9 Short links on Network Beacon Detection

Jason Trost
2 min readJan 16, 2022

--

In this post I share 9 links to resources related to Network Beacon detection.

Network beacons are continuous automated communications between 2 hosts. Network beacon detection focuses on identifying this automated traffic with the primary goal of aiding in detecting malware infections or adversary activity that have been missed by other controls.

Beacon detection is a useful building block analytic with many different use cases.

  • Threat Hunting and Malware command and control (C2) detection — aid in detecting malware missed by anti-virus products.
  • Detection of automated third party traffic — detection of ongoing automated traffic to third parties may reveal unknown or emerging business relationships.
  • Identify automated web application dependencies (within an enterprise or external to an enterprise)

Links:

–Jason
@jason_trost

The “short links” format was inspired by O’Reilly’s Four Short Links series.

This was originally published on 2022–01–16 my blog at covert.io.

--

--

Jason Trost

Interests: Network security, Digital Forensics, Machine Learning, Big Data. retweets are not endorsements.