Fileless cyberattacks: Analysis and classification

Fileless cyberattacks: Analysis and classification

AbstractWith cyberattack techniques on the rise, there have been increasing developments in the detection techniques that defend against such attacks. However, cyber attackers are now developing fileless malware to bypass existing detection techniques. To combat this trend, security vendors are publ...

Full description

Bibliographic Details
Main Authors: GyungMin Lee, ShinWoo Shim, ByoungMo Cho, TaeKyu Kim, Kyounggon Kim
Format: Article
Language:English
Published: Electronics and Telecommunications Research Institute (ETRI) 2020-12-01
Series:ETRI Journal
Subjects:
classification
cyber security
cyberattack
fileless malware
Online Access:https://doi.org/10.4218/etrij.2020-0086
id doaj-8a4f131b4ece4d59a1de74bb7f17c9b8
record_format Article
spelling doaj-8a4f131b4ece4d59a1de74bb7f17c9b82021-04-19T06:00:46ZengElectronics and Telecommunications Research Institute (ETRI)ETRI Journal1225-64632020-12-0143233234310.4218/etrij.2020-008610.4218/etrij.2020-0086Fileless cyberattacks: Analysis and classificationGyungMin LeeShinWoo ShimByoungMo ChoTaeKyu KimKyounggon KimAbstractWith cyberattack techniques on the rise, there have been increasing developments in the detection techniques that defend against such attacks. However, cyber attackers are now developing fileless malware to bypass existing detection techniques. To combat this trend, security vendors are publishing analysis reports to help manage and better understand fileless malware. However, only fragmentary analysis reports for specific fileless cyberattacks exist, and there have been no comprehensive analyses on the variety of fileless cyberattacks that can be encountered. In this study, we analyze 10 selected cyberattacks that have occurred over the past five years in which fileless techniques were utilized. We also propose a methodology for classification based on the attack techniques and characteristics used in fileless cyberattacks. Finally, we describe how the response time can be improved during a fileless attack using our quick and effective classification technique.https://doi.org/10.4218/etrij.2020-0086classificationcyber securitycyberattackfileless malware
collection DOAJ
language English
format Article
sources DOAJ
author GyungMin Lee
ShinWoo Shim
ByoungMo Cho
TaeKyu Kim
Kyounggon Kim
spellingShingle GyungMin Lee
ShinWoo Shim
ByoungMo Cho
TaeKyu Kim
Kyounggon Kim
Fileless cyberattacks: Analysis and classification
ETRI Journal
classification
cyber security
cyberattack
fileless malware
author_facet GyungMin Lee
ShinWoo Shim
ByoungMo Cho
TaeKyu Kim
Kyounggon Kim
author_sort GyungMin Lee
title Fileless cyberattacks: Analysis and classification
title_short Fileless cyberattacks: Analysis and classification
title_full Fileless cyberattacks: Analysis and classification
title_fullStr Fileless cyberattacks: Analysis and classification
title_full_unstemmed Fileless cyberattacks: Analysis and classification
title_sort fileless cyberattacks: analysis and classification
publisher Electronics and Telecommunications Research Institute (ETRI)
series ETRI Journal
issn 1225-6463
publishDate 2020-12-01
description AbstractWith cyberattack techniques on the rise, there have been increasing developments in the detection techniques that defend against such attacks. However, cyber attackers are now developing fileless malware to bypass existing detection techniques. To combat this trend, security vendors are publishing analysis reports to help manage and better understand fileless malware. However, only fragmentary analysis reports for specific fileless cyberattacks exist, and there have been no comprehensive analyses on the variety of fileless cyberattacks that can be encountered. In this study, we analyze 10 selected cyberattacks that have occurred over the past five years in which fileless techniques were utilized. We also propose a methodology for classification based on the attack techniques and characteristics used in fileless cyberattacks. Finally, we describe how the response time can be improved during a fileless attack using our quick and effective classification technique.
topic classification
cyber security
cyberattack
fileless malware
url https://doi.org/10.4218/etrij.2020-0086
work_keys_str_mv AT gyungminlee filelesscyberattacksanalysisandclassification
AT shinwooshim filelesscyberattacksanalysisandclassification
AT byoungmocho filelesscyberattacksanalysisandclassification
AT taekyukim filelesscyberattacksanalysisandclassification
AT kyounggonkim filelesscyberattacksanalysisandclassification
_version_ 1721521561238765568

Similar Items