Litcius/Paper detail

Weaponizing Real-world Applications as C2 (Command and Control)

Abhishek Sidhardhan, S Keerthana, Jinesh M. Kannimoola

202313 citationsDOI

Abstract

The cybersecurity domain faces growing threats from Advanced Persistent Threat (APT), a targeted attack against high-profile organizations that can remain undetected for extended periods despite improvements in detection mechanisms. Despite developing sophisticated detection methods, large-scale attacks continue to occur worldwide using traditional techniques such as C2C (Command & Control) communication with various frameworks and protocols. To combat these attacks, researchers must understand new trends in intrusion techniques. This study utilizes real-world applications, including social media and collaborative platforms, as C2 channels to communicate stealthily and undetectably with compromised hosts in the post-exploitation phase of APT attacks. Through a case study, the authors demonstrate how this method can evade state-of-the-art intrusion detection methods, clearly understanding how APT can weaponize Twitter as a C2 channel, enabling defenders to detect and respond to such attacks.

Topics & Concepts

Computer scienceComputer securityIntrusion detection systemCommand and controlControl (management)IntrusionDomain (mathematical analysis)Social mediaWorld Wide WebTelecommunicationsArtificial intelligenceMathematical analysisGeologyMathematicsGeochemistryNetwork Security and Intrusion DetectionAdvanced Malware Detection TechniquesInformation and Cyber Security