{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,21]],"date-time":"2026-02-21T18:39:02Z","timestamp":1771699142394,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":41,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642041167","type":"print"},{"value":"9783642041174","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-04117-4_18","type":"book-chapter","created":{"date-parts":[[2010,2,22]],"date-time":"2010-02-22T11:44:00Z","timestamp":1266839040000},"page":"335-350","source":"Crossref","is-referenced-by-count":26,"title":["Peer-to-Peer Botnets"],"prefix":"10.1007","author":[{"given":"Ping","family":"Wang","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Baber","family":"Aslam","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Cliff C.","family":"Zou","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"18_CR1","unstructured":"P.\u00a0B\u00e4cher, T.\u00a0Holz, M.\u00a0K\u00f6tter, G.\u00a0Wicherski: http:\/\/www.honeypot.org\/papers\/bots\/ (last accessed 10 October 2009)"},{"key":"18_CR2","unstructured":"J. Zhuge, T. Holz, X. Han, J. Guo, W. Zou: Characterizing the irc-based botnet phenomenon, Technical report, Peking University and University of Mannheim (2007)"},{"key":"18_CR3","doi-asserted-by":"crossref","unstructured":"C. Kalt: Internet relay chat: architecture, Request for Comments: RFC 2810 (2000)","DOI":"10.17487\/rfc2810"},{"key":"18_CR4","volume-title":"Peer-to-peer botnets: Overview and case study","author":"J.B. Grizzard","year":"2007","unstructured":"J.B. Grizzard, V. Sharma, C. Nunnery, B.B. Kang, D. Dagon: Peer-to-peer botnets: Overview and case study, Proc. 1st USENIX Workshop on Hot Topics in Understanding Botnets (HotBots \u201907), Cambridge, MA (2007)"},{"key":"18_CR5","unstructured":"T. Holz, M. Steiner, F. Dahl, E.W. Biersack, F. Freiling: Measurements and mitigation of peer-to-peer-based botnets: A case study on storm worm, Proc. 1st Usenix Workshop on Large-scale Exploits and Emergent Threats (LEET \u201908), San Francisco, CA (2008)"},{"key":"18_CR6","doi-asserted-by":"crossref","unstructured":"F. Kuhn, S. Schmid, R. Wattenhofer: A self-repairing peer-to-peer system resilient to dynamic adversarial churn, Proc. 4th Int. Workshop on Peer-to-Peer Systems (IPTPS \u201905), Ithaca, NY (2005)","DOI":"10.1007\/11558989_2"},{"issue":"4","key":"18_CR7","doi-asserted-by":"publisher","first-page":"335","DOI":"10.1145\/1041680.1041681","volume":"36","author":"S. Androutsellis-Theotokis","year":"2004","unstructured":"S.\u00a0Androutsellis-Theotokis, D.\u00a0Spinellis: A survey of peer-to-peer content distribution technologies, ACM Computing Surveys 36(4), 335\u2013371 (2004)","journal-title":"ACM Computing Surveys"},{"key":"18_CR8","unstructured":"Gnutella protocol specification, http:\/\/wiki.limewire.org\/index.php?title=GDF (last accessed 11 October 2009)"},{"key":"18_CR9","doi-asserted-by":"crossref","unstructured":"P. Maymounkov, D. Mazieres: Kademlia: A peer-to-peer information system based on the XOR metric, Proc. 1st Int. Workshop on Peer-to-Peer Systems (IPTPS \u201902), Cambridge, MA (2002) pp. 53\u201365","DOI":"10.1007\/3-540-45748-8_5"},{"key":"18_CR10","series-title":"Lecture Notes in Computer Science","volume-title":"Autonomous Intelligent Systems: Multi-Agents and Data Mining","author":"K. Bhaduri","year":"2007","unstructured":"K.\u00a0Bhaduri, K.\u00a0Das, H.\u00a0Kargupta: Peer-to-peer data mining, privacy issues, and games. In: Autonomous Intelligent Systems: Multi-Agents and Data Mining, Lecture Notes in Computer Science, ed. by V.\u00a0Gorodetsky, C.\u00a0Zhang, V.\u00a0Skormin, L.