Detecttechnique

D3-APCAApplication Protocol Command Analysis

Application Protocol Command Analysis

Definition

Analyzing application protocol level remote commands to detect unauthorized activity.

Defends against72

TypeTargetConfidenceTier
SubTechniqueInternal Proxyt1090.001100%live
TechniqueRemote Access Softwaret1219100%live
TechniqueBrowser Session Hijackingt1185100%live
TechniqueApplication Layer Protocolt1071100%live
TechniqueRemote Service Session Hijackingt1563100%live
SubTechniqueExfiltration Over Asymmetric Encrypted Non-C2 Protocolt1048.002100%live
SubTechniqueDomain Frontingt1090.004100%live
TechniqueExfiltration Over Other Network Mediumt1011100%live
SubTechniqueSymmetric Cryptographyt1573.001100%live
SubTechniqueCMSTPt1218.003100%live
TechniqueExfiltration Over Alternative Protocolt1048100%live
SubTechniqueWeb Protocolst1071.001100%live
SubTechniqueDirect Network Floodt1498.001100%live
SubTechniqueCredential Stuffingt1110.004100%live
TechniqueAdversary-in-the-Middlet1557100%live
TechniqueTraffic Signalingt1205100%live
TechniqueDynamic Resolutiont1568100%live
TechniqueData Encodingt1132100%live
SubTechniqueService Exhaustion Floodt1499.002100%live
SubTechniqueExternal Proxyt1090.002100%live
TechniqueDrive-by Compromiset1189100%live
SubTechniqueTransmitted Data Manipulationt1565.002100%live
SubTechniqueRemote Desktop Protocolt1021.001100%live
SubTechniqueAdditional Cloud Credentialst1098.001100%live
SubTechniqueReflection Amplificationt1498.002100%live
SubTechniqueMail Protocolst1071.003100%live
TechniqueData Transfer Size Limitst1030100%live
TechniqueScheduled Transfert1029100%live
TechniqueTrusted Relationshipt1199100%live
TechniqueNon-Application Layer Protocolt1095100%live

Showing top 30 of 72 by confidence. Click any target to see the full neighbourhood.

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Defence
IPC Traffic Analysis
Defence
RPC Traffic Analysis
Defence
Connection Attempt Analysis
Defence
Administrative Network Activity Analysis
Defence
System Call Analysis
Defence
Network Traffic Analysis
Sourced from MITRE D3FEND ontology. Curated by Adam Lundqvist, SQUR.