{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,22]],"date-time":"2025-10-22T05:19:46Z","timestamp":1761110386850,"version":"3.37.3"},"publisher-location":"Cham","reference-count":33,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030000080"},{"type":"electronic","value":"9783030000097"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-030-00009-7_55","type":"book-chapter","created":{"date-parts":[[2018,9,20]],"date-time":"2018-09-20T21:20:42Z","timestamp":1537478442000},"page":"612-621","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["Botnet Detection with Hybrid Analysis on Flow Based and Graph Based Features of Network Traffic"],"prefix":"10.1007","author":[{"given":"Yaoyao","family":"Shang","sequence":"first","affiliation":[]},{"given":"Shuangmao","family":"Yang","sequence":"additional","affiliation":[]},{"given":"Wei","family":"Wang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,9,21]]},"reference":[{"key":"55_CR1","doi-asserted-by":"crossref","unstructured":"Alejandre, F.V., Cort\u00e9s, N.C., Anaya, E.A.: Feature selection to detect botnets using machine learning algorithms. In: 2017 International Conference on Electronics, Communications and Computers, CONIELECOMP 2017, Cholula, Mexico, 22\u201324 February 2017, pp. 1\u20137 (2017)","DOI":"10.1109\/CONIELECOMP.2017.7891834"},{"issue":"2","key":"55_CR2","doi-asserted-by":"crossref","first-page":"163","DOI":"10.1080\/0022250X.2001.9990249","volume":"25","author":"U Brandes","year":"2001","unstructured":"Brandes, U.: A faster algorithm for betweenness centrality. J. Math. Sociol. 25(2), 163\u2013177 (2001)","journal-title":"J. Math. Sociol."},{"key":"55_CR3","doi-asserted-by":"crossref","unstructured":"Choi, H., Lee, H., Lee, H., Kim, H.: Botnet detection by monitoring group activities in DNS traffic. In: Seventh International Conference on Computer and Information Technology (CIT 2007), University of Aizu, Fukushima, Japan, 16\u201319 October 2007, pp. 715\u2013720 (2007)","DOI":"10.1109\/CIT.2007.90"},{"key":"55_CR4","doi-asserted-by":"crossref","first-page":"14","DOI":"10.1186\/s40537-017-0074-7","volume":"4","author":"S Chowdhury","year":"2017","unstructured":"Chowdhury, S., et al.: Botnet detection using graph-based feature clustering. J. Big Data 4, 14 (2017)","journal-title":"J. Big Data"},{"key":"55_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-20757-0_1","volume-title":"NETWORKING 2011","author":"J Fran\u00e7ois","year":"2011","unstructured":"Fran\u00e7ois, J., Wang, S., State, R., Engel, T.: BotTrack: tracking botnets using NetFlow and PageRank. In: Domingo-Pascual, J., Manzoni, P., Palazzo, S., Pont, A., Scoglio, C. (eds.) NETWORKING 2011. LNCS, vol. 6640, pp. 1\u201314. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-20757-0_1"},{"key":"55_CR6","doi-asserted-by":"crossref","unstructured":"Garant, D., Lu, W.: Mining botnet behaviors on the large-scale web application community, pp. 185\u2013190 (2013)","DOI":"10.1109\/WAINA.2013.235"},{"key":"55_CR7","unstructured":"Goebel, J., Holz, T.: Rishi: identify bot contaminated hosts by IRC nickname evaluation. In: First Workshop on Hot Topics in Understanding Botnets, HotBots 2007, Cambridge, MA, USA, 10 April 2007 (2007)"},{"key":"55_CR8","unstructured":"Gu, G., Perdisci, R., Zhang, J., Lee, W.: BotMiner: clustering analysis of network traffic for protocol- and structure-independent botnet detection. In: Proceedings of the 17th USENIX Security Symposium, San Jose, CA, USA, 28 July\u20131 August 2008, pp. 139\u2013154 (2008)"},{"issue":"8","key":"55_CR9","doi-asserted-by":"crossref","first-page":"1909","DOI":"10.1016\/j.comnet.2011.01.020","volume":"55","author":"M Iliofotou","year":"2011","unstructured":"Iliofotou, M., Kim, H.C., Faloutsos, M., Mitzenmacher, M., Pappu, P., Varghese, G.: Graption: a graph-based P2P traffic classification framework for the internet backbone. Comput. Netw. 55(8), 1909\u20131920 (2011)","journal-title":"Comput. Netw."},{"key":"55_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"162","DOI":"10.1007\/978-3-319-02937-5_9","volume-title":"Cryptology and Network Security","author":"N Kheir","year":"2013","unstructured":"Kheir, N., Wolley, C.: BotSuer: suing stealthy P2P bots in network traffic through netflow analysis. In: Abdalla, M., Nita-Rotaru, C., Dahab, R. (eds.) CANS 2013. LNCS, vol. 8257, pp. 162\u2013178. Springer, Cham (2013). https:\/\/doi.org\/10.1007\/978-3-319-02937-5_9"},{"key":"55_CR11","doi-asserted-by":"crossref","first-page":"91","DOI":"10.1016\/j.compeleceng.2016.01.012","volume":"50","author":"G Kirubavathi","year":"2016","unstructured":"Kirubavathi, G., Anitha, R.: Botnet detection via mining of traffic flow characteristics. Comput. Electr. Eng. 50, 91\u2013101 (2016)","journal-title":"Comput. Electr. Eng."