{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,23]],"date-time":"2026-06-23T21:25:12Z","timestamp":1782249912298,"version":"3.54.5"},"reference-count":45,"publisher":"Springer Science and Business Media LLC","issue":"5","license":[{"start":{"date-parts":[[2015,12,31]],"date-time":"2015-12-31T00:00:00Z","timestamp":1451520000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2016,10]]},"DOI":"10.1007\/s10207-015-0310-0","type":"journal-article","created":{"date-parts":[[2015,12,31]],"date-time":"2015-12-31T04:53:24Z","timestamp":1451537604000},"page":"455-473","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":52,"title":["New facets of mobile botnet: architecture and evaluation"],"prefix":"10.1007","volume":"15","author":[{"given":"Marios","family":"Anagnostopoulos","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Georgios","family":"Kambourakis","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Stefanos","family":"Gritzalis","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2015,12,31]]},"reference":[{"key":"310_CR1","doi-asserted-by":"crossref","unstructured":"Ianelli, N., Hackworth, A.: Botnets as a vehicle for online crime. In: CERT Coordination Center (2005)","DOI":"10.5769\/C2006003"},{"key":"310_CR2","doi-asserted-by":"crossref","unstructured":"Nazario, J., Holz, T.: As the net churns: fast-flux botnet observations. In: 3rd International Conference on Malicious and Unwanted Software, 2008. MALWARE 2008, pp. 24\u201331 Oct (2008)","DOI":"10.1109\/MALWARE.2008.4690854"},{"key":"310_CR3","unstructured":"Holz, T., Gorecki, C., Rieck, K., Freiling, F.C.: Measuring and detecting fast-flux service networks (2008). In: Symposium on Network and Distributed System Security - NDSS(2008)"},{"key":"310_CR4","unstructured":"Antonakakis, M., Perdisci, R., Nadji, Y., Vasiloglou, N., Abu-Nimeh, S., Lee, W., Dagon, D.: From throw-away traffic to bots: detecting the rise of DGA-based Malware. In: Proceedings of the 21st USENIX Security Symposium (USENIX Security 12), pp. 491\u2013506, USENIX, Bellevue, WA (2012)"},{"issue":"Part B","key":"310_CR5","doi-asserted-by":"crossref","first-page":"475","DOI":"10.1016\/j.cose.2013.10.001","volume":"39","author":"M Anagnostopoulos","year":"2013","unstructured":"Anagnostopoulos, M., Kambourakis, G., Kopanos, P., Louloudakis, G., Gritzalis, S.: DNS amplification attack revisited. Comput. Secur. 39(Part B), 475\u2013485 (2013)","journal-title":"Comput. Secur."},{"key":"310_CR6","unstructured":"Gu, G., Perdisci, R., Zhang, J., Lee, W. et al.: BotMiner: clustering analysis of network traffic for protocol-and structure-independent botnet detection. In: Proceedings of the 17th Conference on Security Symposium, USENIX Association, pp. 139\u2013154 (2008)"},{"issue":"2","key":"310_CR7","doi-asserted-by":"crossref","first-page":"378","DOI":"10.1016\/j.comnet.2012.07.021","volume":"57","author":"RCG Pinto","year":"2013","unstructured":"Pinto, R.C.G., Silva, S.S.C., Silva, R.M.P., Salles, R.M.: Botnets: a survey. Comput. Netw. 57(2), 378\u2013403 (2013)","journal-title":"Comput. Netw."