Skip to main content

Table 5 Comparison of challenges between file-based and fileless malware

From: An emerging threat Fileless malware: a survey and research challenges

ChallengesFile-based malwareFileless malware
1. Detection and collectionMalicious files are available and detect by the AV solutions.Since, the malicious files are unavailable, it required to do in-depth memory analysis for the identification of malicious programs running in memory and collect malicious patterns as evidence.
2. ExaminationPerform static and dynamic analysis of the malicious sample to extract indicators of compromises (IOCs).To establish and validate the attack, all pieces of evidence, such as network events, logs of all security tools, and hosts are required to examine.
3. Analysis & investigationCo-relate the intention of the attacker from the IOCs and investigate the attacker IP through mapping with IP-geolocation.Co-relate the intention of the attacker from the IOCs and investigate the attacker IP through mapping with IP-geolocation.
4. Incident responseThe accurate response of malicious activity should be communicated to mitigate the threat.The accurate response of malicious activity should be communicated to mitigate the threat.