{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,28]],"date-time":"2026-06-28T05:08:04Z","timestamp":1782623284868,"version":"3.54.5"},"publisher-location":"Cham","reference-count":23,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319597669","type":"print"},{"value":"9783319597676","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-59767-6_14","type":"book-chapter","created":{"date-parts":[[2017,5,29]],"date-time":"2017-05-29T03:44:19Z","timestamp":1496029459000},"page":"166-181","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":20,"title":["Information Technology for Botnets Detection Based on Their Behaviour in the Corporate Area Network"],"prefix":"10.1007","author":[{"given":"Sergii","family":"Lysenko","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Oleg","family":"Savenko","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Kira","family":"Bobrovnikova","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Andrii","family":"Kryshchuk","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Bohdan","family":"Savenko","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2017,5,30]]},"reference":[{"key":"14_CR1","doi-asserted-by":"crossref","unstructured":"Komar, M., Kochan, V., Sachenko, A., Ababii, V.: Improving of the security of intrusion detection system. In: 2016 International Conference on Development and Application Systems (DAS), pp. 315\u2013319 (2016)","DOI":"10.1109\/DAAS.2016.7492594"},{"key":"14_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"471","DOI":"10.1007\/978-3-319-49806-5_26","volume-title":"Information Systems Security","author":"T Harsha","year":"2016","unstructured":"Harsha, T., Asha, S., Soniya, B.: Feature selection for effective botnet detection based on periodicity of traffic. In: Ray, I., Gaur, M.S., Conti, M., Sanghi, D., Kamakoti, V. (eds.) ICISS 2016. LNCS, vol. 10063, pp. 471\u2013478. Springer, Cham (2016). doi:\n                    10.1007\/978-3-319-49806-5_26"},{"key":"14_CR3","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/978-3-319-19419-6_7","volume-title":"Computer Networks","author":"T Sochor","year":"2015","unstructured":"Sochor, T., Zuzcak, M.: Attractiveness study of honeypots and honeynets in internet threat detection. In: Gaj, P., Kwiecie\u0144, A., Stera, P. (eds.) CN 2015. CCIS, vol. 522, pp. 69\u201381. Springer, Cham (2015). doi:\n                    10.1007\/978-3-319-19419-6_7"},{"key":"14_CR4","doi-asserted-by":"crossref","unstructured":"Sochor, T., Zuzcak, M., Bujok, P.: Analysis of attackers against windows emulating honeypots in various types of networks and regions. In: International Conference on Ubiquitous and Future Networks, pp. 863\u2013868 (2016)","DOI":"10.1109\/ICUFN.2016.7537159"},{"key":"14_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"142","DOI":"10.1007\/978-3-319-39814-3_15","volume-title":"Management and Security in the Age of Hyperconnectivity","author":"C Dietz","year":"2016","unstructured":"Dietz, C., Sperotto, A., Dreo, G., Pras, A.: How to achieve early botnet detection at the provider level? In: Badonnel, R., Koch, R., Pras, A., Dra\u0161ar, M., Stiller, B. (eds.) AIMS 2016. LNCS, vol. 9701, pp. 142\u2013146. Springer, Cham (2016). doi:\n                    10.1007\/978-3-319-39814-3_15"},{"key":"14_CR6","doi-asserted-by":"crossref","unstructured":"Kwon, J., Lee, J., Lee, H., Perrig, A.: PsyBoG: a scalable botnet detection method for large-scale DNS traffic. In: Computer Networks, vol. 97, pp. 48\u201373 (2016)","DOI":"10.1016\/j.comnet.2015.12.008"},{"key":"14_CR7","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1016\/j.diin.2014.11.001","volume":"12","author":"R Sharifnya","year":"2015","unstructured":"Sharifnya, R., Abadi, M.: DFBotKiller: domain-flux botnet detection based on the history of group activities and failures in DNS traffic. Digit. Invest. 12, 15\u201326 (2015)","journal-title":"Digit. Invest."},{"key":"14_CR8","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"83","DOI":"10.1007\/978-3-319-39207-3_8","volume-title":"Computer Networks","author":"O Pomorova","year":"2016","unstructured":"Pomorova, O., Savenko, O., Lysenko, S., Kryshchuk, A., Bobrovnikova, K.: Anti-evasion technique for the botnets detection based on the passive DNS monitoring and active DNS probing. In: Gaj, P., Kwiecie\u0144, A., Stera, P. (eds.) CN 2016. CCIS, vol. 608, pp. 83\u201395. Springer, Cham (2016). doi:\n                    10.1007\/978-3-319-39207-3_8"},{"key":"14_CR9","first-page":"464","volume-title":"The Killer Web Application","author":"C Schiller","year":"2007","unstructured":"Schiller, C., Binkley, R., Botnets, J.: The Killer Web Application, p. 464. Syngress Publishing, Burlington (2007)"},{"key":"14_CR10","doi-asserted-by":"crossref","unstructured":"Yadav, S., Reddy, A.L.N.: Winning with DNS failures: strategies for faster botnet detection. In: Proceedings of the 7th International ICST Conference on Security and Privacy in Communication Networks, pp. 446\u2013459 (2011)","DOI":"10.1007\/978-3-642-31909-9_26"},{"key":"14_CR11","unstructured":"Salusky, W., Danford, R.: Know your enemy: fast-flux service networks. The Honeynet Project (2007). \n                    http:\/\/www.honeynet.org\/book\/export\/html\/130"},{"key":"14_CR12","doi-asserted-by":"crossref","unstructured":"Nazario, J., Holz, T.: As the net churns: fast-flux botnet observations. In: Conference on Malicious and Unwanted Software (Malware 2008), pp. 24\u201331 (2008)","DOI":"10.1109\/MALWARE.2008.4690854"},{"key":"14_CR13","unstructured":"DAMBALLA: Botnet Communication Topologies. Understanding the intricacies of botnet command-and-control. \n                    https:\/\/www.damballa.com\/downloads\/r_pubs\/WP_Botnet_Communications_Primer.pdf"},{"key":"14_CR14","unstructured":"Bilge, L., Kirda, E., Kruegel, C., Balduzzi, M.: EXPOSURE: finding malicious domains using passive DNS analysis. In: NDSS, pp. 1\u201317 (2011)"},{"key":"14_CR15","unstructured":"Farnham, G., Atlasis, A.: Detecting DNS tunneling. SANS Institute InfoSec Reading Room, pp. 1\u201332 (2013)"},{"key":"14_CR16","doi-asserted-by":"crossref","unstructured":"Dietrich, C.J., Rossow, C., Freiling, F.C., Bos, H., van Steen, M., Pohlmann, N.: On Botnets that use DNS for command and control. In: Proceedings of European Conference on Computer Network Defense, pp. 9\u201316 (2011)","DOI":"10.1109\/EC2ND.2011.16"},{"key":"14_CR17","unstructured":"Guy, J.: A study of DNS, 30 January 2009. \n                    http:\/\/armatum.com\/blog\/2009\/a-study-of-dns\/"},{"key":"14_CR18","unstructured":"Guy, J.: DNS part ii: visualization, 13 February 2009. \n                    http:\/\/armatum.com\/blog\/2009\/dns-part-ii\/"},{"issue":"2","key":"14_CR19","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1137\/0222018","volume":"22","author":"J Tarhio","year":"1993","unstructured":"Tarhio, J., Ukkonen, E.: Approximate BoyerMoore string matching. SIAM J. Comput. 22(2), 243\u2013260 (1993)","journal-title":"SIAM J. Comput."},{"key":"14_CR20","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1007\/978-3-319-19419-6_12","volume-title":"Computer Networks","author":"O Pomorova","year":"2015","unstructured":"Pomorova, O., Savenko, O., Lysenko, S., Kryshchuk, A., Bobrovnikova, K.: A technique for the Botnet detection based on DNS-traffic analysis. In: Gaj, P., Kwiecie\u0144, A., Stera, P. (eds.) CN 2015. CCIS, vol. 522, pp. 127\u2013138. Springer, Cham (2015). doi:\n                    10.1007\/978-3-319-19419-6_12"},{"key":"14_CR21","doi-asserted-by":"crossref","unstructured":"Dipankar, D.: Artificial immune systems. In: Encyclopedia of Sciences and Religions, pp. 136\u2013139 (2013)","DOI":"10.1007\/978-1-4020-8265-8_1208"},{"key":"14_CR22","unstructured":"Zhang, F., Qi, D.: A positive selection algorithm for classification. J. Comput. Inf. Syst. 207\u2013215 (2012)"},{"key":"14_CR23","doi-asserted-by":"crossref","unstructured":"Goswami, M., Bhattacharjee, A.: Detector generation algorithm for self-nonself detection in artificial immune system. In: 2014 International Conference for Technology on Convergence of Technology (I2CT), pp. 1\u20136 (2014)","DOI":"10.1109\/I2CT.2014.7092107"}],"container-title":["Communications in Computer and Information Science","Computer Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-59767-6_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,21]],"date-time":"2019-05-21T03:37:45Z","timestamp":1558409865000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-59767-6_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319597669","9783319597676"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-59767-6_14","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"value":"1865-0929","type":"print"},{"value":"1865-0937","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"30 May 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CN","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Computer Networks","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Brun\u00f3w","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Poland","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2017","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 June 2017","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 June 2017","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"cn2017","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/cn.polsl.pl\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}