caa a22 4500 606229256 CHVBK 20210128101208.0 cr unu---uuuuu 210128e20151001xx s 000 0 eng 10.1007/s10796-015-9570-5 doi (NATIONALLICENCE)springer-10.1007/s10796-015-9570-5 Analysis of a multistage attack embedded in a video file [Elektronische Daten] [Hiran Nath, B. Mehtre] In 1990s, burglars used to break into house, while the residents were viewing some interesting television shows. This type of attacks happened mainly in the physical world and it was expected that cyber world is free from such crimes. Unfortunately, this is not true. A skilled hacker could compromise a system, while the user is viewing (an interesting) video file. Quite often computer users, use their machines for viewing (interesting) videos. Such users may be naive users or could even be those who work on mission critical systems, like banking, defence, nuclear power-plant, space agencies etc. So playing a video file can lead to high security risk. In this paper, we have analysed video files, for detecting multistage attacks. We found that some video files contain malicious link through which an exploit gets downloaded into the host machine. The contribution of this paper is the discovery of novel attacks that are hidden (by perpetrator) in innocuous video files with the objective of staging a targeted attack in multiple stages. Finally, we propose a new method for detection of such attacks (carried through video files) using API calls. Springer Science+Business Media New York, 2015 Multi-stage attacks nationallicence Malicious video file nationallicence Drive-by-download attack nationallicence APTs nationallicence Targeted attacks nationallicence Novel attacks nationallicence Nath Hiran Center for Information Assurance & Management (CIAM), Institute for Development and Research in Banking Technology (IDRBT), Hyderabad, India aut Mehtre B. Center for Information Assurance & Management (CIAM), Institute for Development and Research in Banking Technology (IDRBT), Hyderabad, India aut Information Systems Frontiers Springer US; http://www.springer-ny.com 17/5(2015-10-01), 1029-1037 1387-3326 17:5<1029 2015 17 10796 https://doi.org/10.1007/s10796-015-9570-5 text/html Onlinezugriff via DOI BK010053 XK010053 XK010000 Metadata rights reserved Springer special CC-BY-NC licence nationallicence 1 research-article jats NATIONALLICENCE NATIONALLICENCE NL-springer NATIONALLICENCE 856 40 https://doi.org/10.1007/s10796-015-9570-5 text/html Onlinezugriff via DOI NATIONALLICENCE 700 1- Nath Hiran Center for Information Assurance & Management (CIAM), Institute for Development and Research in Banking Technology (IDRBT), Hyderabad, India aut NATIONALLICENCE 700 1- Mehtre B. Center for Information Assurance & Management (CIAM), Institute for Development and Research in Banking Technology (IDRBT), Hyderabad, India aut NATIONALLICENCE 773 0- Information Systems Frontiers Springer US; http://www.springer-ny.com 17/5(2015-10-01), 1029-1037 1387-3326 17:5<1029 2015 17 10796