{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T01:12:58Z","timestamp":1743124378414,"version":"3.40.3"},"publisher-location":"Cham","reference-count":31,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319651262"},{"type":"electronic","value":"9783319651279"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-65127-9_18","type":"book-chapter","created":{"date-parts":[[2017,8,5]],"date-time":"2017-08-05T03:35:53Z","timestamp":1501904153000},"page":"223-234","source":"Crossref","is-referenced-by-count":2,"title":["A Concept of Clustering-Based Method for Botnet Detection"],"prefix":"10.1007","author":[{"given":"Hubert","family":"Ostap","sequence":"first","affiliation":[]},{"given":"Ryszard","family":"Antkiewicz","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,8,6]]},"reference":[{"issue":"5","key":"18_CR1","doi-asserted-by":"crossref","first-page":"455","DOI":"10.1007\/s10207-015-0310-0","volume":"15","author":"M Anagnostopoulos","year":"2013","unstructured":"Anagnostopoulos, M., Kambourakis, G., Gritzalis, S.: New facets of mobile botnet: architecture and evaluation. Int. J. Inf. Secur. 15(5), 455\u2013473 (2013)","journal-title":"Int. J. Inf. Secur."},{"key":"18_CR2","doi-asserted-by":"crossref","unstructured":"Barthakur, P., Dahal, M., Ghose, M.: A framework for P2P Botnet detection using SVM. In: International Conference on Cyber-Enabled Distributed Computing and Knowledge Discover (2012)","DOI":"10.1109\/CyberC.2012.40"},{"key":"18_CR3","unstructured":"Binkley, J.R., Singh, S.: An algorithm for anomaly-based botnet detection. In: Proceedings USENIX Steps to Reducing Unwanted Traffic on the Internet Workshop (SRUTI 2006), pp. 43\u201348 (2006)"},{"key":"18_CR4","doi-asserted-by":"crossref","unstructured":"Choi, H., Lee, H.: BotGAD: detecting botnets by capturing group activities in network traffic. In: Proceedings of the 4th International ICST Conference on Communication System Software and Middleware, (Comsware 2009) (2009)","DOI":"10.1145\/1621890.1621893"},{"key":"18_CR5","doi-asserted-by":"crossref","unstructured":"Choi, H., Lee, H.: Identifying botnets by capturing group activities in DNS traffic (2012)","DOI":"10.1016\/j.comnet.2011.07.018"},{"key":"18_CR6","unstructured":"Cooke, E., Jahanian, F., McPherson, D.: The zombie roundup: understanding, detecting, and disrupting botnet. In: Proceedings of SRUTI: Steps to Reducing Unwanted Traffic on the Internet, July 2005"},{"key":"18_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"251","DOI":"10.1007\/3-540-45748-8_24","volume-title":"Peer-to-Peer Systems","author":"JR Douceur","year":"2002","unstructured":"Douceur, J.R.: The Sybil attack. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251\u2013260. Springer, Heidelberg (2002). doi: 10.1007\/3-540-45748-8_24"},{"key":"18_CR8","unstructured":"ENISA: Botnets: Detection, Measurement, Disinfection & Defence, European Network and Information Security Agency (ENISA) (2011)"},{"key":"18_CR9","doi-asserted-by":"crossref","unstructured":"Feily, M., Shahrestani, A., Ramadass, S.: A survey of botnet and botnet detection. In: Third International Conference on Emerging Security Information, Systems and Technologies (2009)","DOI":"10.1109\/SECURWARE.2009.48"},{"key":"18_CR10","doi-asserted-by":"crossref","first-page":"100","DOI":"10.1016\/j.cose.2014.05.011","volume":"45","author":"S Garcia","year":"2014","unstructured":"Garcia, S., Grill, M., Stiborek, J., Zunino, A.: An empirical comparison of botnet detection methods. Comput. Secur. 45, 100\u2013123 (2014)","journal-title":"Comput. Secur."},{"issue":"5","key":"18_CR11","doi-asserted-by":"crossref","first-page":"878","DOI":"10.1002\/sec.800","volume":"7","author":"S Garcia","year":"2014","unstructured":"Garcia, S., Zunino, A., Campo, M.: Survey on network-based botnet detection methods. Secur. Commun. Netw. 7(5), 878\u2013903 (2014)","journal-title":"Secur. Commun. Netw."