary data to the opinion analysis. Here, in this work, an automatic detection model for spam posts in web forums using both conventional machine learning and deep learning is proposed. To automatically differentiate between normal posts and spam, evaluators were asked to recognize spam posts in advance. To construct the machine learning-based model, text features from posted content using text mining techniques from the perspective of linguistics were extracted, and supervised learning was performed to distinguish content noise from normal posts. For the deep learning model, raw text including and excluding special characters was utilized. A comparison analysis on deep neural networks using the two different recurrent neural network (RNN) models of the simple RNN and long short-term memory (LSTM) network was also performed. Furthermore, the proposed model was applied to two web forums. The experimental results indicate that the deep learning model affords significant improvements over the accuracy of conventional machine learning associated with text features. The accuracy of the proposed model using LSTM reaches 98.56%, and the precision and recall of the noise class reach 99% and 99.53%, respectively.

Download Full-text

A Global Joint Model for Semantic Role Labeling

Computational Linguistics ◽

10.1162/coli.2008.34.2.161 ◽

2008 ◽

Vol 34 (2) ◽

pp. 161-191 ◽

Cited By ~ 29

Author(s):

Kristina Toutanova ◽

Aria Haghighi ◽

Christopher D. Manning

Keyword(s):

State Of The Art ◽

Joint Model ◽

Semantic Role ◽

Semantic Role Labeling ◽

Shared Task ◽

Data Set ◽

Joint Structure ◽

Proposed Model ◽

Parse Trees ◽

Linguistic Intuition

We present a model for semantic role labeling that effectively captures the linguistic intuition that a semantic argument frame is a joint structure, with strong dependencies among the arguments. We show how to incorporate these strong dependencies in a statistical joint model with a rich set of features over multiple argument phrases. The proposed model substantially outperforms a similar state-of-the-art local model that does not include dependencies among different arguments. We evaluate the gains from incorporating this joint information on the Propbank corpus, when using correct syntactic parse trees as input, and when using automatically derived parse trees. The gains amount to 24.1% error reduction on all arguments and 36.8% on core arguments for gold-standard parse trees on Propbank. For automatic parse trees, the error reductions are 8.3% and 10.3% on all and core arguments, respectively. We also present results on the CoNLL 2005 shared task data set. Additionally, we explore considering multiple syntactic analyses to cope with parser noise and uncertainty.

Download Full-text

An Enhanced Hidden Semi-Markov model for Outlier Detection in Multivariate Datasets

10.22541/au.162685414.44316319/v1 ◽

2021 ◽

Author(s):

G Manoharan ◽

K Sivakumar

Keyword(s):

Markov Model ◽

Hidden Markov Model ◽

Outlier Detection ◽

Hidden Markov ◽

Research Work ◽

Detection Accuracy ◽

Detection Techniques ◽

Detection Model ◽

Huge Data ◽

Proposed Model

Outlier detection in data mining is an important arena where detection models are developed to discover the objects that do not confirm the expected behavior. The generation of huge data in real time applications makes the outlier detection process into more crucial and challenging. Traditional detection techniques based on mean and covariance are not suitable to handle large amount of data and the results are affected by outliers. So it is essential to develop an efficient outlier detection model to detect outliers in the large dataset. The objective of this research work is to develop an efficient outlier detection model for multivariate data employing the enhanced Hidden Semi-Markov Model (HSMM). It is an extension of conventional Hidden Markov Model (HMM) where the proposed model allows arbitrary time distribution in its states to detect outliers. Experimental results demonstrate the better performance of proposed model in terms of detection accuracy, detection rate. Compared to conventional Hidden Markov Model based outlier detection the detection accuracy of proposed model is obtained as 98.62% which is significantly better for large multivariate datasets.

