{"id":"https://openalex.org/W4386365701","doi":"https://doi.org/10.18293/seke2023-205","title":"SAWD: Structural-Aware Webshell Detection System with Control Flow Graph","display_name":"SAWD: Structural-Aware Webshell Detection System with Control Flow Graph","publication_year":2023,"publication_date":"2023-07-01","ids":{"openalex":"https://openalex.org/W4386365701","doi":"https://doi.org/10.18293/seke2023-205"},"language":"en","primary_location":{"id":"doi:10.18293/seke2023-205","is_oa":true,"landing_page_url":"https://doi.org/10.18293/seke2023-205","pdf_url":"https://doi.org/10.18293/seke2023-205","source":{"id":"https://openalex.org/S4220650826","display_name":"Proceedings/Proceedings of the ... International Conference on Software Engineering and Knowledge Engineering","issn_l":"2325-9000","issn":["2325-9000","2325-9086"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Conferences on Software Engineering and Knowledge Engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://doi.org/10.18293/seke2023-205","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101161985","display_name":"Junmin Zhu","orcid":null},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Junmin Zhu","raw_affiliation_strings":["QI-ANXIN, Beijing, China","Shanghai Jiao Tong University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"QI-ANXIN, Beijing, China","institution_ids":[]},{"raw_affiliation_string":"Shanghai Jiao Tong University, Shanghai, China","institution_ids":["https://openalex.org/I183067930"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5109635166","display_name":"Yizhao Yao","orcid":null},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]},{"id":"https://openalex.org/I2250653659","display_name":"Tencent (China)","ror":"https://ror.org/00hhjss72","country_code":"CN","type":"company","lineage":["https://openalex.org/I2250653659"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yizhao Yao","raw_affiliation_strings":["QI-ANXIN, Beijing, China","Shanghai Jiao Tong University, Shanghai, China","Tencent Technology (Shanghai) Company Limited, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"QI-ANXIN, Beijing, China","institution_ids":[]},{"raw_affiliation_string":"Shanghai Jiao Tong University, Shanghai, China","institution_ids":["https://openalex.org/I183067930"]},{"raw_affiliation_string":"Tencent Technology (Shanghai) Company Limited, Shanghai, China","institution_ids":["https://openalex.org/I2250653659"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081972759","display_name":"Xianwen Deng","orcid":"https://orcid.org/0000-0002-6611-5295"},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xianwen Deng","raw_affiliation_strings":["QI-ANXIN, Beijing, China","Shanghai Jiao Tong University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"QI-ANXIN, Beijing, China","institution_ids":[]},{"raw_affiliation_string":"Shanghai Jiao Tong University, Shanghai, China","institution_ids":["https://openalex.org/I183067930"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044580206","display_name":"Yaoguang Yong","orcid":null},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yaoguang Yong","raw_affiliation_strings":["QI-ANXIN, Beijing, China","Shanghai Jiao Tong University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"QI-ANXIN, Beijing, China","institution_ids":[]},{"raw_affiliation_string":"Shanghai Jiao Tong University, Shanghai, China","institution_ids":["https://openalex.org/I183067930"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5065488679","display_name":"Yanhao Wang","orcid":"https://orcid.org/0000-0002-7661-3917"},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yanhao Wang","raw_affiliation_strings":["QI-ANXIN, Beijing, China","Shanghai Jiao Tong University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"QI-ANXIN, Beijing, China","institution_ids":[]},{"raw_affiliation_string":"Shanghai Jiao Tong University, Shanghai, China","institution_ids":["https://openalex.org/I183067930"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100621400","display_name":"Libo Chen","orcid":"https://orcid.org/0000-0003-3236-4805"},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Libo Chen","raw_affiliation_strings":["QI-ANXIN, Beijing, China","Shanghai Jiao Tong University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"QI-ANXIN, Beijing, China","institution_ids":[]},{"raw_affiliation_string":"Shanghai Jiao Tong