[1]Trustwava. 2017 Trustwave Global Security Report[EB/OL].2017.
[2]Starov O, Dahse J, Ahmad S S, et al. No Honor Among Thieves: A Large-Scale Analysis of Malicious Web Shells[C]// International Conference on World Wide Web. International World Wide Web Conferences Steering Committee, 2016:1021-1032.
[3]叶飞, 龚俭, 杨望. 基于支持向量机的Webshell黑盒检测[J]. 南京航空航天大学学报, 2015, 47(6):924-930.
[4]Dai H, Dai H, Dai H. A Matrix Decomposition based Webshell Detection Method[C]// International Conference on Cryptography, Security and Privacy. ACM, 2017:66-70.
[5]潘杰. 基于机器学习的Webshell检测关键技术研究[D]. 天津:北京民航大学计算机学院,2015:16-17.
[6]马艳发. 基于WAF入侵检测和变异WebShell检测算法的Web安全研究[D]. 天津理工大学, 2016:13-15.
[7]D盾.D盾_Web查杀[EB/OL].http://www.d99net.net
[8]河马Webshel[EB/OL]l. WEBSHELL.PUB.http://www.webshell.pub.
[9]Agrawal R, Srikant R. Fast Algorithms for Mining Association Rules in Large Databases[C]// International Conference on Very Large Data Bases. Morgan Kaufmann Publishers Inc. 1994:487-499.
[10]Agrawal R, Imieliński T, Swami A. Mining Assocation Rules between Sets of Items in Large Databases[J]. AcmSigmod Record, 1993, 22(2):207-216.
[11]王文槿, 刘宝旭. 一种基于关联规则挖掘的入侵检测系统[J]. 核电子学与探测技术, 2015(2):119-123.
[12]Han J, Pei J, Yin Y. Mining frequent patterns without candidate generation[J]. AcmSigmod Record, 1999, 29(2):1-12.
[13]NeoPI:Detection of Webshells using statistical methods[EB/OL].(2014-09-18)[2016-08-15].https://github.com/NeoPI.
[14]李航. 统计学习方法[M]. 清华大学出版社, 2012.