Data Encoding (T1132)
Tactic: Command and Control · Platforms: ESXi, Linux, macOS, Windows
The interactive view maps 1 detection strategy, 1 mitigation, 1 threat group, 7 software entries to this technique, alongside D3FEND countermeasures and data-component coverage.
Overview
Adversaries may encode data to make the content of command and control traffic more difficult to detect. Command and control (C2) information can be encoded using a standard data encoding system. Use of data encoding may adhere to existing protocol specifications and includes use of ASCII, Unicode, Base64, MIME, or other binary-to-text and character encoding systems. Some data encoding systems may also result in data compression, such as gzip.