Skip to main content

DeepC2: AI-Powered Covert Command and Control on OSNs

  • Conference paper
  • First Online:
Information and Communications Security (ICICS 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13407))

Included in the following conference series:


Command and control (C &C) is important in an attack. It transfers commands from the attacker to the malware in the compromised hosts. Currently, some attackers use online social networks (OSNs) in C &C tasks. There are two main problems in the C &C on OSNs. First, the process for the malware to find the attacker is reversible. If the malware sample is analyzed by the defender, the attacker would be exposed before publishing the commands. Second, the commands in plain or encrypted form are regarded as abnormal contents by OSNs, which would raise anomalies and trigger restrictions on the attacker. The defender can limit the attacker once it is exposed. In this work, we propose DeepC2, an AI-powered C &C on OSNs, to solve these problems. For the reversible hard-coding, the malware finds the attacker using a neural network model. The attacker’s avatars are converted into a batch of feature vectors, and the defender cannot recover the avatars in advance using the model and the feature vectors. To solve the abnormal contents on OSNs, hash collision and text data augmentation are used to embed commands into normal contents. The experiment on Twitter shows that command-embedded tweets can be generated efficiently. The malware can find the attacker covertly on OSNs. Security analysis shows it is hard to recover the attacker’s identifiers in advance.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions


  1. Anderson, H.S., Kharkar, A., Filar, B., Evans, D., Roth, P.: Learning to evade static PE machine learning malware models via reinforcement learning. CoRR abs/1801.08917 (2018).

  2. Bailey, M., Cooke, E., Jahanian, F., Xu, Y., Karir, M.: A survey of botnet technology and defenses. In: 2009 Cybersecurity Applications Technology Conference for Homeland Security, pp. 299–304 (2009)

    Google Scholar 

  3. Bromley, J., et al.: Signature verification using a “Siamese’’ time delay neural network. Int. J. Pattern Recogn. Artif. Intell. 7(4), 669–688 (1993).

    Article  Google Scholar 

  4. Buchner, J.: ImageHash-PyPi (2020).

  5. Chatterjee, S., Zielinski, P.: On the generalization mystery in deep learning. CoRR abs/2203.10036 (2022).

  6. Faou, M.: From Agent.BTZ to ComRAT v4: a ten-year journey. Technical report, ESET, May 2020

    Google Scholar 

  7. Ferrara, E., Varol, O., Davis, C., Menczer, F., Flammini, A.: The rise of social bots. Commun. ACM 59(7), 96–104 (2016)

    Article  Google Scholar 

  8. FireEye: Uncovering a malware backdoor that uses twitter. Technical report, FireEye (2015)

    Google Scholar 

  9. Google: Google search (2021).

  10. Group-IB: Lazarus arisen: architecture, techniques and attribution. Technical report, Group-IB (2017)

    Google Scholar 

  11. Gu, G., Perdisci, R., Zhang, J., Lee, W.: BotMiner: clustering analysis of network traffic for protocol- and structure-independent botnet detection. In: Proceedings of the 17th USENIX Security Symposium, pp. 139–154. USENIX Association (2008)

    Google Scholar 

  12. Hadsell, R., Chopra, S., LeCun, Y.: Dimensionality reduction by learning an invariant mapping. In: 2006 IEEE Computer Society Conference on Computer Vision and Pattern Recognition (CVPR 2006), vol. 2, pp. 1735–1742 (2006)

    Google Scholar 

  13. Hu, W., Tan, Y.: Generating adversarial malware examples for black-box attacks based on GAN. CoRR abs/1702.05983 (2017).

  14. Kirat, D., Jang, J., Stoecklin, M.P.: Deeplocker - concealing targeted attacks with AI locksmithing. Technical report, IBM Research (2018)

    Google Scholar 

  15. Kwak, M., Cho, Y.: A novel video steganography-based botnet communication model in telegram SNS messenger. Symmetry 13(1), 84 (2021).