University, Shanghai, China","institution_ids":["https://openalex.org/I183067930"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5062829885","display_name":"Zhi Xue","orcid":"https://orcid.org/0000-0003-2875-304X"},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhi Xue","raw_affiliation_strings":["QI-ANXIN, Beijing, China","Shanghai Jiao Tong University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"QI-ANXIN, Beijing, China","institution_ids":[]},{"raw_affiliation_string":"Shanghai Jiao Tong University, Shanghai, China","institution_ids":["https://openalex.org/I183067930"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100648042","display_name":"Ruijie Zhao","orcid":"https://orcid.org/0000-0001-7090-6789"},"institutions":[{"id":"https://openalex.org/I183067930","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04","country_code":"CN","type":"education","lineage":["https://openalex.org/I183067930"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ruijie Zhao","raw_affiliation_strings":["QI-ANXIN, Beijing, China","Shanghai Jiao Tong University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"QI-ANXIN, Beijing, China","institution_ids":[]},{"raw_affiliation_string":"Shanghai Jiao Tong University, Shanghai, China","institution_ids":["https://openalex.org/I183067930"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":8,"corresponding_author_ids":["https://openalex.org/A5101161985"],"corresponding_institution_ids":["https://openalex.org/I183067930"],"apc_list":null,"apc_paid":null,"fwci":0.2013,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.44254581,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":"2023","issue":null,"first_page":"351","last_page":"356"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9970999956130981,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9970999956130981,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9923999905586243,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8634124994277954},{"id":"https://openalex.org/keywords/obfuscation","display_name":"Obfuscation","score":0.606682300567627},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.5613752007484436},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.5582289099693298},{"id":"https://openalex.org/keywords/control-flow-graph","display_name":"Control flow graph","score":0.5296862721443176},{"id":"https://openalex.org/keywords/graph","display_name":"Graph","score":0.4756842851638794},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.4672159254550934},{"id":"https://openalex.org/keywords/adjacency-matrix","display_name":"Adjacency matrix","score":0.4662429690361023},{"id":"https://openalex.org/keywords/control-flow","display_name":"Control flow","score":0.4276156723499298},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3328557014465332},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.25560033321380615},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.2266238033771515},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.20618808269500732}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8634124994277954},{"id":"https://openalex.org/C40305131","wikidata":"https://www.wikidata.org/wiki/Q2616305","display_name":"Obfuscation","level":2,"score":0.606682300567627},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.5613752007484436},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.5582289099693298},{"id":"https://openalex.org/C27458966","wikidata":"https://www.wikidata.org/wiki/Q1187693","display_name":"Control flow graph","level":2,"score":0.5296862721443176},{"id":"https://openalex.org/C132525143","wikidata":"https://www.wikidata.org/wiki/Q141488","display_name":"Graph","level":2,"score":0.4756842851638794},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.4672159254550934},{"id":"https://openalex.org/C180356752","wikidata":"https://www.wikidata.org/wiki/Q727035","display_name":"Adjacency matrix","level":3,"score":0.4662429690361023},{"id":"https://openalex.org/C160191386","wikidata":"https://www.wikidata.org/wiki/Q868299","display_name":"Control flow","level":2,"score":0.4276156723499298},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3328557014465332},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.25560033321380615},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.2266238033771515},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.20618808269500732}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.18293/seke2023-205","is_oa":true,"landing_page_url":"https://doi.org/10.18293/seke2023-205","pdf_url":"https://doi.org/10.18293/seke2023-205","source":{"id":"https://openalex.org/S4220650826","display_name":"Proceedings/Proceedings