Webshell, as the "culprit" behind numerous network attacks, is one of the research hotspots in the field of cybersecurity. However, the complexity, stealthiness, and confusing nature of webshells pose significant challenges to the corresponding detection schemes. With the rise of Artificial Intelligence (AI) technology, researchers have started to apply different intelligent algorithms and neural network architectures to the task of webshell detection. However, the related research still lacks a systematic and standardized methodological process, which is confusing and redundant. Therefore, following the development timeline, we carefully summarize the progress of relevant research in this field, dividing it into three stages: Start Stage, Initial Development Stage, and In-depth Development Stage. We further elaborate on the main characteristics and core algorithms of each stage. In addition, we analyze the pain points and challenges that still exist in this field and predict the future development trend of this field from our point of view. To the best of our knowledge, this is the first review that details the research related to AI-based webshell detection. It is also hoped that this paper can provide detailed technical information for more researchers interested in AI-based webshell detection tasks.

翻译：Webshell作为众多网络攻击背后的“元凶”，是网络安全领域的研究热点之一。然而，Webshell的复杂性、隐蔽性和混淆性对相应的检测方案提出了重大挑战。随着人工智能技术的兴起，研究者开始将不同的智能算法和神经网络架构应用于Webshell检测任务。然而，相关研究仍缺乏系统化、标准化的方法论流程，显得混乱且冗余。因此，我们按时间发展线索，细致总结了该领域相关研究的进展，将其划分为三个阶段：起步阶段、初步发展阶段和深度发展阶段。我们进一步阐述了每个阶段的主要特征与核心算法。此外，我们分析了该领域仍存在的痛点与挑战，并从自身视角预测了该领域的未来发展趋势。据我们所知，这是首篇详细梳理基于人工智能的Webshell检测相关研究的综述。同时，希望本文能为更多对基于人工智能的Webshell检测任务感兴趣的研究者提供详尽的技术参考。