With cyberattack techniques on the rise, there have been increasing developments in the detection techniques that defend against such attacks. However, cyber attackers are now developing fileless malware to bypass existing detection techniques. To combat this trend, security vendors are publishing analysis reports to help manage and better understand fileless malware. However, only fragmentary analysis reports for specific fileless cyberattacks exist, and there have been no comprehensive analyses on the variety of fileless cyberattacks that can be encountered. In this study, we analyze 10 selected cyberattacks that have occurred over the past five years in which fileless techniques were utilized. We also propose a methodology for classification based on the attack techniques and characteristics used in fileless cyberattacks. Finally, we describe how the response time can be improved during a fileless attack using our quick and effective classification technique.

中文翻译：

---

无文件网络攻击：分析和分类

随着网络攻击技术的发展，抵御此类攻击的检测技术也不断发展。但是，网络攻击者现在正在开发无文件恶意软件，以绕过现有的检测技术。为了应对这种趋势，安全供应商正在发布分析报告，以帮助管理和更好地理解无文件恶意软件。但是，仅存在针对特定无文件网络攻击的零碎分析报告，并且还没有针对可能遇到的各种无文件网络攻击的全面分析。在这项研究中，我们分析了在过去五年中使用无文件技术的10种选定的网络攻击。我们还提出了一种基于无文件网络攻击中使用的攻击技术和特征的分类方法。最后，