\u00a0Cao (Springer, Berlin Heidelberg 2007)"},{"key":"18_CR11","volume-title":"An advanced hybrid peer-to-peer botnet","author":"P. Wang","year":"2007","unstructured":"P. Wang, S. Sparks, C.C. Zou: An advanced hybrid peer-to-peer botnet, Proc. 1st USENIX Workshop on Hot Topics in Understanding Botnets (HotBots \u201907), Cambridge, MA (2007)"},{"key":"18_CR12","unstructured":"R. Vogt, J. Aycock, M. Jacobson: Army of botnets, Proc. 14th Network and Distributed System Security Symp. (NDSS \u201907), San Diego, CA (2007) pp. 111\u2013123"},{"key":"18_CR13","doi-asserted-by":"crossref","unstructured":"D. Stutzbach, R. Rejaie: Characterizing the two-tier gnutella topology, Proc. ACM SIGMETRICS, Poster Session, Alberta, Canada (2005) pp. 402\u2013403","DOI":"10.1145\/1064212.1064275"},{"key":"18_CR14","doi-asserted-by":"crossref","unstructured":"D. Dagon, G. Gu, C. Lee, W. Lee: A taxonomy of botnet structures, Proc. 23rd Annual Computer Security Applications Conf. (ACSAC \u201907), Honolulu, HI (2007) pp. 325\u2013339","DOI":"10.1109\/ACSAC.2007.44"},{"key":"18_CR15","unstructured":"M.A. Rajab, J. Zarfoss, F. Monrose, A. Terzis: My botnet is bigger than yours (maybe, better than yours): why size estimates remain challenging, Proc. 1st USENIX Workshop on Hot Topics in Understanding Botnets (HotBots \u201907), Cambridge, MA (2007)"},{"key":"18_CR16","doi-asserted-by":"crossref","unstructured":"D. Stutzbach, R. Rejaie: Capturing accurate snapshots of the gnutella network, Proc. IEEE Global Internet Symp., Miami, FL (2005) pp. 127\u2013132","DOI":"10.1109\/INFCOM.2005.1498570"},{"key":"18_CR17","unstructured":"B. Krebs: Just how bad is the storm worm?, available at http:\/\/voices.washingtonpost.com\/securityfix\/2007\/10\/the_storm_worm_m_aelstrom_or_te.html (last accessed 11 October 2009)"},{"key":"18_CR18","unstructured":"K.J. Higgins: Researchers infiltrate and \u2018pollute\u2019 storm botnet, available at http:\/\/www.darkreading.com\/security\/encryption\/showArticle.jhtml?articleID=211201340 (last accessed 11 October 2009)"},{"key":"18_CR19","unstructured":"O. Kolesnikov, D. Dagon, W. Lee: Advanced polymorphic worms: Evading ids by blending in with normal traffic, technical report, Georgia Tech (2004\u20132005)"},{"key":"18_CR20","unstructured":"G. Gu, P. Porras, V. Yegneswaran, M. Fong, W. Lee: BotHunter: Detecting malware infection through ids-driven dialog correlation, Proc. 16th USENIX Security Symp. (Security \u201907), Boston, MA (2007) pp. 167\u2013182"},{"key":"18_CR21","doi-asserted-by":"crossref","unstructured":"L. Zhou, L. Zhang, F. McSherry, N. Immorlica, M. Costa, S. Chien: A first look at peer-to-peer worms: Threats and defenses, Proc. 4th Int. Workshop on Peer-To-Peer Systems (IPTPS \u201905), Ithaca, NY (2005)","DOI":"10.1007\/11558989_3"},{"key":"18_CR22","unstructured":"L. Xie, S. Zhu: A feasibility study on defending against ultra-fast topological worms, Proc. 7th IEEE Int. Conf. on Peer-to-Peer Computing (P2P \u201907), Galway, Ireland (2007) pp. 61\u201370"},{"key":"18_CR23","unstructured":"S. Gianvecchio, M. Xie, Z. Wu, H. Wang: Measurement and classification of humans and bots in internet chat, Proc. USENIX Security Symp. (Security \u201908), San Jose, CA (2008) pp. 155\u2013169"},{"issue":"1","key":"18_CR24","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1109\/MSECP.2004.1264861","volume":"2","author":"N. Krawetz","year":"2004","unstructured":"N.\u00a0Krawetz: Anti-honeypot technology, IEEE Secur. Priv. 2(1), 76\u201379 (2004)","journal-title":"IEEE Secur. Priv."},{"key":"18_CR25","unstructured":"Y. Tang, S. Chen: Defending against internet worms: a signature-based approach, Proc. 24th IEEE Int. Conf. on Computer Communications (INFOCOM \u201905), Miami, FL (2005)"},{"key":"18_CR26","doi-asserted-by":"crossref","unstructured":"C.C. Zou, R. Cunningham: Honeypot-aware advanced botnet construction and maintenance, Proc. Int. Conf. on Dependable Systems and Networks (DSN \u201906), Philadelphia, PA (2006) pp. 199\u2013208","DOI":"10.1109\/DSN.2006.38"},{"key":"18_CR27","doi-asserted-by":"crossref","unstructured":"J. Liang, N. Naoumov, K.W. Ross: The index poisoning attack in p2p file sharing systems, Proc. 25th IEEE Int. Conf. on Computer Communications (INFOCOM \u201906), Barcelona, Spain (2006)","DOI":"10.1109\/INFOCOM.2006.232"},{"key":"18_CR28","doi-asserted-by":"crossref","unstructured":"G. Starnberger, C. Kruegel, E. Kirda: Overbot \u2013 a botnet