{"id":"https://openalex.org/W3013896538","doi":"https://doi.org/10.1186/s42400-019-0043-x","title":"An emerging threat Fileless malware: a survey and research challenges","display_name":"An emerging threat Fileless malware: a survey and research challenges","publication_year":2020,"publication_date":"2020-01-14","ids":{"openalex":"https://openalex.org/W3013896538","doi":"https://doi.org/10.1186/s42400-019-0043-x","mag":"3013896538"},"language":"en","primary_location":{"id":"doi:10.1186/s42400-019-0043-x","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-019-0043-x","pdf_url":"https://cybersecurity.springeropen.com/track/pdf/10.1186/s42400-019-0043-x","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://cybersecurity.springeropen.com/track/pdf/10.1186/s42400-019-0043-x","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5041171339","display_name":"Sudhakar","orcid":null},"institutions":[{"id":"https://openalex.org/I152429107","display_name":"Jawaharlal Nehru University","ror":"https://ror.org/0567v8t28","country_code":"IN","type":"education","lineage":["https://openalex.org/I152429107"]},{"id":"https://openalex.org/I4210121746","display_name":"Ministry of Electronics and Information Technology","ror":"https://ror.org/02z31cn83","country_code":"IN","type":"government","lineage":["https://openalex.org/I4210121746"]},{"id":"https://openalex.org/I4210134466","display_name":"Computer Emergency Response Team","ror":"https://ror.org/03hwfnp11","country_code":"FR","type":"government","lineage":["https://openalex.org/I4210134466"]}],"countries":["FR","IN"],"is_corresponding":true,"raw_author_name":"Sudhakar","raw_affiliation_strings":["Indian Computer Emergency Response Team, Ministry of Electronics & Information Technology, 110003, New Delhi, India","School of Computer & Systems Sciences, Jawaharlal Nehru University, 110067, New Delhi, India"],"raw_orcid":"https://orcid.org/0000-0001-7590-1995","affiliations":[{"raw_affiliation_string":"Indian Computer Emergency Response Team, Ministry of Electronics & Information Technology, 110003, New Delhi, India","institution_ids":["https://openalex.org/I4210121746","https://openalex.org/I4210134466"]},{"raw_affiliation_string":"School of Computer & Systems Sciences, Jawaharlal Nehru University, 110067, New Delhi, India","institution_ids":["https://openalex.org/I152429107"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5057543679","display_name":"Sushil Kumar","orcid":"https://orcid.org/0000-0001-9113-2890"},"institutions":[{"id":"https://openalex.org/I152429107","display_name":"Jawaharlal Nehru University","ror":"https://ror.org/0567v8t28","country_code":"IN","type":"education","lineage":["https://openalex.org/I152429107"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Sushil Kumar","raw_affiliation_strings":["School of Computer & Systems Sciences, Jawaharlal Nehru University, 110067, New Delhi, India"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Computer & Systems Sciences, Jawaharlal Nehru University, 110067, New Delhi, India","institution_ids":["https://openalex.org/I152429107"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5041171339"],"corresponding_institution_ids":["https://openalex.org/I152429107","https://openalex.org/I4210121746","https://openalex.org/I4210134466"],"apc_list":null,"apc_paid":null,"fwci":12.9245,"has_fulltext":true,"cited_by_count":159,"citation_normalized_percentile":{"value":0.99301703,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":99,"max":100},"biblio":{"volume":"3","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9553520679473877},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7648497819900513},{"id":"https://openalex.org/keywords/cryptovirology","display_name":"Cryptovirology","score":0.7483885288238525},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7263374328613281},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.6189913749694824},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.5723243355751038},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.5494661331176758},{"id":"https://openalex.org/keywords/trace","display_name":"TRACE (psycholinguistics)","score":0.42984604835510254},{"id":"https://openalex.org/keywords/system-call","display_name":"System call","score":0.41394972801208496},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1293674111366272}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9553520679473877},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7648497819900513},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.7483885288238525},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7263374328613281},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.6189913749694824},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.5723243355751038},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.5494661331176758},{"id":"https://openalex.org/C75291252","wikidata":"https://www.wikidata.org/wiki/Q1315756","display_name":"TRACE (psycholinguistics)","level":2,"score":0.42984604835510254},{"id":"https://openalex.org/C2778579508","wikidata":"https://www.wikidata.org/wiki/Q722192","display_name":"System call","level":2,"score":0.41394972801208496},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1293674111366272},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1186/s42400-019-0043-x","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-019-0043-x","pdf_url":"https://cybersecurity.springeropen.com/track/pdf/10.1186/s42400-019-0043-x","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:74d90f47e1c54b51bab52f2d93ff26b8","is_oa":true,"landing_page_url":"https://doaj.org/article/74d90f47e1c54b51bab52f2d93ff26b8","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Cybersecurity, Vol 3, Iss 1, Pp 1-12 (2020)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1186/s42400-019-0043-x","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-019-0043-x","pdf_url":"https://cybersecurity.springeropen.com/track/pdf/10.1186/s42400-019-0043-x","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.7699999809265137,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3013896538.pdf","grobid_xml":"https://content.openalex.org/works/W3013896538.grobid-xml"},"referenced_works_count":36,"referenced_works":["https://openalex.org/W147492637","https://openalex.org/W1968389182","https://openalex.org/W1970399788","https://openalex.org/W1972757409","https://openalex.org/W1980065740","https://openalex.org/W2027435913","https://openalex.org/W2032437438","https://openalex.org/W2106671073","https://openalex.org/W2134992366","https://openalex.org/W2138273211","https://openalex.org/W2301926061","https://openalex.org/W2534766289","https://openalex.org/W2544541072","https://openalex.org/W2579276500","https://openalex.org/W2591395630","https://openalex.org/W2605860169","https://openalex.org/W2783112941","https://openalex.org/W2790499090","https://openalex.org/W2791364351","https://openalex.org/W2797495997","https://openalex.org/W2808451969","https://openalex.org/W2808681425","https://openalex.org/W2894506898","https://openalex.org/W2907369926","https://openalex.org/W2931991156","https://openalex.org/W2946134548","https://openalex.org/W2949341542","https://openalex.org/W2963273426","https://openalex.org/W2967111403","https://openalex.org/W2971076825","https://openalex.org/W2988961468","https://openalex.org/W3021145266","https://openalex.org/W4211185686","https://openalex.org/W4240886128","https://openalex.org/W4254724021","https://openalex.org/W4300009529"],"related_works":["https://openalex.org/W2469507153","https://openalex.org/W2008790809","https://openalex.org/W3022706011","https://openalex.org/W2768892939","https://openalex.org/W2160963033","https://openalex.org/W2965893286","https://openalex.org/W2991580804","https://openalex.org/W2810666735","https://openalex.org/W2469346691","https://openalex.org/W3211525895"],"abstract_inverted_index":{"Abstract":[0],"With":[1],"the":[2,7,42,73,96,99,126,139,144,146,152],"evolution":[3],"of":[4,60,75,115],"cybersecurity":[5],"countermeasures,":[6],"threat":[8],"landscape":[9],"has":[10],"also":[11],"evolved,":[12],"especially":[13],"in":[14,125,138,151],"malware":[15,19,27,52,71,117,136],"from":[16],"traditional":[17,31],"file-based":[18],"to":[20,33,65,80,94,105,133],"sophisticated":[21],"and":[22,63,118,158],"multifarious":[23],"fileless":[24,51,116,135],"malware.":[25],"Fileless":[26],"does":[28,39],"not":[29,40],"use":[30,41,91,102],"executables":[32],"carry-out":[34],"its":[35,61,82],"activities.":[36],"So,":[37],"it":[38],"file":[43],"system,":[44],"thereby":[45],"evading":[46],"signature-based":[47],"detection":[48,120],"system.":[49],"The":[50,70],"attack":[53],"is":[54],"catastrophic":[55],"for":[56],"any":[57,67],"enterprise":[58],"because":[59],"persistence,":[62],"power":[64,74],"evade":[66],"anti-virus":[68],"solutions.":[69],"leverages":[72],"operating":[76],"systems,":[77],"trusted":[78],"tools":[79,93,104],"accomplish":[81],"malicious":[83],"intent.":[84],"To":[85],"analyze":[86],"such":[87],"malware,":[88],"security":[89],"professionals":[90],"forensic":[92],"trace":[95],"attacker,":[97],"whereas":[98],"attacker":[100],"might":[101],"anti-forensics":[103],"erase":[106],"their":[107,119],"traces.":[108],"This":[109],"survey":[110],"makes":[111],"a":[112,130],"comprehensive":[113],"analysis":[114],"techniques":[121],"that":[122],"are":[123,156,161],"available":[124],"literature.":[127],"We":[128],"present":[129,150],"process":[131,154],"model":[132,155],"handle":[134],"attacks":[137],"incident":[140],"response":[141],"process.":[142],"In":[143],"end,":[145],"specific":[147],"research":[148],"gaps":[149],"proposed":[153],"identified,":[157],"associated":[159],"challenges":[160],"highlighted.":[162]},"counts_by_year":[{"year":2026,"cited_by_count":10},{"year":2025,"cited_by_count":36},{"year":2024,"cited_by_count":28},{"year":2023,"cited_by_count":26},{"year":2022,"cited_by_count":27},{"year":2021,"cited_by_count":20},{"year":2020,"cited_by_count":12}],"updated_date":"2026-06-05T09:01:59.212387","created_date":"2025-10-10T00:00:00"}