We’re happy to share our short paper presented at DAMSS 2024 (Druskininkai, Lithuania, Nov 28–30, 2024) and published in Vilnius University Proceedings, vol. 52 (eISSN 2669-0233; eISBN 9786090711125).
Authors: Juozas Dautartas, Arnoldas Budžys, Haroldas Jomantas, Olga Kurasova, Viktor Medvedev.
Pages: 21–22 • DOI: 10.15388/DAMSS.15.2024

What we covered

• Where detection stands today. Static analysis (strings, hashes, IATs, sections, timestamps, etc.) is useful but easily adapted around by attackers. Dynamic analysis offers deeper behavioral insight but needs isolated environments and extra resources.
• Why ML/DL entered the picture. Combining static + dynamic features with machine and deep learning helps antivirus and EDR systems classify threats faster and offload heavier inspection to centralized servers.
• The emerging challenge. Adversaries are now probing and exploiting weaknesses in these models. Techniques like GANs and VAEs can generate adversarial malware designed to evade automated detection.
• Our direction. We aim to design a deep learning–based Command-and-Control (C2) framework that is more evasive than standard C2s. The goal is to strengthen red team training so blue teams learn to spot anomalies rather than rely solely on automated tools.

Acknowledgements

This work is funded by the Research Council of Lithuania (LMTLT), agreement No S-MIP-24-116.

If you’re interested in the details, we encourage you to read the proceedings entry for the full abstract and context. More updates as the C2 framework design progresses.