Real-Time Detection of Command-and-Control Communications Using Deep Learning Models
Real-Time Detection of Command-and-Control Communications Using Deep Learning Models
Author(s): Nouf Aljammaz, Suliman Mohamed Fati, Mamdouh AleneziSubject(s): Media studies, Theory of Communication, ICT Information and Communications Technologies
Published by: Transnational Press London
Keywords: Command and Control (C2) Detection; Deep Learning in Cybersecurity; RealTime Threat Classification; Network Traffic Analysis;
Summary/Abstract: ncreasingly advanced cyber threats pose a challenge for cybersecurity professionals, and C2 communications detection and prevention remain an extremely critical issue. Polymorphic malware and encrypted channels support modern adversaries in stealthy control of compromised systems. Redundant signature-based detection cannot be effective in those cases. Therefore, in this paper, we present a novel framework based on deep learning and real-time classification for malicious C2 traffic detection. More specifically, an MLP model is trained with a custom-designed dataset of network traffic to efficiently discriminate between legitimate traffic and allegedly malicious C2 packets. In addition to the MLP, there is also a real-time classification system based on behavioral analysis of SSL certificates and Nmap script outputs in order to reveal Metasploit and Cobalt Strike threat types. Extensive testing of self-collected data validates the excellent performance of the detection innovation with 99% detection rate of C2 threats and 99.9% correct classification in specific frameworks. Behavioral assessments and deep learning come together to form a powerful and scalable defense against a new breed of cyber threat.
Journal: Journal of Posthumanism
- Issue Year: 5/2025
- Issue No: 5
- Page Range: 412-427
- Page Count: 16
- Language: English