    Article  Google Scholar 

  16. Lecue, F., et al.: Explainable AI: foundations, industrial applications, practical challenges, and lessons learned, February 2020.

  17. LeCun, Y., et al.: Backpropagation applied to handwritten zip code recognition. Neural Comput. 1(4), 541–551 (1989).

    Article  Google Scholar 

  18. Liu, T., Liu, Z., Liu, Q., Wen, W., Xu, W., Li, M.: StegoNet: turn deep neural network into a stegomalware. In: Annual Computer Security Applications Conference, ACSAC 2020, New York, NY, USA, pp. 928–938. Association for Computing Machinery (2020).

  19. Liu, Y., et al.: Trojaning attack on neural networks. In: 25th Annual Network and Distributed System Security Symposium, NDSS 2018 (2018)

    Google Scholar 

  20. Nagaraja, S., Houmansadr, A., Piyawongwisal, P., Singh, V., Agarwal, P., Borisov, N.: Stegobot: a covert social network botnet. In: Filler, T., Pevný, T., Craver, S., Ker, A. (eds.) IH 2011. LNCS, vol. 6958, pp. 299–313. Springer, Heidelberg (2011).

    Chapter  Google Scholar 

  21. Pantic, N., Husain, M.I.: Covert botnet command and control using twitter. In: Proceedings of the 31st Annual Computer Security Applications Conference, ACSAC 2015, pp. 171–180. ACM (2015).

  22. Plohmann, D., Yakdan, K., Klatt, M., Bader, J., Gerhards-Padilla, E.: A comprehensive measurement study of domain generating malware. In: 25th USENIX Security Symposium, Austin, TX, pp. 263–278. USENIX Association, August 2016

    Google Scholar 

  23. Qiu, S., Liu, Q., Zhou, S., Wu, C.: Review of artificial intelligence adversarial attack and defense technologies. Appl. Sci. 9(5), 909 (2019)

    Article  Google Scholar 

  24. Quora: How can I create bulk twitter accounts automatically? (2020).

  25. Rigaki, M., Garcia, S.: Bringing a GAN to a knife-fight: adapting malware communication to avoid detection. In: 2018 IEEE Security and Privacy Workshops, SP Workshops 2018, San Francisco, CA, USA, pp. 70–75. IEEE Computer Society (2018).

  26. Sebastian, S., Ayyappan, S., Vinod, P.: Framework for design of graybot in social network. In: 2014 International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 2331–2336. IEEE (2014)

    Google Scholar 

  27. Stefanko, L.: New telegram-abusing android rat discovered in the wild, June 2018.

  28. Taniguchi, T., Griffioen, H., Doerr, C.: Analysis and takeover of the bitcoin-coordinated pony malware. In: Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security, pp. 916–930. ACM (2021)

    Google Scholar 

  29. Twitter: Twitter terms of service (2020).

  30. Wang, J., Liu, Q., Wu, D., Dong, Y., Cui, X.: Crafting adversarial example to bypass flow- &ML-based botnet detector via RL. In: RAID 2021: 24th International Symposium on Research in Attacks, Intrusions and Defenses, San Sebastian, Spain, 6–8 October 2021, pp. 193–204. ACM (2021).

  31. Wang, Z., Liu, C., Cui, X.: EvilModel: hiding malware inside of neural network models. In: IEEE Symposium on Computers and Communications, ISCC 2021, Athens, Greece, 5–8 September 2021, pp. 1–7. IEEE (2021).

  32. Webster, A.F., Tavares, S.E.: On the design of S-Boxes. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 523–534. Springer, Heidelberg (1986).

    Chapter  Google Scholar 

  33. Wei, J.W., Zou, K.: EDA: easy data augmentation techniques for boosting performance on text classification tasks. In: Proceedings of the 2019 Conference on Empirical Methods in Natural Language Processing and the 9th International Joint Conference on Natural Language Processing, EMNLP-IJCNLP 2019, Hong Kong, China, pp. 6381–6387 (2019).