},{"key":"310_CR8","doi-asserted-by":"crossref","unstructured":"Binsalleeh, H., Kara, A.M., Youssef, A., Debbabi, M.: Characterization of covert channels in DNS. In 6th International Conference on New Technologies, Mobility and Security (NTMS), 2014, pp. 1\u20135, March (2014)","DOI":"10.1109\/NTMS.2014.6814008"},{"key":"310_CR9","doi-asserted-by":"crossref","unstructured":"Dietrich, C.J., Rossow, C., Freiling, F.C., Bos, H., van Steen, M., Pohlmann, N.: On botnets that use DNS for command and control. In Seventh European Conference on Computer Network Defense (EC2ND), 2011, pp. 9\u201316, Sept (2011)","DOI":"10.1109\/EC2ND.2011.16"},{"key":"310_CR10","doi-asserted-by":"crossref","unstructured":"Wang, P., Wu, L., Aslam, B., Zou, C.C.: A systematic study on peer-to-peer botnets. In Proceedings of 18th International Conference on Computer Communications and Networks (ICCN2009), IEEE, pp. 1\u20138. (2009)","DOI":"10.1109\/ICCCN.2009.5235360"},{"issue":"2","key":"310_CR11","doi-asserted-by":"crossref","first-page":"113","DOI":"10.1109\/TDSC.2008.35","volume":"7","author":"P Wang","year":"2010","unstructured":"Wang, P., Sparks, S., Zou, C.C.: An advanced hybrid peer-to-peer botnet. IEEE Trans. Dependable Secure Comput. 7(2), 113\u2013127 (2010)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"310_CR12","unstructured":"Cooke, E., Jahanian, F., McPherson, D.: The zombie roundup: understanding, detecting, and disrupting botnets. In Proceedings of the USENIX Steps to Reducing Unwanted Traffic on the Internet (SRUTI05) Workshop, vol. 39, p. 44 (2005)"},{"issue":"7","key":"310_CR13","doi-asserted-by":"crossref","first-page":"1437","DOI":"10.1007\/s00779-012-0579-1","volume":"17","author":"D Damopoulos","year":"2013","unstructured":"Damopoulos, D., Kambourakis, G., Anagnostopoulos, M., Gritzalis, S., Park, J.H.: User privacy and modern mobile services: are they on the same path? Pers. Ubiquitous Comput. 17(7), 1437\u20131448 (2013)","journal-title":"Pers. Ubiquitous Comput."},{"issue":"4","key":"310_CR14","doi-asserted-by":"crossref","first-page":"117","DOI":"10.1007\/s11416-012-0163-2","volume":"8","author":"A Apvrille","year":"2012","unstructured":"Apvrille, A.: Symbian worm yxes: towards mobile botnets? J. Comput. Virol. 8(4), 117\u2013131 (2012)","journal-title":"J. Comput. Virol."},{"key":"310_CR15","doi-asserted-by":"crossref","unstructured":"Porras, P., Saidi, H., Yegneswaran, V.: An analysis of the iKee. b iPhone botnet. In Security and Privacy in Mobile Information and Communication Systems, pp. 141\u2013152. Springer (2010)","DOI":"10.1007\/978-3-642-17502-2_12"},{"key":"310_CR16","doi-asserted-by":"crossref","unstructured":"Pieterse, H., Olivier, M.S.: Android botnets on the rise: trends and characteristics. In: Information Security for South Africa (ISSA), 2012, pp. 1\u20135, Aug (2012)","DOI":"10.1109\/ISSA.2012.6320432"},{"key":"310_CR17","doi-asserted-by":"crossref","unstructured":"Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In IEEE Symposium on Security and Privacy (SP), 2012, pp. 95\u2013109, May (2012)","DOI":"10.1109\/SP.2012.16"},{"issue":"1","key":"310_CR18","doi-asserted-by":"crossref","first-page":"446","DOI":"10.1109\/SURV.2012.013012.00028","volume":"15","author":"M Polla La","year":"2013","unstructured":"La Polla, M., Martinelli, F., Sgandurra, D.: A survey on security for mobile devices. IEEE Commun. Surv. Tutor. 