},{"key":"55_CR12","doi-asserted-by":"crossref","unstructured":"Lagraa, S., Fran\u00e7ois, J., Lahmadi, A., Miner, M., Hammerschmidt, C.A., State, R.: BotGM: unsupervised graph mining to detect botnets in traffic flows. In: 1st Cyber Security in Networking Conference, CSNet 2017, Rio de Janeiro, Brazil, 18\u201320 October 2017, pp. 1\u20138 (2017)","DOI":"10.1109\/CSNET.2017.8241990"},{"key":"55_CR13","doi-asserted-by":"crossref","unstructured":"Liao, W.H., Chang, C.C.: Peer to peer botnet detection using data mining scheme. In: 2010 International Conference on Internet Technology and Applications, pp. 1\u20134, August 2010","DOI":"10.1109\/ITAPP.2010.5566407"},{"key":"55_CR14","doi-asserted-by":"crossref","unstructured":"Livadas, C., Walsh, R., Lapsley, D., Strayer, W.T.: Using machine learning techniques to identify botnet traffic. In: Proceedings of the 2006 31st IEEE Conference on Local Computer Networks, pp. 967\u2013974, November 2006","DOI":"10.1109\/LCN.2006.322210"},{"key":"55_CR15","unstructured":"Nagaraja, S., Mittal, P., Hong, C., Caesar, M., Borisov, N.: BotGrep: finding P2P bots with structured graph analysis. In: Proceedings of the 19th USENIX Security Symposium, Washington, DC, USA, 11\u201313 August 2010, pp. 95\u2013110 (2010)"},{"issue":"3","key":"55_CR16","first-page":"547","volume":"20","author":"RS Rawat","year":"2018","unstructured":"Rawat, R.S., Pilli, E.S., Joshi, R.C.: Survey of peer-to-peer botnets and detection frameworks. Int. J. Netw. Secur. 20(3), 547\u2013557 (2018)","journal-title":"Int. J. Netw. Secur."},{"key":"55_CR17","unstructured":"Saad, S., et al.: Detecting P2P botnets through network behavior analysis and machine learning. In: Ninth Annual Conference on Privacy, Security and Trust, PST 2011, Montreal, Qu\u00e9bec, Canada, 19\u201321 July, 2011, pp. 174\u2013180 (2011)"},{"key":"55_CR18","unstructured":"Samani, E.B.B., Jazi, H.H., Stakhanova, N., Ghorbani, A.A.: Towards effective feature selection in machine learning-based botnet detection approaches. In: IEEE Conference on Communications and Network Security, CNS 2014, 29\u201331 October 2014, San Francisco, CA, USA, pp. 247\u2013255 (2014)"},{"key":"55_CR19","doi-asserted-by":"crossref","first-page":"488","DOI":"10.1016\/j.ins.2014.03.066","volume":"278","author":"K Singh","year":"2014","unstructured":"Singh, K., Guntuku, S.C., Thakur, A., Hota, C.: Big data analytics framework for peer-to-peer botnet detection using random forests. Inf. Sci. 278, 488\u2013497 (2014)","journal-title":"Inf. Sci."},{"key":"55_CR20","doi-asserted-by":"crossref","unstructured":"Tegeler, F., Fu, X., Vigna, G., Kruegel, C.: BotFinder: finding bots in network traffic without deep packet inspection. In: Conference on emerging Networking Experiments and Technologies, CoNEXT 2012, Nice, France, 10\u201313 December 2012, pp. 349\u2013360 (2012)","DOI":"10.1145\/2413176.2413217"},{"key":"55_CR21","doi-asserted-by":"crossref","unstructured":"Wang, J., Paschalidis, I.C.: Botnet detection using social graph analysis. In: 52nd Annual Allerton Conference on Communication, Control, and Computing, Allerton 2014, Allerton Park & Retreat Center, Monticello, IL, 30 September\u20132 October 2014, pp. 393\u2013400 (2014)","DOI":"10.1109\/ALLERTON.2014.7028482"},{"key":"55_CR22","doi-asserted-by":"crossref","unstructured":"Wang, W., Fang, B., Zhang, Z., Li, C.: A novel approach to detect IRC-based botnets. In: 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing, vol. 1, pp. 408\u2013411, April 2009","DOI":"10.1109\/NSWCTC.2009.72"},{"issue":"1","key":"55_CR23","doi-asserted-by":"crossref","first-page":"58","DOI":"10.1016\/j.comcom.2007.10.010","volume":"31","author":"W Wang","year":"2008","unstructured":"Wang, W., Guan, X., Zhang, X.: Processing of massive audit data streams for real-time anomaly intrusion detection. Comput. Commun. 31(1), 58\u201372 (2008)","journal-title":"Comput. Commun."},{"issue":"7","key":"55_CR24","doi-asserted-by":"crossref","first-page":"539","DOI":"10.1016\/j.cose.2006.05.005","volume":"25","author":"W Wang","year":"2006","unstructured":"Wang, W., Guan, X., Zhang, X., Yang, L.: Profiling program behavior for anomaly intrusion detection based on the transition and frequency property of computer audit data. Comput. Secur. 