Visible to the public Analysis of Fileless Malware and its Evasive Behavior

TitleAnalysis of Fileless Malware and its Evasive Behavior
Publication TypeConference Paper
Year of Publication2020
AuthorsAfreen, A., Aslam, M., Ahmed, S.
Conference Name2020 International Conference on Cyber Warfare and Security (ICCWS)
Date PublishedOct. 2020
ISBN Number978-1-7281-6840-1
KeywordsAdvance Volatile Threat, Advance Volatile Threat (AVT), composability, computer systems, computer viruses, different malware, Evasion, executable malware, file-based malware, fileless malware, Instruments, Internet, invasive software, Malware, malware analysis, malware threats, Memory Analysis, Metrics, Operating systems, Payloads, PowerShell (PS), pubcrawl, resilience, Resiliency, security, static and advanced malware analysis, Task Analysis, Tools, Trojan horses, white box, White Box Security, Windows Management Instrumentation (WMI), Windows operating system, Windows Operating System Security

Malware is any software that causes harm to the user information, computer systems or network. Modern computing and internet systems are facing increase in malware threats from the internet. It is observed that different malware follows the same patterns in their structure with minimal alterations. The type of threats has evolved, from file-based malware to fileless malware, such kind of threats are also known as Advance Volatile Threat (AVT). Fileless malware is complex and evasive, exploiting pre-installed trusted programs to infiltrate information with its malicious intent. Fileless malware is designed to run in system memory with a very small footprint, leaving no artifacts on physical hard drives. Traditional antivirus signatures and heuristic analysis are unable to detect this kind of malware due to its sophisticated and evasive nature. This paper provides information relating to detection, mitigation and analysis for such kind of threat.

Citation Keyafreen_analysis_2020