Ensemble machine learning approaches for webshell detection in Internet of things environments

The Internet of things (IoT), made up of a massive number of sensor devices interconnected, can be used for data exchange, intelligent identification, and management of interconnected "things." IoT devices are proliferating and playing a crucial role in improving the living quality and living standard of the people. However, the real IoT is more vulnerable to attack by countless cyberattacks from the Internet, which may cause privacy data leakage, data tampering and also cause significant harm to society and individuals. Network security is essential in the IoT system, and Web injection is one of the most severe security problems, especially the webshell. To develop a safe IoT system, in this article, we apply essential machine learning models to detect webshell to build secure solutions for IoT network. Future, ensemble methods including random forest (RF), extremely randomized trees (ET), and Voting are used to improve the performances of these machine learning models. We also discuss webshell detection in lightweight and heavyweight computing scenarios for different IoT environments. Extensive experiments have been conducted on these models to verify the validity of webshell intrusion. Simulation results show that RF and ET are suitable for lightweight IoT scenarios, and Voting method is effective for heavyweight IoT scenarios.