Detection Tools for Outbound C2 Traffic
conference contribution
posted on 2025-10-17, 03:16 authored by Charisee Zhi Ling Yip, Clarabel Jinghui Teo, Tee Kiat Chua, Jing Rui Goh, Brandon Jia Le Loo, Huaqun GuoHuaqun Guo, Liming LuLiming Lu, Kan ChenKan Chen<p dir="ltr">Ransomware attacks have rapidly evolved in sophistication and pose severe threats to organizations by encrypting critical data and demanding ransom payments. A key component in ransomware campaigns is the Command and Control (C2) communication where compromised systems establish outbound connections with malicious servers to receive instructions and exfiltrate data. As such, detecting C2 outbound traffic is crucial for early detection and mitigation of ransomware attacks. This paper provides a comprehensive analysis and comparison of existing detection techniques, and their respective tools specifically aimed at identifying ransomware C2 traffic</p>
History
Journal/Conference/Book title
The 11th IRC Conference on Science, Engineering and Technology (IRC-SET 2025)Publication date
2025-08-16Version
- Pre-print