Malware command and control over social media: Towards the server-less infrastructure

Intrusions into the computer systems are becoming increasingly sophisticated. Command and Control (C2) infrastructure, which enables attackers to remotely control infected devices, is a critical component. Malware is set to connect to C2 servers to receive commands and payloads, or upload l...

Full description

Bibliographic Details
Main Authors: Radunović Vladimir, Veinović Mladen
Format: Article
Language:English
Published: Faculty of Technical Sciences in Cacak 2020-01-01
Series:Serbian Journal of Electrical Engineering
Subjects:
Online Access:http://www.doiserbia.nb.rs/img/doi/1451-4869/2020/1451-48692003357R.pdf
id doaj-8520b52fee6f408c81a1445c45ad8a0c
record_format Article
spelling doaj-8520b52fee6f408c81a1445c45ad8a0c2021-02-05T08:23:13ZengFaculty of Technical Sciences in CacakSerbian Journal of Electrical Engineering1451-48692217-71832020-01-0117335737510.2298/SJEE2003357R1451-48692003357RMalware command and control over social media: Towards the server-less infrastructureRadunović Vladimir0Veinović Mladen1DiploFoundation, Beograd, SerbiaSingidunum University, Beograd, SerbiaIntrusions into the computer systems are becoming increasingly sophisticated. Command and Control (C2) infrastructure, which enables attackers to remotely control infected devices, is a critical component. Malware is set to connect to C2 servers to receive commands and payloads, or upload logs or stolen files. Since techniques for detecting traditional C2 servers are also advancing, attackers look for ways to make C2 communication stealth and resilient. Increasingly, they hide C2 communications in plain sight, in particular on social media and other cloud-based public services. In this paper, we identify several emerging trends in the use of social media for C2 communications by providing a review of the existing research, discuss how attackers could combine these trends in the future to create a stealth and resilient server-less C2 model, look at possible defence aspects, and suggest further research.http://www.doiserbia.nb.rs/img/doi/1451-4869/2020/1451-48692003357R.pdfcommand and controlbotnetsocial mediaencryptionsecurity
collection DOAJ
language English
format Article
sources DOAJ
author Radunović Vladimir
Veinović Mladen
spellingShingle Radunović Vladimir
Veinović Mladen
Malware command and control over social media: Towards the server-less infrastructure
Serbian Journal of Electrical Engineering
command and control
botnet
social media
encryption
security
author_facet Radunović Vladimir
Veinović Mladen
author_sort Radunović Vladimir
title Malware command and control over social media: Towards the server-less infrastructure
title_short Malware command and control over social media: Towards the server-less infrastructure
title_full Malware command and control over social media: Towards the server-less infrastructure
title_fullStr Malware command and control over social media: Towards the server-less infrastructure
title_full_unstemmed Malware command and control over social media: Towards the server-less infrastructure
title_sort malware command and control over social media: towards the server-less infrastructure
publisher Faculty of Technical Sciences in Cacak
series Serbian Journal of Electrical Engineering
issn 1451-4869
2217-7183
publishDate 2020-01-01
description Intrusions into the computer systems are becoming increasingly sophisticated. Command and Control (C2) infrastructure, which enables attackers to remotely control infected devices, is a critical component. Malware is set to connect to C2 servers to receive commands and payloads, or upload logs or stolen files. Since techniques for detecting traditional C2 servers are also advancing, attackers look for ways to make C2 communication stealth and resilient. Increasingly, they hide C2 communications in plain sight, in particular on social media and other cloud-based public services. In this paper, we identify several emerging trends in the use of social media for C2 communications by providing a review of the existing research, discuss how attackers could combine these trends in the future to create a stealth and resilient server-less C2 model, look at possible defence aspects, and suggest further research.
topic command and control
botnet
social media
encryption
security
url http://www.doiserbia.nb.rs/img/doi/1451-4869/2020/1451-48692003357R.pdf
work_keys_str_mv AT radunovicvladimir malwarecommandandcontroloversocialmediatowardstheserverlessinfrastructure
AT veinovicmladen malwarecommandandcontroloversocialmediatowardstheserverlessinfrastructure
_version_ 1724283943488847872