},{"key":"18_CR12","unstructured":"Goebel, J., Holz, T.: Identify bot contaminated host by IRC nickname evaluation. In: Proceedings of USENIX HotBots 2007 (2007)"},{"key":"18_CR13","unstructured":"Gu, G., Zhang, J., Lee, W.: BotSniffer: detecting botnet command and control channels in network traffic. In: Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS 2008), February 2008"},{"key":"18_CR14","unstructured":"Gu, G., Perdisci, R., Zhang, J., Lee, W.: BotMiner: clustering analysis of network traffic for protocol and structure-independent botnet detection. In: Proceedings of the USENIX Security Symposium (Security) (2008)"},{"key":"18_CR15","unstructured":"Honeynet Project and Research Alliance. Know your enemy: Tracking Botnets, March 2005. http:\/\/honeynet.org\/papers\/bots\/"},{"key":"18_CR16","volume-title":"Malware Analyst\u2019s Cookbook and DVD","author":"M Ligh","year":"2011","unstructured":"Ligh, M., Adair, S., Hartstein, B., Richard, M.: Malware Analyst\u2019s Cookbook and DVD. Wiley, New York (2011)"},{"key":"18_CR17","unstructured":"Lyon, F.: Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning. Insecure.com (2009)"},{"key":"18_CR18","unstructured":"Malwarebytes, Kujawa, A.: You dirty RAT! Part 2 \u2013 Blackshades NET, 15 June 2015. https:\/\/blog.malwarebytes.com\/threat-analysis\/2012\/06\/you-dirty-rat-part-2-blackshades-net\/"},{"key":"18_CR19","unstructured":"Manasrah, A.M., Hasan, A., Abouabdalla, O.A., Ramadass, S.: Detecting botnet activities based on abnormal DNS traffic. Int. J. Comput. Sci. Inf. Secur. (IJCSIS) (2009)"},{"key":"18_CR20","unstructured":"NOVETTA: Elastic Zombie Botnet Report (2015)"},{"key":"18_CR21","unstructured":"Provos, N.: A virtual honeypot framework. In: Proceedings of the 13th USENIX Security Symposium, pp. 1\u201314 (2014)"},{"key":"18_CR22","doi-asserted-by":"crossref","unstructured":"Raghava, N.S., Sahgal, D., Chandna, S.: Classification of botnet detection based on botnet architecture. In: International Conference on Communication System and Network Technologies (2012)","DOI":"10.1109\/CSNT.2012.128"},{"key":"18_CR23","unstructured":"Ramachandran, A., Feamster, N., Dagon, D.: Revealing botnet membership using DNSBL counter-intelligence. In: USENIX 2nd Workshop on Steps to Reducing Unwated Traffic on the Internet (SRUTI 2006), June 2006"},{"key":"18_CR24","doi-asserted-by":"crossref","unstructured":"Sayoid, S., Chanthakoummane, Y.: Improving intrusion detection on snort for botnet detection. Software Networking, pp. 191\u2013212, July 2016","DOI":"10.1007\/978-981-10-0557-2_74"},{"key":"18_CR25","doi-asserted-by":"crossref","unstructured":"Sikorski, M., Honig, A.: Practical Malware Analysis. No Strach Press (2012)","DOI":"10.1016\/S1353-4858(12)70109-5"},{"issue":"2","key":"18_CR26","doi-asserted-by":"crossref","first-page":"378","DOI":"10.1016\/j.comnet.2012.07.021","volume":"57","author":"SS Silva","year":"2013","unstructured":"Silva, S.S., Silva, R.M., Pinto, R.C., Salles, R.M.: Botnets: a survey. Comput. Netw. 57(2), 378\u2013403 (2013)","journal-title":"Comput. Netw."},{"key":"18_CR27","first-page":"1","volume-title":"Botnet Detection","author":"T Strayer","year":"2008","unstructured":"Strayer, T., Lapsely, D., Walsh, R., Livadas, C.: Botnet detection based on network behavior. In: Lee, W., Wang, C., Dagon, D. (eds.) Botnet Detection, pp. 1\u201324. Springer, Boston (2008)"},{"key":"18_CR28","unstructured":"Stringhini, G., Holz, T., Stone-Gross, B., Kruegel, C., Vigna, G.: BOTMAGNIFIER: locating spambots on the internet. In: Proceedings of the 20th USENIX Conference on Security, SEC 2011, p. 28. USENIX Association, Berkeley (2011)"},{"key":"18_CR29","unstructured":"Holz, T., Steiner, M., Dahl, F., Biersack, E., Freiling, F.: Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm. In: Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats. USENIX Association, Berkeley (2008)"},{"key":"18_CR30","unstructured":"Wang, P., Sparks, S., Zou, C.: An advanced hybrid peer-to-peer botnet. In: USENIX First Workshop on Hot Topics in Understanding Botnets (HotBots 2007), April 2007"},{"key":"18_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"207","DOI":"10.1007\/978-3-540-70542-0_11","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"T-F Yen","year":"2008","unstructured":"Yen, T.-F., Reiter, M.K.: Traffic aggregation for malware detection. In: Zamboni, D. (ed.) DIMVA 2008. LNCS, vol. 5137, pp. 207\u2013227. Springer, Heidelberg (2008). doi: 10.1007\/978-3-540-70542-0_11"}],"container-title":["Lecture Notes in Computer Science","Computer Network Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-65127-9_18","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,1]],"date-time":"2019-10-01T22:13:57Z","timestamp":1569968037000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-65127-9_18"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319651262","9783319651279"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-65127-9_18","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2017]]}}}