大会名称 |
---|
2021年 総合大会 |
大会コ-ド |
2021G |
開催年 |
2021 |
発行日 |
2021-02-23 |
セッション番号 |
BS-7 |
セッション名 |
AI technologies and their applications for future network systems and services |
講演日 |
2021/3/9 |
講演場所(会議室等) |
Meeting 30 |
講演番号 |
BS-7-12 |
タイトル |
Real-Time Detection of Fileless Malware By Observing Instructions |
著者名 |
◎Tomohito Ito, Akihito Taya, Yoshito Tobe, |
キーワード |
file-less malware, registry, PowerShell |
抄録 |
In recent years, there has been an increase in the detection of file-independent malware. It is believed that the increasing trend of fileless malware will continue because it is difficult to be detected by conventional security software using signature-based prevention and detection methods; the conventional approach necessitates files created by the malware. because it does not depend on files. To solve this problem, we have developed an analyzer that can detect fileless malware in real time using memory analysis. In particular, we analyze the instructions exected by the malware. In this paper, we describe the method of detecting fileless malware in real time, explain its design, and show some preliminary results. |
本文pdf |
PDF download
|