恶意软件对社交媒体的命令和控制:迈向无服务器基础设施

Q3 Engineering

Serbian Journal of Electrical Engineering Pub Date : 2020-01-01 DOI:10.2298/sjee2003357r

Vladimir Radunovic, M. Veinovic

{"title":"恶意软件对社交媒体的命令和控制:迈向无服务器基础设施","authors":"Vladimir Radunovic, M. Veinovic","doi":"10.2298/sjee2003357r","DOIUrl":null,"url":null,"abstract":"Intrusions into the computer systems are becoming increasingly sophisticated. Command and Control (C2) infrastructure, which enables attackers to remotely control infected devices, is a critical component. Malware is set to connect to C2 servers to receive commands and payloads, or upload logs or stolen files. Since techniques for detecting traditional C2 servers are also advancing, attackers look for ways to make C2 communication stealth and resilient. Increasingly, they hide C2 communications in plain sight, in particular on social media and other cloud-based public services. In this paper, we identify several emerging trends in the use of social media for C2 communications by providing a review of the existing research, discuss how attackers could combine these trends in the future to create a stealth and resilient server-less C2 model, look at possible defence aspects, and suggest further research.","PeriodicalId":37704,"journal":{"name":"Serbian Journal of Electrical Engineering","volume":"1 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2020-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Malware command and control over social media: Towards the server-less infrastructure\",\"authors\":\"Vladimir Radunovic, M. Veinovic\",\"doi\":\"10.2298/sjee2003357r\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Intrusions into the computer systems are becoming increasingly sophisticated. Command and Control (C2) infrastructure, which enables attackers to remotely control infected devices, is a critical component. Malware is set to connect to C2 servers to receive commands and payloads, or upload logs or stolen files. Since techniques for detecting traditional C2 servers are also advancing, attackers look for ways to make C2 communication stealth and resilient. Increasingly, they hide C2 communications in plain sight, in particular on social media and other cloud-based public services. In this paper, we identify several emerging trends in the use of social media for C2 communications by providing a review of the existing research, discuss how attackers could combine these trends in the future to create a stealth and resilient server-less C2 model, look at possible defence aspects, and suggest further research.\",\"PeriodicalId\":37704,\"journal\":{\"name\":\"Serbian Journal of Electrical Engineering\",\"volume\":\"1 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Serbian Journal of Electrical Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.2298/sjee2003357r\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"Engineering\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Serbian Journal of Electrical Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2298/sjee2003357r","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Engineering","Score":null,"Total":0}

引用次数: 4

摘要

对计算机系统的入侵正变得越来越复杂。命令和控制(C2)基础设施是一个关键组件，它使攻击者能够远程控制受感染的设备。恶意软件被设置为连接到C2服务器，以接收命令和有效载荷，或上传日志或被盗文件。由于检测传统C2服务器的技术也在进步，攻击者寻找使C2通信隐身和有弹性的方法。他们越来越多地将C2通信隐藏在显眼的地方，特别是在社交媒体和其他基于云的公共服务上。在本文中，我们通过对现有研究的回顾，确定了使用社交媒体进行C2通信的几个新兴趋势，讨论了攻击者如何在未来结合这些趋势来创建一个隐形的、有弹性的无服务器的C2模型，研究可能的防御方面，并建议进一步的研究。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Malware command and control over social media: Towards the server-less infrastructure

Intrusions into the computer systems are becoming increasingly sophisticated. Command and Control (C2) infrastructure, which enables attackers to remotely control infected devices, is a critical component. Malware is set to connect to C2 servers to receive commands and payloads, or upload logs or stolen files. Since techniques for detecting traditional C2 servers are also advancing, attackers look for ways to make C2 communication stealth and resilient. Increasingly, they hide C2 communications in plain sight, in particular on social media and other cloud-based public services. In this paper, we identify several emerging trends in the use of social media for C2 communications by providing a review of the existing research, discuss how attackers could combine these trends in the future to create a stealth and resilient server-less C2 model, look at possible defence aspects, and suggest further research.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Serbian Journal of Electrical Engineering Energy-Energy Engineering and Power Technology

CiteScore

1.30

自引率

0.00%

发文量

审稿时长

25 weeks

期刊介绍： The main aims of the Journal are to publish peer review papers giving results of the fundamental and applied research in the field of electrical engineering. The Journal covers a wide scope of problems in the following scientific fields: Applied and Theoretical Electromagnetics, Instrumentation and Measurement, Power Engineering, Power Systems, Electrical Machines, Electrical Drives, Electronics, Telecommunications, Computer Engineering, Automatic Control and Systems, Mechatronics, Electrical Materials, Information Technologies, Engineering Mathematics, etc.