Data Obfuscation: Protocol or Service Impersonation

Other sub-techniques of Data Obfuscation (3)

ID	Name
ATAGS-T1184.001	Junk Data
ATAGS-T1184.002	Steganography
ATAGS-T1184.003	Protocol or Service Impersonation

Threat Actors may impersonate legitimate protocols or web service traffic to disguise command and control activity and thwart analysis efforts. By impersonating legitimate protocols or web services, Threat Actors can make their command and control traffic blend in with legitimate network traffic.

ID: ATAGS-T1184.003

Sub-technique of: ATAGS-T1184

ⓘ

Tactic: Command and Control

ⓘ

Targeted Components: Software

ⓘ

Responsibility: Provider

Created: 18 April 2026

Last Modified: 18 April 2026

Mitigations

This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.