Botnet is one of the major threats to computer security. In previous botnet command and control (C&C) scenarios using online social networks (OSNs), methods for finding botmasters (e.g. ids, links, DGAs, etc.) are hardcoded into bots. Once a bot is reverse engineered, botmaster is exposed. Meanwhile, abnormal contents from explicit commands may expose botmaster and raise anomalies on OSNs. To overcome these deficiencies, we propose an AI-powered covert C&C channel. On leverage of neural networks, bots can find botmasters by avatars, which are converted into feature vectors. Commands are embedded into normal contents (e.g. tweets, comments, etc.) using text data augmentation and hash collision. Experiment on Twitter shows that the command-embedded contents can be generated efficiently, and bots can find botmaster and obtain commands accurately. By demonstrating how AI may help promote a covert communication on OSNs, this work provides a new perspective on botnet detection and confrontation.

中文翻译：

---

OSN 上的 AI 驱动的隐蔽僵尸网络命令和控制

僵尸网络是计算机安全的主要威胁之一。在以前使用在线社交网络 (OSN) 的僵尸网络命令和控制 (C&C) 场景中，用于查找 botmasters（例如 id、链接、DGA 等）的方法被硬编码到机器人中。一旦机器人被逆向工程，botmaster 就会暴露。同时，来自显式命令的异常内容可能会暴露 botmaster 并引发 OSN 异常。为了克服这些缺陷，我们提出了一个由人工智能驱动的隐蔽 C&C 通道。利用神经网络，机器人可以通过化身找到机器人大师，并将其转换为特征向量。使用文本数据增强和散列冲突将命令嵌入到正常内容（例如推文、评论等）中。在 Twitter 上的实验表明，可以高效地生成命令嵌入的内容，机器人可以准确地找到botmaster并获取命令。通过展示人工智能如何帮助促进 OSN 上的隐蔽通信，这项工作为僵尸网络检测和对抗提供了一个新的视角。