Fileless cyberattacks: Analysis and classification |
Lee, GyungMin
(School of Cybersecurity, Korea University)
Shim, ShinWoo (Intelligent SW Research Center, LIG Nex1) Cho, ByoungMo (Intelligent SW Research Center, LIG Nex1) Kim, TaeKyu (Intelligent SW Research Center, LIG Nex1) Kim, Kyounggon (School of Cybersecurity, Korea University) |
1 | Sudhakar and S. Kumar, An emerging threat fileless malware: A survey and research challenges, Cybersecurity. 3 (2020), 1-12. DOI |
2 | The evolution of the fileless click-fraud malware poweliks, https://www.symantec.com/content/dam/symantec/docs/securitycenter/white-papers/evolution-of-fileless-click-fraud-15-en.pdf, Accessed: 06.09.2015 |
3 | G. Lee, K. Kim, and S. Lee, Analysis and detection methods for the fileless in-memory malwares, 2017 Conference on Information Security and Cryptography-Summer, 2017. |
4 | B. Mo et al., The classification model of fileless cyber attacks, J. KIISE 47 (2020), 454-465. DOI |
5 | Paul Rascagneres, Poweliks: The persistent malware without a file, 2016. |
6 | GData, Where we go, we don't need files: Analysis of fileless malware "rozena", https://www.gdatasoftware.com/blog/2018/06/30862-filelessmalware-rozena, Accessed: 08.03.2020 |
7 | MalwarebytesLab, Magniber ransomware: Exclusively for south koreans, https://blog.malwarebytes.com/threatanalysis/2017/10/magniber-ransomware-exclusively-for-southkoreans/, Accessed: 08.03.2020 |
8 | Check Point, Kovter ransomware - the evolution: From police scareware to click frauds and then to ransomware, https://blog.checkpoint.com/2016/04/15/kovter-ransomware-theevolutionfrom-police-scareware-to-click-frauds-and-then-toransomware/, Accessed: 08.03.2020 |
9 | CISA, Petya ransomware, https://www.uscert.gov/ncas/alerts/TA17-181A, Accessed: 08.03.2020 |
10 | A. Berry, J. Homan, and R. Eitzman, Wannacry malware profile, Hentet fra, https://www.fireeye.com/blog/threatresearch/2017/05/wannacry-malware-profile.html, 2017. |
11 | AhnLab, Asec report vol.88 q3 2017, https://global.ahnlab.com/global/upload/download/asecreport/ASECREPORT_vol.88_ENG.pdf, Accessed: 08.03.2020 |
12 | AhnLab, Asec report vol 91 q2 2018, https://global.ahnlab.com/global/upload/download/asecreport/ASECREPORT_vol.91_ENG.pdf, Accessed: 08.03.2020 |
13 | F. Dang et al., Understanding fileless attack on linux-based IoT devices with HoneyCloud, in Proc. Annu. Int. Conf. Mobile Syst., Applicat., Services (Seoul, Rep. of Korea), June 2019, pp. 482-493. |
14 | S. Herzog, Ten years after the Estonian cyberattacks: Defense and adaptation in the age of digital insecurity, Georgetown J. Int. Affairs, 18 (2017), 67-78. DOI |
15 | J.-Y. Kong, J. I. Lim, and K. G. Kim. The all-purpose sword: North korea's cyber operations and strategies, in Proc. Int. Conf. Cyber Conflict (Tallinn, Estonia), May 2019, pp. 1-20. |
16 | K.-G. Kim, State-sponsored hacker and changes in hacking techniques, 2017. |
17 | Z. Kim, Attackers stole certificate from foxconn to hack kaspersky with Duqu 2.0, Wired, June 2015. |
18 | B. S. Rivera and R. U. Inocencio, Doing more with less: A study of file less infection attacks, Virusbulletin, (2015). |
19 | B. N. Sanjay et al., An approach to detect fileless malware and defend its evasive mechanisms, in Proc. IEEE Int. Conf. Computiational Syst. Inf. Technol. Sustainable Solutions (Bengaluru, India), 2018, pp. 234-239. |