Fragmented distribution attack

This article is an orphan, as no other articles link to it. Please introduce links to this page from related articles; try the Find link tool for suggestions. (February 2013)

Fragmented distribution attack in computer security is a malware or virus distribution technique aiming at bypassing protection systems by sending fragments of code over the network.

This technique was first described in a paper published at the Virus Bulletin 2009 annual conference by Anoirel Issa, malware analyst for Symantec Hosted Services, formerly MessageLabs.

Method of attack

A malware is split into several fragments and embedded in an innocent file, and these segments are sent over a protected network. The fragmented malware successfully bypasses firewalls, IDS and anti-virus software undetected, then is re-assembled on the victim's system. The re-assembler is a separate program, which is not necessarily malware; thus, it can evade security measures, locate malware fragment carriers, and pre-assemble the malware in memory. The re-assembler may write the code to disk then execute the re-assembled code either in memory or on disk.

Consequences

If successfully achieved, an FDA attack can result in some serious consequences, depending on the victim's level of protection. Consequences are not easily predictable but can lead to:

• Data and intellectual property leakage
• Government, military, and industrial espionage
• Irreversible financial losses

External links

• Virus bulletin conference White paper

This computer science article is a stub. You can help EverybodyWiki by expanding it. v t e

This article "Fragmented distribution attack" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:Fragmented distribution attack. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.