Download Full-text

Assessment of Acoustic Features and Machine Learning for Parkinson’s Detection

Journal of Healthcare Engineering ◽

10.1155/2021/9957132 ◽

2021 ◽

Vol 2021 ◽

pp. 1-13

Author(s):

Moumita Pramanik ◽

Ratika Pradhan ◽

Parvati Nandy ◽

Saeed Mian Qaisar ◽

Akash Kumar Bhoi

Keyword(s):

Machine Learning ◽

Feature Selection ◽

Naive Bayes ◽

Naïve Bayes ◽

Detection Accuracy ◽

Acoustic Features ◽

Fisher Score ◽

Detection Model ◽

Signal Features ◽

And Control

This article presents a machine learning approach for Parkinson’s disease detection. Potential multiple acoustic signal features of Parkinson’s and control subjects are ascertained. A collaborated feature bank is created through correlated feature selection, Fisher score feature selection, and mutual information-based feature selection schemes. A detection model on top of the feature bank has been developed using the traditional Naïve Bayes, which proved state of the art. The Naïve Bayes detector on collaborative acoustic features can detect the presence of Parkinson’s magnificently with a detection accuracy of 78.97% and precision of 0.926, under the hold-out cross validation. The collaborative feature bank on Naïve Bayes revealed distinguishable results as compared to many other recently proposed approaches. The simplicity of Naïve Bayes makes the system robust and effective throughout the detection process.

Download Full-text

Modelling and Control of a Reconfigurable Robot for Achieving Reconfiguration and Locomotion with Different Shapes

Sensors ◽

10.3390/s21165362 ◽

2021 ◽

Vol 21 (16) ◽

pp. 5362

Author(s):

S. M. Bhagya P. Samarakoon ◽

M. A. Viraj J. Muthugala ◽

Raihan E. Abdulkader ◽

Soh Wei Si ◽

Thein T. Tun ◽

...

Keyword(s):

State Of The Art ◽

Area Coverage ◽

Reconfigurable Robots ◽

Proposed Model ◽

Small Set ◽

Different Shapes ◽

Reconfigurable Robot ◽

High Level ◽

Inspection Robots ◽

And Control

Area coverage is a crucial factor for a robot intended for applications such as floor cleaning, disinfection, and inspection. Robots with fixed shapes could not realize an adequate level of area coverage performance. Reconfigurable robots have been introduced to overcome the limitations of fixed-shape robots, such as accessing narrow spaces and cover obstacles. Although state-of-the-art reconfigurable robots used for coverage applications are capable of shape-changing for improving the area coverage, the reconfiguration is limited to a few predefined shapes. It has been proven that the ability of reconfiguration beyond a few shapes can significantly improve the area coverage performance of a reconfigurable robot. In this regard, this paper proposes a novel robot model and a low-level controller that can facilitate the reconfiguration beyond a small set of predefined shapes and locomotion per instructions while firmly maintaining the shape. A prototype of a robot that facilitates the aim mentioned above has been designed and developed. The proposed robot model and controller have been integrated into the prototype, and experiments have been conducted considering various reconfiguration and locomotion scenarios. Experimental results confirm the validity of the proposed model and controller during reconfiguration and locomotion of the robot. Moreover, the applicability of the proposed model and controller for achieving high-level autonomous capabilities has been proven.

Download Full-text

Implementation of an Online Auditory Attention Detection Model with Electroencephalography in a Dichotomous Listening Experiment

Sensors ◽

10.3390/s21020531 ◽

2021 ◽

Vol 21 (2) ◽

pp. 531

Author(s):

Seung-Cheol Baek ◽

Jae Ho Chung ◽

Yoonseob Lim

Keyword(s):

Hearing Aids ◽

Real Life ◽

Auditory Attention ◽

Detection Accuracy ◽

Neurofeedback Training ◽

Neural Signals ◽

Detection Model ◽

Proposed Model ◽

Online Implementation ◽

Listening Experiment

Auditory attention detection (AAD) is the tracking of a sound source to which a listener is attending based on neural signals. Despite expectation for the applicability of AAD in real-life, most AAD research has been conducted on recorded electroencephalograms (EEGs), which is far from online implementation. In the present study, we attempted to propose an online AAD model and to implement it on a streaming EEG. The proposed model was devised by introducing a sliding window into the linear decoder model and was simulated using two datasets obtained from separate experiments to evaluate the feasibility. After simulation, the online model was constructed and evaluated based on the streaming EEG of an individual, acquired during a dichotomous listening experiment. Our model was able to detect the transient direction of a participant’s attention on the order of one second during the experiment and showed up to 70% average detection accuracy. We expect that the proposed online model could be applied to develop adaptive hearing aids or neurofeedback training for auditory attention and speech perception.

