Return to search

What's the Deal with Stegomalware? : The Techniques, Challenges, Defence and Landscape / Vad händer med Stegomalware? : Teknikerna, utmaningarna, skyddet och landskapet

Stegomalware is the art of hiding malicious software with steganography. Steganography is the technique of hiding data in a seemingly innocuous carrier. The occurrence of stegomalware is increasing, with attackers using ingenious techniques to avoid detection. Through a literature review, this thesis explores prevalent techniques used by attackers and their efficacy. Furthermore, it investigates detection techniques and defensive measures against stegomalware. The results show that embedding information in images is common for exfiltrating data or sending smaller files to an infected host. Word, Excel, and PDF documents are common with phishing emails as the entry vector for attacks. Most of the common Internet protocols are used to exfiltrate data with HTTP, ICMP and DNS showed to be the most prevalent in recent attacks. Machine learning anomaly-based detection techniques show promising results for detecting unknown malware, however, a combination of several techniques seems preferable. Employee knowledge, Content Threat Removal, and traffic normalization are all effective defenses against stegomalware. The stegomalware landscape shows an increase of attacks utilizing obfuscation techniques, such as steganography, to bypass security and it is most likely to increase in the near future.

Identiferoai:union.ndltd.org:UPSALLA1/oai:DiVA.org:lnu-104886
Date January 2021
CreatorsBjörklund, Kristoffer
PublisherLinnéuniversitetet, Institutionen för datavetenskap och medieteknik (DM)
Source SetsDiVA Archive at Upsalla University
LanguageEnglish
Detected LanguageEnglish
TypeStudent thesis, info:eu-repo/semantics/bachelorThesis, text
Formatapplication/pdf
Rightsinfo:eu-repo/semantics/openAccess

Page generated in 0.0018 seconds