{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T09:37:08Z","timestamp":1743154628618,"version":"3.40.3"},"publisher-location":"Cham","reference-count":17,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319170398"},{"type":"electronic","value":"9783319170404"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-17040-4_21","type":"book-chapter","created":{"date-parts":[[2015,4,4]],"date-time":"2015-04-04T09:05:56Z","timestamp":1428138356000},"page":"329-336","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["Data Confirmation for Botnet Traffic Analysis"],"prefix":"10.1007","author":[{"given":"Fariba","family":"Haddadi","sequence":"first","affiliation":[]},{"given":"A. Nur","family":"Zincir-Heywood","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,4,5]]},"reference":[{"key":"21_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"232","DOI":"10.1007\/978-3-642-04444-1_15","volume-title":"Computer Security \u2013 ESORICS 2009","author":"P Wurzinger","year":"2009","unstructured":"Wurzinger, P., Bilge, L., Holz, T., Goebel, J., Kruegel, C., Kirda, E.: Automatically generating models for botnet detection. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 232\u2013249. Springer, Heidelberg (2009)"},{"key":"21_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"38","DOI":"10.1007\/978-3-642-30955-7_5","volume-title":"Information Security Theory and Practice","author":"G Kirubavathi Venkatesh","year":"2012","unstructured":"Kirubavathi Venkatesh, G., Anitha Nadarajan, R.: HTTP botnet detection using adaptive learning rate multilayer feed-forward neural network. In: Askoxylakis, I., P\u00f6hls, H.C., Posegga, J. (eds.) WISTP 2012. LNCS, vol. 7322, pp. 38\u201348. Springer, Heidelberg (2012)"},{"key":"21_CR3","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-0-387-68768-1_1","volume":"36","author":"WT Strayer","year":"2008","unstructured":"Strayer, W.T., Lapsely, D., Walsh, R., Livadas, C.: Botnet detection based on network behavior. Adv. Inf. Secur. 36, 1\u201324 (2008)","journal-title":"Adv. Inf. Secur."},{"key":"21_CR4","doi-asserted-by":"crossref","unstructured":"Haddadi, F., Runkel, D., Zincir-Heywood, A.N., Heywood, M.I.: On botnet behaviour analysis using GP and C4.5. In: GECCO Comp, pp. 1253\u20131260 (2014)","DOI":"10.1145\/2598394.2605435"},{"key":"21_CR5","unstructured":"Gu, G., Perdisci, R., Zhang, J., Lee, W.: BotMiner: clustering analysis of network traffic for protocol- and structure- independent botnet detection. In: 17th USNIX Security Symposium, pp. 139\u2013154 (2008)"},{"key":"21_CR6","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"87","DOI":"10.1007\/978-3-642-30436-1_8","volume-title":"Information Security and Privacy Research","author":"D Zhao","year":"2012","unstructured":"Zhao, D., Traore, I., Ghorbani, A., Sayed, B., Saad, S., Lu, W.: Peer to peer botnet detection based on flow intervals. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) Information Security and Privacy Research. IFIP Advances in Information and Communication Technology, vol. 376, pp. 87\u2013102. Springer, Heidelberg (2012)"},{"key":"21_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-20757-0_1","volume-title":"NETWORKING 2011","author":"J Fran\u00e7ois","year":"2011","unstructured":"Fran\u00e7ois, J., Wang, S., State, R., Engel, T.: BotTrack: tracking botnets using netflow and pagerank. In: Domingo-Pascual, J., Manzoni, P., Palazzo, S., Pont, A., Scoglio, C. (eds.) NETWORKING 2011, Part I. LNCS, vol. 6640, pp. 1\u201314. Springer, Heidelberg (2011)"},{"key":"21_CR8","doi-asserted-by":"crossref","unstructured":"Haddadi, F., Morgan, J., Filho, E.G., Zincir-Heywood, A.N.: Botnet behaviour analysis using IP flows with HTTP filters using classifiers. In: Seventh International Workshop on Bio and Intelligent Computing, pp. 7\u201312 (2014)","DOI":"10.1109\/WAINA.2014.19"},{"key":"21_CR9","unstructured":"Zeus Tracker. https:\/\/zeustracker.abuse.ch\/"},{"key":"21_CR10","unstructured":"DNS-BH- Malware Domain Blocklist. http:\/\/www.malwaredomains.com\/"},{"key":"21_CR11","unstructured":"Alexa. http:\/\/www.alexa.com\/topsites"},{"key":"21_CR12","unstructured":"Publicly available PCAP files. http:\/\/www.netresec.com\/?page=PcapFiles"},{"key":"21_CR13","unstructured":"Zeus Trojan Analysis. https:\/\/labs.snort.org\/papers\/zeus.html"},{"key":"21_CR14","doi-asserted-by":"crossref","unstructured":"Binsalleeh, H., Ormerod, T., Boukhtouta, A., Sinha, P., Youssef, A., Debbabi, M., Wang, L.: On the analysis of the zeus botnet crimeware toolkit. In: Eighth Annual International Conference on Privacy, Security and Trust, pp. 31\u201338 (2010)","DOI":"10.1109\/PST.2010.5593240"},{"key":"21_CR15","unstructured":"Softflowd project. http:\/\/www.mindrot.org\/projects\/softflowd\/"},{"key":"21_CR16","unstructured":"Cisco IOS NetFlow. http:\/\/www.cisco.com\/en\/US\/products\/ps6601\/products_ios_protocol_group_home.html"},{"key":"21_CR17","unstructured":"Haddadi, F., Zincir-Heywood, A.N.: Data confirmation for botnet traffic analysis. Technical report (2014). https:\/\/www.cs.dal.ca\/research\/techreports\/cs-2014-01"}],"container-title":["Lecture Notes in Computer Science","Foundations and Practice of Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-17040-4_21","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,2,17]],"date-time":"2023-02-17T12:40:30Z","timestamp":1676637630000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-17040-4_21"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319170398","9783319170404"],"references-count":17,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-17040-4_21","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"5 April 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}