An emerging threat Fileless malware: a survey and research challenges-Reference-Cited by-同舟云学术

An emerging threat Fileless malware: a survey and research challenges

Published:2020-01-14 Issue:1 Volume:3 Page:
ISSN:2523-3246
Container-title:Cybersecurity
language:en
Short-container-title:Cybersecur

Author:

Sudhakar ^ORCID,Kumar Sushil

Abstract

AbstractWith the evolution of cybersecurity countermeasures, the threat landscape has also evolved, especially in malware from traditional file-based malware to sophisticated and multifarious fileless malware. Fileless malware does not use traditional executables to carry-out its activities. So, it does not use the file system, thereby evading signature-based detection system. The fileless malware attack is catastrophic for any enterprise because of its persistence, and power to evade any anti-virus solutions. The malware leverages the power of operating systems, trusted tools to accomplish its malicious intent. To analyze such malware, security professionals use forensic tools to trace the attacker, whereas the attacker might use anti-forensics tools to erase their traces. This survey makes a comprehensive analysis of fileless malware and their detection techniques that are available in the literature. We present a process model to handle fileless malware attacks in the incident response process. In the end, the specific research gaps present in the proposed process model are identified, and associated challenges are highlighted.

Publisher

Springer Science and Business Media LLC

Subject

Artificial Intelligence,Computer Networks and Communications,Information Systems,Software

Link

http://link.springer.com/content/pdf/10.1186/s42400-019-0043-x.pdf

Reference65 articles.

1. About the Metasploit Meterpreter (2019). https://www.offensive-security.com/metasploit-unleashed/about-meterpreter/

2. Afianian A, Niksefat S, Sadeghiyan B, Baptiste D (2018) Malware dynamic analysis evasion techniques: A survey. arXiv preprint arXiv 1811:01190

3. Aljaedi A, Lindskog D, Zavarsky P, Ruhl R, Almari F (2011) Comparative analysis of volatile memory forensics: Live response vs. memory imaging. In: 2011 IEEE Third International Conference on Privacy, Security, Risk and Trust and 2011 IEEE Third International Conference on Social Computing, pp 1253–1258. https://doi.org/10.1109/PASSAT/SocialCom.2011.68

4. Allman, M., Ostermann, S.: FTP security considerations (1999). https://tools.ietf.org/html/rfc2577

5. Almulhem, A.: Network forensics: Notions and challenges. In: 2009 IEEE International Symposium on Signal Processing and Information Technology (ISSPIT), pp. 463–466 (2009). doi:https://doi.org/10.1109/ISSPIT.2009.5407485. IEEE

Cited by 79 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. HEOD: Human-assisted Ensemble Outlier Detection for cybersecurity;Computers & Security;2024-11

2. Explainable AI model for PDFMal detection based on gradient boosting model;Neural Computing and Applications;2024-09-05

3. Systematic Review: Anti-Forensic Computer Techniques;Applied Sciences;2024-06-19

4. A systematic literature review on Windows malware detection: Techniques, research issues, and future directions;Journal of Systems and Software;2024-03

5. A survey on the evolution of fileless attacks and detection techniques;Computers & Security;2024-02