Analysis of Fileless Malware and its Evasive Behavior
| Title | Analysis of Fileless Malware and its Evasive Behavior |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Afreen, A., Aslam, M., Ahmed, S. |
| Conference Name | 2020 International Conference on Cyber Warfare and Security (ICCWS) |
| Date Published | Oct. 2020 |
| Publisher | IEEE |
| ISBN Number | 978-1-7281-6840-1 |
| Keywords | Advance Volatile Threat, Advance Volatile Threat (AVT), composability, computer systems, computer viruses, different malware, Evasion, executable malware, file-based malware, fileless malware, Human Behavior, Instruments, Internet, invasive software, Malware, malware analysis, malware threats, Memory Analysis, Metrics, Operating systems, Payloads, PowerShell (PS), Predictive Metrics, privacy, pubcrawl, resilience, Resiliency, security, static and advanced malware analysis, Task Analysis, Tools, Trojan horses, white box, White Box Security, Windows Management Instrumentation (WMI), Windows operating system, Windows Operating System Security |
| Abstract | Malware is any software that causes harm to the user information, computer systems or network. Modern computing and internet systems are facing increase in malware threats from the internet. It is observed that different malware follows the same patterns in their structure with minimal alterations. The type of threats has evolved, from file-based malware to fileless malware, such kind of threats are also known as Advance Volatile Threat (AVT). Fileless malware is complex and evasive, exploiting pre-installed trusted programs to infiltrate information with its malicious intent. Fileless malware is designed to run in system memory with a very small footprint, leaving no artifacts on physical hard drives. Traditional antivirus signatures and heuristic analysis are unable to detect this kind of malware due to its sophisticated and evasive nature. This paper provides information relating to detection, mitigation and analysis for such kind of threat. |
| URL | https://ieeexplore.ieee.org/document/9292376 |
| DOI | 10.1109/ICCWS48432.2020.9292376 |
| Citation Key | afreen_analysis_2020 |
- static and advanced malware analysis
- malware threats
- Memory Analysis
- Metrics
- operating systems
- Payloads
- PowerShell (PS)
- pubcrawl
- resilience
- security
- malware
- Task Analysis
- tools
- Trojan horses
- white box
- White Box Security
- Windows Management Instrumentation (WMI)
- Windows operating system
- Windows Operating System Security
- computer viruses
- privacy
- Predictive Metrics
- Human behavior
- Resiliency
- Advance Volatile Threat
- Advance Volatile Threat (AVT)
- composability
- computer systems
- Malware Analysis
- different malware
- evasion
- executable malware
- file-based malware
- fileless malware
- Instruments
- internet
- invasive software