Download Full-text

Voice activity detection in noisy conditions using tiny convolutional neural network

Informatics ◽

10.37661/1816-0301-2020-17-2-36-43 ◽

2020 ◽

Vol 17 (2) ◽

pp. 36-43

Author(s):

R. S. Vashkevich ◽

E. S. Azarov

Keyword(s):

Neural Network ◽

Convolutional Neural Network ◽

Model Performance ◽

Voice Activity Detection ◽

Detection Accuracy ◽

Activity Detection ◽

Detection Model ◽

Proposed Model ◽

Computational Resources ◽

Voice Activity

The paper investigates the problem of voice activity detection from a noisy sound signal. An extremely compact convolutional neural network is proposed. The model has only 385 trainable parameters. Proposed model doesn’t require a lot of computational resources that allows to use it as part of the “internet of things” concept for compact low power devices. At the same time the model provides state of the art results in voice activity detection in terms of detection accuracy. The properties of the model are achieved by using a special convolutional layer that considers the harmonic structure of vocal speech. This layer also eliminates redundancy of the model because it has invariance to changes of fundamental frequency. The model performance is evaluated in various noise conditions with different signal-to-noise ratios. The results show that the proposed model provides higher accuracy compared to voice activity detection model from the WebRTC framework by Google.

Download Full-text

Detection of acne by deep learning object detection

10.1101/2021.12.05.21267310 ◽

2021 ◽

Author(s):

Amandip Sangha ◽

Mohammad Rizvi

Keyword(s):

Deep Learning ◽

Object Detection ◽

State Of The Art ◽

Average Precision ◽

Single Class ◽

Data Set ◽

Detection Model ◽

Model Predictions ◽

Deep Learning Model ◽

Facial Acne

AbstractImportanceState-of-the art performance is achieved with a deep learning object detection model for acne detection. There is little current research on object detection in dermatology and acne in particular. As such, this work is early in this field and achieves state of the art performance.ObjectiveTrain an object detection model on a publicly available data set of acne photos.Design, Setting, and ParticipantsA deep learning model is trained with cross validation on a data set of facial acne photos.Main Outcomes and MeasuresObject detection models for detecting acne for single-class (acne) and multi-class (four severity levels). We train and evaluate the models using standard metrics such as mean average precision (mAP). Then we manually evaluate the model predictions on the test set, and calculate accuracy in terms of precision, recall, F1, true and false positive and negative detections.ResultsWe achieve state-of-the art mean average precision [email protected] value of 37.97 for the single class acne detection task, and 26.50 for the 4-class acne detection task. Moreover, our manual evaluation shows that the single class detection model performs well on the validation set, achieving true positive 93.59 %, precision 96.45 % and recall 94.73 %.Conclusions and RelevanceWe are able to train a high-accuracy acne detection model using only a small publicly available data set of facial acne. Transfer learning on the pre-trained deep learning model yields good accuracy and high degree of transferability to patient submitted photographs. We also note that the training of standard architecture object detection models has given significantly better accuracy than more intricate and bespoke neural network architectures in the existing research literature.Key PointsQuestionCan deep learning-based acne detection models trained on a small data set of publicly available photos of patients with acne achieve high prediction accuracy?FindingsWe find that it is possible to train a reasonably good object detection model on a small, annotated data set of acne photos using standard deep learning architectures.MeaningDeep learning-based object detection models for acne detection can be a useful decision support tools for dermatologists treating acne patients in a digital clinical practice. It can prove a particularly useful tool for monitoring the time evolution of the acne disease state over prolonged time during follow-ups, as the model predictions give a quantifiable and comparable output for photographs over time. This is particularly helpful in teledermatological consultations, as a prediction model can be integrated in the patient-doctor remote communication.

Download Full-text