25(7), 539\u2013550 (2006)","journal-title":"Comput. Secur."},{"key":"55_CR25","doi-asserted-by":"crossref","first-page":"103","DOI":"10.1016\/j.knosys.2014.06.018","volume":"70","author":"W Wang","year":"2014","unstructured":"Wang, W., Guyet, T., Quiniou, R., Cordier, M., Masseglia, F., Zhang, X.: Autonomic intrusion detection: adaptively detecting anomalies over unlabeled audit data streams in computer networks. Knowl.-Based Syst. 70, 103\u2013117 (2014)","journal-title":"Knowl.-Based Syst."},{"issue":"6","key":"55_CR26","doi-asserted-by":"crossref","first-page":"374","DOI":"10.1049\/iet-ifs.2014.0353","volume":"9","author":"W Wang","year":"2015","unstructured":"Wang, W., He, Y., Liu, J., Gombault, S.: Constructing important features from massive network traffic for lightweight intrusion detection. IET Inf. Secur. 9(6), 374\u2013379 (2015)","journal-title":"IET Inf. Secur."},{"key":"55_CR27","doi-asserted-by":"crossref","first-page":"987","DOI":"10.1016\/j.future.2017.01.019","volume":"78","author":"W Wang","year":"2018","unstructured":"Wang, W., Li, Y., Wang, X., Liu, J., Zhang, X.: Detecting android malicious apps and categorizing benign apps with ensemble of classifiers. Futur. Gener. Comput. Syst. 78, 987\u2013994 (2018)","journal-title":"Futur. Gener. Comput. Syst."},{"key":"55_CR28","doi-asserted-by":"crossref","first-page":"417","DOI":"10.1016\/j.ins.2016.10.023","volume":"433\u2013434","author":"W Wang","year":"2018","unstructured":"Wang, W., Liu, J., Pitsilis, G., Zhang, X.: Abstracting massive data for lightweight intrusion detection in computer networks. Inf. Sci. 433\u2013434, 417\u2013430 (2018)","journal-title":"Inf. Sci."},{"issue":"11","key":"55_CR29","doi-asserted-by":"crossref","first-page":"1869","DOI":"10.1109\/TIFS.2014.2353996","volume":"9","author":"W Wang","year":"2014","unstructured":"Wang, W., Wang, X., Feng, D., Liu, J., Han, Z., Zhang, X.: Exploring permission-induced risk in android applications for malicious application detection. IEEE Trans. Inf. Forensics Secur. 9(11), 1869\u20131882 (2014)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"issue":"12","key":"55_CR30","doi-asserted-by":"crossref","first-page":"1974","DOI":"10.1016\/j.jss.2009.06.040","volume":"82","author":"W Wang","year":"2009","unstructured":"Wang, W., Zhang, X., Gombault, S.: Constructing attribute weights from computer audit data for effective intrusion detection. J. Syst. Softw. 82(12), 1974\u20131981 (2009)","journal-title":"J. Syst. Softw."},{"key":"55_CR31","doi-asserted-by":"crossref","first-page":"30","DOI":"10.1016\/j.future.2017.04.041","volume":"75","author":"X Wang","year":"2017","unstructured":"Wang, X., Wang, W., He, Y., Liu, J., Han, Z., Zhang, X.: Characterizing android apps behavior for effective detection of malapps at large scale. Futur. Gener. Comput. Syst. 75, 30\u201345 (2017)","journal-title":"Futur. Gener. Comput. Syst."},{"key":"55_CR32","doi-asserted-by":"crossref","unstructured":"Yu, X., Dong, X., Yu, G., Qin, Y., Yue, D.: Data-adaptive clustering analysis for online botnet detection. In: 2010 Third International Joint Conference on Computational Science and Optimization, vol. 1, pp. 456\u2013460, May 2010","DOI":"10.1109\/CSO.2010.214"},{"key":"55_CR33","doi-asserted-by":"crossref","first-page":"2","DOI":"10.1016\/j.cose.2013.04.007","volume":"39","author":"D Zhao","year":"2013","unstructured":"Zhao, D., et al.: Botnet detection based on traffic behavior analysis and flow intervals. Comput. Secur. 39, 2\u201316 (2013)","journal-title":"Comput. Secur."}],"container-title":["Lecture Notes in Computer Science","Cloud Computing and Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-00009-7_55","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,9,5]],"date-time":"2023-09-05T08:11:45Z","timestamp":1693901505000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-00009-7_55"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783030000080","9783030000097"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-00009-7_55","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"ICCCS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Cloud Computing and Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Haikou","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 June 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 June 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"incodldos2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.icccsconf.org\/icccs2018.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}