  34. Xia, R., Pan, Y., Lai, H., Liu, C., Yan, S.: Supervised hashing for image retrieval via image representation learning. In: Proceedings of the Twenty-Eighth AAAI Conference on Artificial Intelligence, pp. 2156–2162. AAAI Press (2014)

    Google Scholar 

  35. Yin, J., Lv, H., Zhang, F., Tian, Z., Cui, X.: Study on advanced botnet based on publicly available resources. In: Naccache, D., et al. (eds.) ICICS 2018. LNCS, vol. 11149, pp. 57–74. Springer, Cham (2018).

    Chapter  Google Scholar 

Download references


This work is supported by the National Natural Science Foundation of China (No. 61902396), the Youth Innovation Promotion Association CAS (No. 2019163), the Strategic Priority Research Program of Chinese Academy of Sciences (No. XDC02040100), the Key Laboratory of Network Assessment Technology at Chinese Academy of Sciences, and Beijing Key Laboratory of Network Security and Protection Technology.

Author information

Authors and Affiliations


Corresponding authors

Correspondence to Chaoge Liu or Xiang Cui .

Editor information

Editors and Affiliations


A Easy Data Augmentation

Table 1 is the example of EDA with an original sentence from Twitter. Bold words represent parts that have changed from the original sentence. The newly generated sentences are not grammatically correct. Because there are many grammatically incorrect sentences on the Internet, sentences generated using EDA can also be accepted by Internet users and confused with normal content.

Table 1. Sentences generated by EDA
Fig. 11.
figure 11

Threshold for distance

B Threshold for Distance

A threshold is needed to determine whether two avatars share the same source. We use a trained model to calculate the distances on the validation set, which contains 115,887 pairs with label 0 and 347,657 pairs with label 1. We record the distances of every comparison, sort them by value and label, and count their frequencies to learn the boundary between the “same” avatars and different avatars. As shown in Fig. 11, the distances of all pairs with label 1 and only four pairs with label 0 are larger than 0.02, and the remaining pairs with label 0 are less than 0.02. It shows that 0.02 is a proper threshold for the determination. In real scenarios, attackers can choose a threshold less than 0.02, as the undistributed avatars and distances are within the authority of attackers.

C Enhancement

As proof of concept, the parameters in this work are conservative. There are ways to enhance the security of DeepC2.

In the model’s design, the vectors can be longer than 128, making analysis and collisions for avatars even more difficult. The threshold of distances can also be lower than 0.02, as the undistributed avatars and the distances are within the authority of attackers. They can balance efficiency and accuracy according to the needs. Additionally, more losses can be introduced during the processing of avatars, like compression, deformation, format conversion, etc., making it harder to recover the avatars.

For addressing, the attacker can select more topics. Attackers can publish commands on the topics, and the malware can choose one randomly to find attackers. Attackers can also use other fields in OSNs to convey customized content. For instance, attackers could comment on a tweet, and the malware would identify and obtain commands from attackers’ profiles. Other platforms, like Weibo and Tumblr, can also be utilized.

As stated before, attackers should maintain some accounts to publish different commands. To reduce the specious behaviors of accounts, attackers can maintain them by imitating normal users or social bots [7]. This work can be done manually or automatically [24]. When attackers need to publish a command, attackers can select one account and maintain other accounts as usual.

Rights and permissions

Reprints and permissions

Copyright information

© 2022 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Wang, Z. et al. (2022). DeepC2: AI-Powered Covert Command and Control on OSNs. In: Alcaraz, C., Chen, L., Li, S., Samarati, P. (eds) Information and Communications Security. ICICS 2022. Lecture Notes in Computer Science, vol 13407. Springer, Cham.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-15776-9

  • Online ISBN: 978-3-031-15777-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics