{"id":"https://openalex.org/W4409461893","doi":"https://doi.org/10.3390/fi17040172","title":"C3: Leveraging the Native Messaging Application Programming Interface for Covert Command and Control","display_name":"C3: Leveraging the Native Messaging Application Programming Interface for Covert Command and Control","publication_year":2025,"publication_date":"2025-04-14","ids":{"openalex":"https://openalex.org/W4409461893","doi":"https://doi.org/10.3390/fi17040172"},"language":"en","primary_location":{"id":"doi:10.3390/fi17040172","is_oa":true,"landing_page_url":"https://doi.org/10.3390/fi17040172","pdf_url":"https://www.mdpi.com/1999-5903/17/4/172/pdf?version=1744708750","source":{"id":"https://openalex.org/S34838331","display_name":"Future Internet","issn_l":"1999-5903","issn":["1999-5903"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Future Internet","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/1999-5903/17/4/172/pdf?version=1744708750","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5087799945","display_name":"Efstratios Chatzoglou","orcid":"https://orcid.org/0000-0001-6507-5052"},"institutions":[{"id":"https://openalex.org/I98805295","display_name":"University of the Aegean","ror":"https://ror.org/03zsp3p94","country_code":"GR","type":"education","lineage":["https://openalex.org/I98805295"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Efstratios Chatzoglou","raw_affiliation_strings":["Department of Information and Communication Systems Engineering, University of the Aegean, 83200 Karlovasi, Greece"],"affiliations":[{"raw_affiliation_string":"Department of Information and Communication Systems Engineering, University of the Aegean, 83200 Karlovasi, Greece","institution_ids":["https://openalex.org/I98805295"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5047345306","display_name":"Georgios Kambourakis","orcid":"https://orcid.org/0000-0001-6348-5031"},"institutions":[{"id":"https://openalex.org/I98805295","display_name":"University of the Aegean","ror":"https://ror.org/03zsp3p94","country_code":"GR","type":"education","lineage":["https://openalex.org/I98805295"]}],"countries":["GR"],"is_corresponding":true,"raw_author_name":"Georgios Kambourakis","raw_affiliation_strings":["Department of Information and Communication Systems Engineering, University of the Aegean, 83200 Karlovasi, Greece"],"affiliations":[{"raw_affiliation_string":"Department of Information and Communication Systems Engineering, University of the Aegean, 83200 Karlovasi, Greece","institution_ids":["https://openalex.org/I98805295"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5047345306"],"corresponding_institution_ids":["https://openalex.org/I98805295"],"apc_list":{"value":1400,"currency":"CHF","value_usd":1515},"apc_paid":{"value":1400,"currency":"CHF","value_usd":1515},"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.07034656,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"17","issue":"4","first_page":"172","last_page":"172"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.908336341381073},{"id":"https://openalex.org/keywords/command-and-control","display_name":"Command and control","score":0.6469781398773193},{"id":"https://openalex.org/keywords/interface","display_name":"Interface (matter)","score":0.6012917757034302},{"id":"https://openalex.org/keywords/covert","display_name":"Covert","score":0.5602047443389893},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.4665270447731018},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.4619560241699219},{"id":"https://openalex.org/keywords/application-programming-interface","display_name":"Application programming interface","score":0.460389107465744},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3251059055328369},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3097479045391083},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.12713655829429626},{"id":"https://openalex.org/keywords/telecommunications","display_name":"Telecommunications","score":0.11383011937141418}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.908336341381073},{"id":"https://openalex.org/C506615639","wikidata":"https://www.wikidata.org/wiki/Q21662260","display_name":"Command and control","level":2,"score":0.6469781398773193},{"id":"https://openalex.org/C113843644","wikidata":"https://www.wikidata.org/wiki/Q901882","display_name":"Interface (matter)","level":4,"score":0.6012917757034302},{"id":"https://openalex.org/C2779338814","wikidata":"https://www.wikidata.org/wiki/Q5179285","display_name":"Covert","level":2,"score":0.5602047443389893},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.4665270447731018},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.4619560241699219},{"id":"https://openalex.org/C99613125","wikidata":"https://www.wikidata.org/wiki/Q165194","display_name":"Application programming interface","level":2,"score":0.460389107465744},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3251059055328369},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3097479045391083},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.12713655829429626},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.11383011937141418},{"id":"https://openalex.org/C157915830","wikidata":"https://www.wikidata.org/wiki/Q2928001","display_name":"Bubble","level":2,"score":0.0},{"id":"https://openalex.org/C129307140","wikidata":"https://www.wikidata.org/wiki/Q6795880","display_name":"Maximum bubble pressure method","level":3,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.3390/fi17040172","is_oa":true,"landing_page_url":"https://doi.org/10.3390/fi17040172","pdf_url":"https://www.mdpi.com/1999-5903/17/4/172/pdf?version=1744708750","source":{"id":"https://openalex.org/S34838331","display_name":"Future Internet","issn_l":"1999-5903","issn":["1999-5903"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Future Internet","raw_type":"journal-article"},{"id":"pmh:oai:RePEc:gam:jftint:v:17:y:2025:i:4:p:172-:d:1634619","is_oa":false,"landing_page_url":"https://www.mdpi.com/1999-5903/17/4/172/","pdf_url":null,"source":{"id":"https://openalex.org/S4306401271","display_name":"RePEc: Research Papers in Economics","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I77793887","host_organization_name":"Federal Reserve Bank of St. Louis","host_organization_lineage":["https://openalex.org/I77793887"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},{"id":"pmh:oai:doaj.org/article:976b2c2b26c0423197a198c97220d234","is_oa":true,"landing_page_url":"https://doaj.org/article/976b2c2b26c0423197a198c97220d234","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Future Internet, Vol 17, Iss 4, p 172 (2025)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.3390/fi17040172","is_oa":true,"landing_page_url":"https://doi.org/10.3390/fi17040172","pdf_url":"https://www.mdpi.com/1999-5903/17/4/172/pdf?version=1744708750","source":{"id":"https://openalex.org/S34838331","display_name":"Future Internet","issn_l":"1999-5903","issn":["1999-5903"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Future Internet","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4409461893.pdf","grobid_xml":"https://content.openalex.org/works/W4409461893.grobid-xml"},"referenced_works_count":10,"referenced_works":["https://openalex.org/W2061354941","https://openalex.org/W2545990795","https://openalex.org/W2962776979","https://openalex.org/W3021588303","https://openalex.org/W3082301429","https://openalex.org/W3155291758","https://openalex.org/W4214745725","https://openalex.org/W4311107002","https://openalex.org/W4311142918","https://openalex.org/W4391849119"],"related_works":["https://openalex.org/W2523525694","https://openalex.org/W2998642566","https://openalex.org/W2392682561","https://openalex.org/W57793151","https://openalex.org/W2804882289","https://openalex.org/W2727423897","https://openalex.org/W2497612952","https://openalex.org/W4247948804","https://openalex.org/W2392053643","https://openalex.org/W2595182909"],"abstract_inverted_index":{"Traditional":[0],"command":[1],"and":[2,10,31,56,69,89,113,129,138,154],"control":[3],"(C2)":[4],"frameworks":[5],"struggle":[6],"with":[7,43,157],"evasion,":[8],"automation,":[9],"resilience":[11],"against":[12,85],"modern":[13],"detection":[14,83],"techniques.":[15],"This":[16],"paper":[17,144],"introduces":[18],"covert":[19,48],"C2":[20,24,45,159],"(C3),":[21],"a":[22,36,80,130],"novel":[23,121],"framework":[25],"designed":[26],"to":[27],"enhance":[28],"operational":[29],"security":[30],"minimize":[32],"detection.":[33],"C3":[34,77],"employs":[35],"decentralized":[37,131],"architecture,":[38],"enabling":[39],"independent":[40],"victim":[41],"communication":[42],"the":[44,70,73,125,135],"server":[46],"for":[47,60,110,164],"persistence.":[49],"Its":[50],"adaptable":[51],"design":[52],"supports":[53],"diverse":[54],"post-exploitation":[55,148],"lateral":[57,114],"movement":[58],"techniques":[59],"optimized":[61,67],"results":[62],"across":[63],"various":[64],"environments.":[65],"Through":[66],"performance":[68],"use":[71],"of":[72,140],"native":[74,126],"messaging":[75,127],"API,":[76,128],"agents":[78],"achieve":[79],"demonstrably":[81],"low":[82],"rate":[84],"prevalent":[86],"Endpoint":[87],"Detection":[88],"Response":[90],"(EDR)":[91],"solutions.":[92],"A":[93],"publicly":[94],"available":[95],"proof-of-concept":[96],"implementation":[97],"demonstrates":[98],"C3\u2019s":[99,147],"effectiveness":[100],"in":[101,106],"real-world":[102],"adversarial":[103],"simulations,":[104],"specifically":[105],"direct":[107],"code":[108],"execution":[109],"privilege":[111],"escalation":[112],"movement.":[115],"Our":[116],"findings":[117],"indicate":[118],"that":[119],"integrating":[120],"techniques,":[122],"such":[123],"as":[124],"architecture":[132],"significantly":[133],"improves":[134],"stealth,":[136],"efficiency,":[137],"reliability":[139],"offensive":[141],"operations.":[142],"The":[143],"further":[145],"analyzes":[146],"behavior,":[149],"explores":[150],"relevant":[151],"defense":[152],"strategies,":[153],"compares":[155],"it":[156],"existing":[158],"solutions,":[160],"offering":[161],"practical":[162],"insights":[163],"enhancing":[165],"network":[166],"security.":[167]},"counts_by_year":[],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}