Fileless Malware and its evolving ML-based detection, classification and prevention
The main approach for detection and prevention of malware is based upon the concept of file signatures. More specifically, the anti-virus (AV) solutions are scanning the system’s storage devices and hash files at process/creation time. They then compare each of these hashes with their respective curated database which contains signatures of known malware samples. If there is a match then the file is flagged as malicious and subsequent actions take place to contain it. But what could happen if there was some kind of malware that did not rely on a file to accomplish its mission?