Litcius/Paper detail

Fileless cyberattacks: Analysis and classification

GyungMin Lee, Shinwoo Shim, ByoungMo Cho, TaeKyu Kim, Kyounggon Kim

2020ETRI Journal23 citationsDOIOpen Access PDF

Abstract

With cyberattack techniques on the rise, there have been increasing developments in the detection techniques that defend against such attacks. However, cyber attackers are now developing fileless malware to bypass existing detection techniques. To combat this trend, security vendors are publishing analysis reports to help manage and better understand fileless malware. However, only fragmentary analysis reports for specific fileless cyberattacks exist, and there have been no comprehensive analyses on the variety of fileless cyberattacks that can be encountered. In this study, we analyze 10 selected cyberattacks that have occurred over the past five years in which fileless techniques were utilized. We also propose a methodology for classification based on the attack techniques and characteristics used in fileless cyberattacks. Finally, we describe how the response time can be improved during a fileless attack using our quick and effective classification technique.

Topics & Concepts

MalwareComputer securityComputer scienceVariety (cybernetics)Malware analysisArtificial intelligenceAdvanced Malware Detection TechniquesNetwork Security and Intrusion DetectionInternet Traffic Analysis and Secure E-voting
Fileless cyberattacks: Analysis and classification | Litcius