Fragmented distribution attack

This article is an orphan, as no other articles link to it. Please introduce links to this page from related articles; try the Find link tool for suggestions. (February 2013)

Fragmented distribution attack in computer security is a malware or virus distribution technique aiming at bypassing protection systems by sending fragments of code over the network.

This technique has been first described in a paper published on Virus Bulletin 2009 annual conference by Anoirel Issa, malware Analyst for the Symantec Hosted Services, formerly MessageLabs.

Method of attack[edit]

A malware is split into several fragments and are embedded in an innocent file, and these segments are sent over a protected network. The fragmented malware successfully bypasses firewalls, IDS and anti-virus undetected, then is re-assembled on victim's system. The re-assembler is a separate program, which is not necessarily a malware thus can evade security measures, locates malware fragment carriers and pre-assemble the malware in memory. The re-assembler may write the code to disk then executes the re-assembled code on either in memory or on disk.

Consequences[edit]

If successfully achieved, an FDA attack can result to some serious consequences depends on the victim's level of protection. Consequence not easily predictable but can lead to:

• Data, intellectual property leakage
• Government, military, industrial espionage
• Irreversible financial losses

External links[edit]

• Virus bulletin conference White paper

This computer science article is a stub. You can help EverybodyWiki by expanding it. v t e

This article "Fragmented distribution attack" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:Fragmented distribution attack. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.