{"title":"Malware command and control over social media: Towards the server-less infrastructure","authors":"Vladimir Radunovic, M. Veinovic","doi":"10.2298/sjee2003357r","DOIUrl":null,"url":null,"abstract":"Intrusions into the computer systems are becoming increasingly sophisticated. Command and Control (C2) infrastructure, which enables attackers to remotely control infected devices, is a critical component. Malware is set to connect to C2 servers to receive commands and payloads, or upload logs or stolen files. Since techniques for detecting traditional C2 servers are also advancing, attackers look for ways to make C2 communication stealth and resilient. Increasingly, they hide C2 communications in plain sight, in particular on social media and other cloud-based public services. In this paper, we identify several emerging trends in the use of social media for C2 communications by providing a review of the existing research, discuss how attackers could combine these trends in the future to create a stealth and resilient server-less C2 model, look at possible defence aspects, and suggest further research.","PeriodicalId":37704,"journal":{"name":"Serbian Journal of Electrical Engineering","volume":"1 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2020-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Serbian Journal of Electrical Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2298/sjee2003357r","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Engineering","Score":null,"Total":0}
引用次数: 4
Abstract
Intrusions into the computer systems are becoming increasingly sophisticated. Command and Control (C2) infrastructure, which enables attackers to remotely control infected devices, is a critical component. Malware is set to connect to C2 servers to receive commands and payloads, or upload logs or stolen files. Since techniques for detecting traditional C2 servers are also advancing, attackers look for ways to make C2 communication stealth and resilient. Increasingly, they hide C2 communications in plain sight, in particular on social media and other cloud-based public services. In this paper, we identify several emerging trends in the use of social media for C2 communications by providing a review of the existing research, discuss how attackers could combine these trends in the future to create a stealth and resilient server-less C2 model, look at possible defence aspects, and suggest further research.
期刊介绍:
The main aims of the Journal are to publish peer review papers giving results of the fundamental and applied research in the field of electrical engineering. The Journal covers a wide scope of problems in the following scientific fields: Applied and Theoretical Electromagnetics, Instrumentation and Measurement, Power Engineering, Power Systems, Electrical Machines, Electrical Drives, Electronics, Telecommunications, Computer Engineering, Automatic Control and Systems, Mechatronics, Electrical Materials, Information Technologies, Engineering Mathematics, etc.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
