Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences

In this survey, we first briefly review the current state of cyber attacks, highlighting significant recent changes in how and why such attacks are performed. We then investigate the mechanics of malware command and control (C2) establishment: we provide a comprehensive review of the techniques used by attackers to set up such a channel and to hide its presence from the attacked parties and the security tools they use. We then switch to the defensive side of the problem, and review approaches that have been proposed for the detection and disruption of C2 channels. We also map such techniques to widely-adopted security controls, emphasizing gaps or limitations (and success stories) in current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages. Listing abstract compressed from version appearing in repor

RCFD: A Novel Channel Access Scheme for Full-Duplex Wireless Networks Based on Contention in Time and Frequency Domains

In the last years, the advancements in signal processing and integrated circuits technology allowed several research groups to develop working prototypes of in-band full-duplex wireless systems. The introduction of such a revolutionary concept is promising in terms of increasing network performance, but at the same time poses several new challenges, especially at the MAC layer. Consequently, innovative channel access strategies are needed to exploit the opportunities provided by full-duplex while dealing with the increased complexity derived from its adoption. In this direction, this paper proposes RTS/CTS in the Frequency Domain (RCFD), a MAC layer scheme for full-duplex ad hoc wireless networks, based on the idea of time-frequency channel contention. According to this approach, different OFDM subcarriers are used to coordinate how nodes access the shared medium. The proposed scheme leads to efficient transmission scheduling with the result of avoiding collisions and exploiting full-duplex opportunities. The considerable performance improvements with respect to standard and state-of-the-art MAC protocols for wireless networks are highlighted through both theoretical analysis and network simulations.Comment: Submitted at IEEE Transactions on Mobile Computing. arXiv admin note: text overlap with arXiv:1605.0971