Detection of the Remote Code Execution Attacks Using the PHP Web Application Intrusion Detection System

With the development of web application software, the challenge of conventional intrusion detection systems against web-based attacks is their lack of access to application layer and web platform features. The proliferation of PHP server-side languages has led to the creation of unreliable applications and security issues in the language’s software. Remote code execution attack is one of the most important web application due to allowing remote access to the processor device and executing the operating system shell commands. Modifying the architecture of network layer intrusion detection systems to application layer and applying layered detection approach using signature-based detections methods and behavior in PHP application software provides remote code execution attacks. In this research, using the layered approach of PHP web application intrusion detection system approach, with 90.4% and 95% accuracy in the signature and behavior based approach, remote code execution attacks are detected.