Detection of webshells in compromised perimeter assets using ML algorithms presented at Hackmiami 2017

by Rod Soto, Joseph Zadeh,

Summary : This presentation will focus on the use of machine learning techniques and analytics to detect compromise of perimeter assets via webshell. Presenters will go over how unpatched, forgotten & even party web servers can serve as unexpected door openers and provide attackers with a pathway inside the perimeter. What are webshells? What are the most common webshells used? Why use a webshell?. What recent exploitation campaigns have used webshells? .Presenters will also show how by using ML algorithms and analytics it is possible to detect web server exploit chains, and react faster and prepare for these type of attacks.