Litcius/Paper detail

Pegasus Spyware: A Vulnerable Behaviour-based Attack System

Sidhant Chourasiya, Gyanesh Samanta, Devadarshan K Sardar, Ponnu Sharma, C. N. S. Vinoth Kumar

202313 citationsDOI

Abstract

The development of weaponized software presents substantial cybersecurity challenges, with the Pegasus spyware, developed by the Israeli group NSO, serving as a prominent example. This malicious code operates covertly, infiltrating target systems without the user's knowledge, extracting sensitive information, and monitoring user behavior. This research aims to investigate the unique characteristics and implications of the Pegasus spyware. Specifically, its zero-click functionality is understood, where exploitation occurs without user interaction and its reliance on zero-day vulnerabilities for system compromise. Furthermore, the study aims to explore the extent of control granted to the Pegasus operator, including command execution, data access, and remote manipulation of hardware components. Through an in-depth analysis, this study examines the technical intricacies of the Pegasus spyware. This study explores its methods of propagation, emphasizing its ability to exploit zero-day vulnerabilities without requiring user engagement. Moreover, mechanisms employed by spyware to establish command and control channels are investigated using HTTPS connections, leading to potential avenues for tracking and detection. The findings reveal the elusive nature of Pegasus, leaving minimal traces of its activities on infected systems. The software's sophisticated techniques and reliance on secure communication channels pose significant challenges in detecting and tracking its presence. The study also highlights the extensive control granted to the Pegasus operator, enabling comprehensive surveillance and data exfiltration from compromised systems. The Pegasus spyware represents a formidable cybersecurity threat due to its stealthy infiltration, powerful surveillance capabilities, and limited traceability. Mitigating this threat necessitates innovative approaches to detect and prevent its deployment. This research provides valuable insights into the workings of Pegasus and paves the way for developing effective countermeasures and mitigation strategies to safeguard systems and user privacy.

Topics & Concepts

Computer securityExploitComputer scienceSoftware deploymentTraceabilitySoftwareAccess controlKeystroke loggingEngineeringSoftware engineeringOperating systemAdvanced Malware Detection TechniquesPhysical Unclonable Functions (PUFs) and Hardware SecurityDigital and Cyber Forensics