Analysis of Advanced Volatile Threats Using Memory Forensics

5 Pages Posted: 26 Mar 2019

See all articles by Priya Gadgil

Priya Gadgil

University of Mumbai - K. J. Somaiya Institute of Engineering and Information Technology (KJSIEIT)

Sangeeta Nagpure

University of Mumbai - Department of Information Technology

Date Written: March 23, 2019

Abstract

Malwares has always been one of the greatest threat actors for the organizations with their digital information infrastructure. Malware is any malicious program, file or executable whose prime purpose is to gain an unauthorized access or cause harm to the computer or the network system. It has always been a subject of concern for computer experts or even the users as the harm due to different types of malwares is increasing exponentially. Malware can be in any form i.e.; virus, computer worm, Trojan, phishing frauds etc. These threats actors are constantly evolving with a new and sophisticated ways to avoid detection and successfully perform the attacks. The rising power and ambitions were specially seen during year 2017 and the current year that is 2018. It was observed that during year 2017, almost 230000 malware samples were produced daily and around 4000 ransomware attacks threatened the organizations. Year 2017 also saw a sharp increase in the amount of fileless malware attacks, which grew by approximately 50% in 2017.

Fileless malwares poses a threat to organizations and a big challenge for the information security professionals, mainly due to its use of different non-executable file formats for infection. Therefore, it becomes very difficult to detect such threats. These threats also pose challenge for detection due to its ability to execute its malicious logic exclusively in memory. This paper analyses in detail the file less malwares along with the similar volatile threats. As a solution, a tool has been proposed which can be useful in detecting such threat factors.

Keywords: File Less Malwares, Living off the Land Attacks, Memory Forensics

Suggested Citation

Gadgil, Priya and Nagpure, Sangeeta, Analysis of Advanced Volatile Threats Using Memory Forensics (March 23, 2019). Proceedings 2019: Conference on Technologies for Future Cities (CTFC), Available at SSRN: https://ssrn.com/abstract=3358798 or http://dx.doi.org/10.2139/ssrn.3358798

Priya Gadgil

University of Mumbai - K. J. Somaiya Institute of Engineering and Information Technology (KJSIEIT) ( email )

Vidyavihar
Maharashtra
India

Sangeeta Nagpure (Contact Author)

University of Mumbai - Department of Information Technology ( email )

Somaiya Ayurvihar Complex
Eastern Express Highway
Mumbai, 400022
India

Here is the Coronavirus
related research on SSRN

Paper statistics

Downloads
214
Abstract Views
743
rank
163,677
PlumX Metrics