Table of Contents
Fetching ...

ShellForge: Adversarial Co-Evolution of Webshell Generation and Multi-View Detection for Robust Webshell Defense

Yizhong Ding

TL;DR

ShellForge presents an adversarial co-evolution framework that jointly trains a webshell generator and a multi-view detector to counter rapidly evolving obfuscated webshells. The detector fuses semantic, structural, and statistical cues, while the generator crafts evasive variants; a safety-preserving de-malicious transformation provides high-quality negatives to guide learning. Through iterative hard-sample exchange and PPO-style updates, ShellForge achieves state-of-the-art robustness, attaining a 0.981 F1 on a challenging EvoSet and a 0.9930 F1 on FWOID, outperforming baselines. The approach mitigates obfuscation bias, handles long-context scripts, and demonstrates practical impact for robust server defense against evolving PHP webshell threats.

Abstract

Webshells remain a primary foothold for attackers to compromise servers, particularly within PHP ecosystems. However, existing detection mechanisms often struggle to keep pace with rapid variant evolution and sophisticated obfuscation techniques that camouflage malicious intent. Furthermore, many current defenses suffer from high false-alarm rates when encountering benign administrative scripts that employ heavy obfuscation for intellectual property protection. To address these challenges, we present ShellForge, an adversarial co-evolution framework that couples automated webshell generation with multi-view detection to continuously harden defensive boundaries. The framework operates through an iterative co-training loop where a generator and a detector mutually reinforce each other via the exchange of hard samples. The generator is optimized through supervised fine-tuning and preference-based reinforcement learning to synthesize functional, highly evasive variants. Simultaneously, we develop a multi-view fusion detector that integrates semantic features from long-string compression, structural features from pruned abstract syntax trees, and global statistical indicators such as Shannon entropy. To minimize false positives, ShellForge utilizes a LLM-based transformation to create de-malicious samples--scripts that retain complex obfuscation patterns but lack harmful payloads--serving as high-quality hard negatives during training. Evaluations on the public FWOID benchmark demonstrate that ShellForge significantly enhances defensive robustness. Upon convergence, the detector maintains a 0.981 F1-score while the generator achieves a 0.939 evasion rate against commercial engines on VirusTotal.

ShellForge: Adversarial Co-Evolution of Webshell Generation and Multi-View Detection for Robust Webshell Defense

TL;DR

ShellForge presents an adversarial co-evolution framework that jointly trains a webshell generator and a multi-view detector to counter rapidly evolving obfuscated webshells. The detector fuses semantic, structural, and statistical cues, while the generator crafts evasive variants; a safety-preserving de-malicious transformation provides high-quality negatives to guide learning. Through iterative hard-sample exchange and PPO-style updates, ShellForge achieves state-of-the-art robustness, attaining a 0.981 F1 on a challenging EvoSet and a 0.9930 F1 on FWOID, outperforming baselines. The approach mitigates obfuscation bias, handles long-context scripts, and demonstrates practical impact for robust server defense against evolving PHP webshell threats.

Abstract

Webshells remain a primary foothold for attackers to compromise servers, particularly within PHP ecosystems. However, existing detection mechanisms often struggle to keep pace with rapid variant evolution and sophisticated obfuscation techniques that camouflage malicious intent. Furthermore, many current defenses suffer from high false-alarm rates when encountering benign administrative scripts that employ heavy obfuscation for intellectual property protection. To address these challenges, we present ShellForge, an adversarial co-evolution framework that couples automated webshell generation with multi-view detection to continuously harden defensive boundaries. The framework operates through an iterative co-training loop where a generator and a detector mutually reinforce each other via the exchange of hard samples. The generator is optimized through supervised fine-tuning and preference-based reinforcement learning to synthesize functional, highly evasive variants. Simultaneously, we develop a multi-view fusion detector that integrates semantic features from long-string compression, structural features from pruned abstract syntax trees, and global statistical indicators such as Shannon entropy. To minimize false positives, ShellForge utilizes a LLM-based transformation to create de-malicious samples--scripts that retain complex obfuscation patterns but lack harmful payloads--serving as high-quality hard negatives during training. Evaluations on the public FWOID benchmark demonstrate that ShellForge significantly enhances defensive robustness. Upon convergence, the detector maintains a 0.981 F1-score while the generator achieves a 0.939 evasion rate against commercial engines on VirusTotal.
Paper Structure (27 sections, 6 equations, 7 figures, 5 tables)

This paper contains 27 sections, 6 equations, 7 figures, 5 tables.

Figures (7)

  • Figure 1: An illustration of typical webshell threats and attack workflow in PHP environments.
  • Figure 2: Pipeline of the proposed ShellForge framework. We first initialize a trainable webshell generator and a multi-view detector on FWOID. We then perform iterative adversarial co-training driven by detector feedback, where evasive webshells and their de-malicious benign samples are exchanged as hard samples to update the detector and provide chosen/rejected signals for the next generator update. The process continues until both detector robustness and generator evasiveness plateau.
  • Figure 3: Data processing pipeline for the three-view representation. Starting from raw PHP code, we construct the source view via comment removal and long-string semantic compression, the AST view via Tree-sitter parsing with structure pruning, and the statistical view via global indicators such as entropy and risky-function usage.
  • Figure 4: An example of de-malicious transformation $T(\cdot)$. The red-highlighted statements that directly trigger harmful behaviors are removed, while the surrounding obfuscation patterns and code structure are preserved to obtain a benign-but-obfuscated counterpart for training.
  • Figure 5: Confusion matrix of ShellForge on the FWOID test set.
  • ...and 2 more figures