protocol based on kademlia, Proc. 4th Int. Conf. on Security and Privacy in Communication Networks (SecureComm \u201908), Istanbul, Turkey (2008)","DOI":"10.1145\/1460877.1460894"},{"key":"18_CR29","volume-title":"The sybil attack","author":"J.R. Douceur","year":"2002","unstructured":"J.R. Douceur: The sybil attack, Proc. 1st Int. Workshop on Peer-to-Peer Systems (IPTPS \u201902), Cambridge, MA (2002)"},{"key":"18_CR30","doi-asserted-by":"crossref","unstructured":"C.R. Davis, J.M. Fernandez, S. Neville, J. McHugh: Sybil attacks as a mitigation strategy against the storm botnet, Proc. 3rd Int. Conf. on Malicious and Unwanted Software (Malware \u201908), Alexandria, VA (2008) pp. 32\u201340","DOI":"10.1109\/MALWARE.2008.4690855"},{"key":"18_CR31","unstructured":"A. Ramachandran, N. Feamster, D. Dagon: Revealing botnet membership using DNSBL counter-intelligence, Proc. 2nd USENIX Steps to Reducing Unwanted Traffic on the Internet (SRUTI \u201906), San Jose, CA (2006)"},{"key":"18_CR32","unstructured":"P.\u00a0Barford, V.\u00a0Yegneswaran: An inside look at botnets. In: Malware Detection, Advances in Information Security, ed. by M.\u00a0Christodorescu, S.\u00a0Jha, D.\u00a0Maughan, D.\u00a0Song, C.\u00a0Wang (Springer, 2006) pp. 171\u2013191"},{"key":"18_CR33","unstructured":"Trend Micro: Taxonomy of botnet threats, technical report, Trend Micro White Paper (2006)"},{"key":"18_CR34","doi-asserted-by":"crossref","unstructured":"Z. Zhu, G. Lu, Y. Chen, Z.J. Fu, P. Roberts, K. Han: Botnet research survey, Proc. 32nd Annual IEEE Int. Computer Software and Applications (COMPSAC \u201908), Turku, Finland (2008) pp. 967\u2013972","DOI":"10.1109\/COMPSAC.2008.205"},{"key":"18_CR35","doi-asserted-by":"crossref","unstructured":"E.V. Ruitenbeek, W.H. Sanders: Modeling peer-to-peer botnets, Proc. 5th Int. Conf. on Quantitative Evaluation of Systems (QEST \u201908), St. Malo, France (2008) pp. 307\u2013316","DOI":"10.1109\/QEST.2008.43"},{"key":"18_CR36","unstructured":"D. Dagon, C.C. Zou, W. Lee: Modeling botnet propagation using time zones, Proc. 13th Annual Network and Distributed System Security Symp. (NDSS \u201906), San Diego, CA (2006)"},{"key":"18_CR37","doi-asserted-by":"crossref","unstructured":"K. Ramachandran, B. Sikdar: Modeling malware propagation in gnutella type peer-to-peer networks, Proc. 20th Int. Parallel and Distributed Processing Symp. (IPDPS \u201906), Rhodes, Greece (2006)","DOI":"10.1109\/IPDPS.2006.1639704"},{"key":"18_CR38","unstructured":"W. Yu, P.C. Boyer, S. Chellappan, D. Xuan: Peer-to-peer system-based active worm attacks: Modeling and analysis, Proc. IEEE Int. Conf. on Communications (ICC \u201905), Seoul, Korea (2005) pp. 295\u2013300"},{"key":"18_CR39","doi-asserted-by":"crossref","unstructured":"R. Thommes, M. Coates: Epidemiological modelling of peer-to-peer viruses and pollution, Proc. 25th IEEE Int. Conf. on Computer Communications (INFOCOM \u201906), Barcelona, Spain (2006)","DOI":"10.1109\/INFOCOM.2006.101"},{"key":"18_CR40","unstructured":"G. Gu, R. Perdisci, J. Zhang, W. Lee: BotMiner: Clustering analysis of network traffic for protocol- and structure-independent botnet detection, Proc. 17th USENIX Security Symp. (Security \u201908), San Jose, CA (2008) pp. 139\u2013154"},{"key":"18_CR41","unstructured":"G. Gu, J. Zhang, W. Lee: BotSniffer: Detecting botnet command and control channels in network traffic, Proc. 15th Annual Network and Distributed System Security Symp. (NDSS \u201908), San Diego, CA (2008)"}],"container-title":["Handbook of Information and Communication Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-04117-4_18.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,23]],"date-time":"2020-11-23T21:39:22Z","timestamp":1606167562000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-04117-4_18"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642041167","9783642041174"],"references-count":41,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-04117-4_18","relation":{},"subject":[],"published":{"date-parts":[[2010]]}}}