A survey on the evolution of fileless attacks and detection techniques

Fileless attacks have gained significant prominence and have become the prevailing type of attack in recent years. The exceptional level of stealthiness and difficulty in detection inherent in fileless attacks has made them highly favored by attackers. In this paper, we have conducted a comprehensive review of the historical development of fileless attack techniques, systematically analyzed various technical aspects and characteristics of fileless attacks, and proposed a comprehensive fileless threat model. Additionally, we have introduced a novel perspective for classifying fileless attack techniques based on their leverage in the system hierarchy. Furthermore, we conduct a systematic review of research on various fileless attack detection techniques, summarize the challenges in fileless attack detection, and discuss future directions for research in fileless attack detection.