Inhaltszusammenfassung

In recent years, malware increasingly applies steganography methods to remain undetected as long as possible. Such malware is called stegomalware. Stegomalware not only covers its tracks on the infected system, but also hides its communication with adversary infrastructure. This paper reviews 106 stegomalware cases on the basis of 133 reports, including digital media (audio, video, images), text, and network steganography. For this purpose, the steganography methods used by the malware are ca...In recent years, malware increasingly applies steganography methods to remain undetected as long as possible. Such malware is called stegomalware. Stegomalware not only covers its tracks on the infected system, but also hides its communication with adversary infrastructure. This paper reviews 106 stegomalware cases on the basis of 133 reports, including digital media (audio, video, images), text, and network steganography. For this purpose, the steganography methods used by the malware are categorized and introduced using a pattern-based approach. Our survey reveals that solely a small set of patterns are employed by known malware samples. We also analyzed the commonalities of media-, text-, and network-based stegomalware. We show that only a small variation of network protocols, media types and hiding methods are utilized by stegomalware. For this reason, research may focus on these to counter malicious activities covered by steganography.» weiterlesen» einklappen

Autoren

Klassifikation

DFG Fachgebiet:
Informatik

DDC Sachgruppe:
Informatik