of the ... International Conference on Software Engineering and Knowledge Engineering","issn_l":"2325-9000","issn":["2325-9000","2325-9086"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Conferences on Software Engineering and Knowledge Engineering","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.18293/seke2023-205","is_oa":true,"landing_page_url":"https://doi.org/10.18293/seke2023-205","pdf_url":"https://doi.org/10.18293/seke2023-205","source":{"id":"https://openalex.org/S4220650826","display_name":"Proceedings/Proceedings of the ... International Conference on Software Engineering and Knowledge Engineering","issn_l":"2325-9000","issn":["2325-9000","2325-9086"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Conferences on Software Engineering and Knowledge Engineering","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320322999","display_name":"Shanghai Jiao Tong University","ror":"https://ror.org/0220qvk04"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4386365701.pdf","grobid_xml":"https://content.openalex.org/works/W4386365701.grobid-xml"},"referenced_works_count":17,"referenced_works":["https://openalex.org/W1992114977","https://openalex.org/W2093080079","https://openalex.org/W2519887557","https://openalex.org/W2732351623","https://openalex.org/W2805465321","https://openalex.org/W2807614421","https://openalex.org/W2954070528","https://openalex.org/W2964015378","https://openalex.org/W2969211527","https://openalex.org/W2995145810","https://openalex.org/W3095064644","https://openalex.org/W3200479650","https://openalex.org/W4285140041","https://openalex.org/W6634469269","https://openalex.org/W6751976284","https://openalex.org/W6765510503","https://openalex.org/W6771389133"],"related_works":["https://openalex.org/W2982588003","https://openalex.org/W2070909730","https://openalex.org/W4295950666","https://openalex.org/W4285240677","https://openalex.org/W2486765974","https://openalex.org/W2919866608","https://openalex.org/W2373485845","https://openalex.org/W2011536294","https://openalex.org/W2811047447","https://openalex.org/W2168259090"],"abstract_inverted_index":{"With":[0],"the":[1,51,80,87,109,120,135,174],"increasing":[2],"prevalence":[3],"of":[4,53,134],"web":[5,36],"servers,":[6],"protecting":[7],"them":[8],"from":[9,119],"cyber":[10],"attacks":[11],"has":[12],"become":[13],"a":[14,94],"crucial":[15],"task":[16],"for":[17,40],"online":[18],"service":[19],"providers.Webshells,":[20],"which":[21,132],"are":[22,26],"backdoors":[23],"to":[24,31,35,45,50,57,78,99,127,158],"websites,":[25],"commonly":[27],"used":[28],"by":[29],"hackers":[30],"gain":[32],"unauthorized":[33],"access":[34],"servers.However,":[37],"traditional":[38],"methods":[39,65],"detecting":[41],"webshells":[42,160],"often":[43],"fail":[44],"produce":[46],"satisfactory":[47],"results":[48,163],"due":[49],"use":[52],"obfuscation":[54],"or":[55],"encryption":[56],"conceal":[58],"their":[59],"characteristics.In":[60],"recent":[61],"years,":[62],"webshell":[63,96,170],"detection":[64,97,171],"based":[66,143],"on":[67,144,173],"deep":[68],"learning":[69],"(DL)":[70],"have":[71],"received":[72],"significant":[73],"attention,":[74],"but":[75],"they":[76],"struggle":[77],"preserve":[79],"syntax":[81,115],"and":[82,116,138],"semantic":[83,117],"information":[84,118],"contained":[85],"in":[86],"source":[88,122],"code.In":[89],"this":[90],"paper,":[91],"we":[92,106,124,148],"propose":[93],"structuralaware":[95],"system":[98],"address":[100],"these":[101],"problems,":[102],"denoted":[103],"as":[104],"SAWD.Specifically,":[105],"first":[107],"generate":[108],"control":[110],"flow":[111],"graph":[112,130,146,156],"(CFG)":[113],"with":[114,155],"PHP":[121],"code.Then,":[123],"leverage":[125],"CFG":[126],"build":[128],"our":[129,145,166],"representation,":[131,147],"consists":[133],"adjacency":[136],"matrix":[137],"keywords-based":[139],"basic":[140],"block":[141],"features.Finally,":[142],"adopt":[149],"convolutional":[150],"neural":[151],"networks":[152],"(GCN)":[153],"combined":[154],"pooling":[157],"detect":[159],"more":[161],"efficiently.Experimental":[162],"demonstrate":[164],"that":[165],"method":[167],"outperforms":[168],"state-of-the-art":[169],"systems":[172],"collected":[175],"dataset.":[176]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2026-03-13T14:20:09.374765","created_date":"2025-10-10T00:00:00"}