1. Home
  2. Detection Strategies
  3. Detection of Bidirectional Communication

Detection of Bidirectional Communication

Technique Detected:  Bidirectional Communication | T1481.002

ID: DET0700
Domains: Mobile
Analytics: AN1816, AN1817
Version: 1.0
Created: 21 October 2025
Last Modified: 21 October 2025
Version Permalink

Analytics

AN1816

Application vetting services may provide a list of connections made or received by an application, or a list of domains contacted by the application.
Many properly configured firewalls may naturally block bidirectional command and control traffic.

Log Sources
Data Component Name Channel
Network Communication (DC0113) Application Vetting None
Network Connection Creation (DC0082) Network Traffic None

AN1817

Application vetting services may provide a list of connections made or received by an application, or a list of domains contacted by the application.
Many properly configured firewalls may naturally block bidirectional command and control traffic.

Log Sources
Data Component Name Channel
Network Communication (DC0113) Application Vetting None
Network Connection Creation (DC0082) Network Traffic None