文章基本信息

标题：Fileless cyberattacks: Analysis and classification
本地全文：下载
作者：GyungMin Lee ; ShinWoo Shim ; ByoungMo Cho 等
期刊名称：ETRI Journal
印刷版ISSN：1225-6463
电子版ISSN：2233-7326
出版年度：2020
卷号：43
期号：2
页码：332-343
DOI：10.4218/etrij.2020-0086
语种：English
出版社：Electronics and Telecommunications Research Institute
摘要：With cyberattack techniques on the rise, there have been increasing developments in the detection techniques that defend against such attacks. However, cyber attackers are now developing fileless malware to bypass existing detection techniques. To combat this trend, security vendors are publishing analysis reports to help manage and better understand fileless malware. However, only fragmentary analysis reports for specific fileless cyberattacks exist, and there have been no comprehensive analyses on the variety of fileless cyberattacks that can be encountered. In this study, we analyze 10 selected cyberattacks that have occurred over the past five years in which fileless techniques were utilized. We also propose a methodology for classification based on the attack techniques and characteristics used in fileless cyberattacks. Finally, we describe how the response time can be improved during a fileless attack using our quick and effective classification technique.