{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T15:18:38Z","timestamp":1773155918263,"version":"3.50.1"},"reference-count":29,"publisher":"IEEE","license":[{"start":{"date-parts":[[2024,10,22]],"date-time":"2024-10-22T00:00:00Z","timestamp":1729555200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2024,10,22]],"date-time":"2024-10-22T00:00:00Z","timestamp":1729555200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024,10,22]]},"DOI":"10.1109\/isncc62547.2024.10758940","type":"proceedings-article","created":{"date-parts":[[2024,11,26]],"date-time":"2024-11-26T18:45:16Z","timestamp":1732646716000},"page":"1-7","source":"Crossref","is-referenced-by-count":1,"title":["Detecting the Abuse of Cloud Services for C&C Infrastructure Through Dynamic Analysis and Machine Learning"],"prefix":"10.1109","author":[{"given":"Turki","family":"Al Lelah","sequence":"first","affiliation":[{"name":"Schaol of Computer Science and Informatics, Cardiff University,Cardiff,UK"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"George","family":"Theodorakopoulos","sequence":"additional","affiliation":[{"name":"Schaol of Computer Science and Informatics, Cardiff University,Cardiff,UK"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Amir","family":"Javed","sequence":"additional","affiliation":[{"name":"Schaol of Computer Science and Informatics, Cardiff University,Cardiff,UK"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Eirini","family":"Anthi","sequence":"additional","affiliation":[{"name":"Schaol of Computer Science and Informatics, Cardiff University,Cardiff,UK"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref1","volume-title":"Cloud services market size, share - 2031","year":"2023"},{"key":"ref2","volume-title":"Gartner says cloud will become a business necessity by","year":"2028"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.3390\/jcp3030027"},{"key":"ref4","volume-title":"Cloud service provider abuse explained \u2013 crowd-strike","year":"2024"},{"key":"ref5","volume-title":"Cloud services are increasingly exploited for command and control in cyber espionage operations - infosecurity magazine","year":"2024"},{"key":"ref6","volume-title":"vsingle is abusing github to communicate with the c2 server \u2014 infosec","year":"2023"},{"key":"ref7","volume-title":"Hackers could abuse google calendar as a covert c2 channel \u2014 cyware alerts - hacker news","year":"2023"},{"key":"ref8","volume-title":"Google warns how hackers could abuse calendar service as a covert c2 channel \u2014 cyber affairs","year":"2023"},{"key":"ref9","volume-title":"Roguerobin malware uses google drive as c2 channel \u2014 threatpost","year":"2023"},{"key":"ref10","volume-title":"Pawn storm\u2019s lack of sophistication as a strategy","year":"2023"},{"key":"ref11","volume-title":"Wip26 espionage \u2014 threat actors abuse cloud infrastructure in targeted telco attacks - sentinelone","year":"2023"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.3390\/jcp3040039"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2016.01.007"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.5815\/ijcnis.2013.06.02"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-03584-0_10"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2012.06.006"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-13708-2_30"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-06320-1_7"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/2994459.2994469"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1109\/CTC.2010.10"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/ISTEL.2014.7000840"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/PADSW.2014.7097824"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-25560-1_9"},{"key":"ref24","volume-title":"Virustotal - intelligence overview","year":"2022"},{"key":"ref25","volume-title":"Free software downloads and reviews for windows, android, mac, and ios - cnet download","year":"1996"},{"key":"ref27","volume-title":"Cuckoo sandbox - automated malware analysis","year":"2011"},{"key":"ref28","volume-title":"Login - triage","year":"2018"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/CyberSecPODS.2019.8885196"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2015.02.149"}],"event":{"name":"2024 International Symposium on Networks, Computers and Communications (ISNCC)","location":"Washington DC, DC, USA","start":{"date-parts":[[2024,10,22]]},"end":{"date-parts":[[2024,10,25]]}},"container-title":["2024 International Symposium on Networks, Computers and Communications (ISNCC)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/10758900\/10758934\/10758940.pdf?arnumber=10758940","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,11,27]],"date-time":"2024-11-27T09:42:21Z","timestamp":1732700541000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10758940\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,10,22]]},"references-count":29,"URL":"https:\/\/doi.org\/10.1109\/isncc62547.2024.10758940","relation":{},"subject":[],"published":{"date-parts":[[2024,10,22]]}}}