The Fileless present of Malware and its evolving ML based detection, classification and prevention
The main approach for detection and prevention of malware is based upon the concept of file signatures. More specifically, the AV solutions are scanning the system’s storage devices and hash files at process/creation time. Then they compare each of these hashes with their respective curated database which contains signatures of known malware samples. If there is a match then the file is flagged as malicious and subsequent actions take place to contain it. But what could happen if there was some kind of malware that did not rely on a file to accomplish its mission?