15(1), 446\u2013471 (2013)","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"310_CR19","doi-asserted-by":"crossref","unstructured":"Singh, K., Sangal, S., Jain, N., Traynor, P., Lee, W.: Evaluating bluetooth as a medium for botnet command and control. In Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 61\u201380. Springer (2010)","DOI":"10.1007\/978-3-642-14215-4_4"},{"key":"310_CR20","doi-asserted-by":"crossref","unstructured":"Hua, J., Sakurai, K.: A SMS-based mobile botnet using flooding algorithm. In: Information Security Theory and Practice. Security and Privacy of Mobile Devices in Wireless Communication, pp. 264\u2013279. Springer (2011)","DOI":"10.1007\/978-3-642-21040-2_19"},{"key":"310_CR21","doi-asserted-by":"crossref","unstructured":"Mulliner, C., Seifert, J.P.: Rise of the iBots: owning a telco network. In: 5th International Conference on Malicious and Unwanted Software (MALWARE) 2010, IEEE, pp. 71\u201380. (2010)","DOI":"10.1109\/MALWARE.2010.5665790"},{"key":"310_CR22","unstructured":"Xiang, C., Binxing, F., Lihua, Y., Xiaoyi, L., Tianning, Z.: Andbot: towards advanced mobile botnets. In: Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats, p. 11. USENIX Association, Berkeley, CA, USA (2011)"},{"key":"310_CR23","doi-asserted-by":"crossref","unstructured":"Faghani, M.R., Nguyen, U.T.: Socellbot: a new botnet design to infect smartphones via online social networking. In: 25th IEEE Canadian Conference on Electrical Computer Engineering (CCECE), 2012, pp. 1\u20135, April (2012)","DOI":"10.1109\/CCECE.2012.6334962"},{"key":"310_CR24","doi-asserted-by":"crossref","unstructured":"Zhao, S., Lee, P.P.C., Lui, J.C.S., Guan, X., Ma, X., Tao, J.: Cloud-based push-styled mobile botnets: a case study of exploiting the cloud to device messaging service. In: Proceedings of the 28th Annual Computer Security Applications Conference, ACSAC \u201912, pp. 119\u2013128, ACM, New York, NY, USA (2012)","DOI":"10.1145\/2420950.2420968"},{"key":"310_CR25","doi-asserted-by":"crossref","unstructured":"Hasan, R., Saxena, N., Haleviz, T., Zawoad, S., Rinehart, D.: Sensing-enabled channels for hard-to-detect command and control of mobile devices. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, ASIA CCS \u201913, pp. 469\u2013480, ACM, New York, NY, USA (2013)","DOI":"10.1145\/2484313.2484373"},{"key":"310_CR26","unstructured":"Dagon, D., Zou, C.C., Lee, W.: Modeling botnet propagation using time zones. In Proceedings of the 13th Annual Network and Distributed System Security Symposium (NDSS\u201906), vol. 6, pp. 2\u201313 (2006)"},{"key":"310_CR27","doi-asserted-by":"crossref","unstructured":"Felt, A.P., Finifter, M., Chin, E., Hanna, S., Wagner, D.: A survey of mobile malware in the wild. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM \u201911, pp. 3\u201314, ACM, New York, NY, USA (2011)","DOI":"10.1145\/2046614.2046618"},{"key":"310_CR28","doi-asserted-by":"crossref","unstructured":"Knysz, M., Hu, X., Zeng, Y., Shin, K.G.: Open WiFi networks: lethal weapons for botnets? In: INFOCOM, 2012 Proceedings IEEE, pp. 2631\u20132635, March (2012)","DOI":"10.1109\/INFCOM.2012.6195668"},{"key":"310_CR29","doi-asserted-by":"crossref","unstructured":"Arends, R., Austein, R., Larson, M., Massey, D., Rose, S.: RFC 4033: DNS security introduction and requirements. http:\/\/www.ietf.org\/rfc\/rfc4033.txt (2005)","DOI":"10.17487\/rfc4033"},{"key":"310_CR30","doi-asserted-by":"crossref","unstructured":"Arends, R., Austein, R., Larson, M., Massey, D., Rose, S.: RFC 4034: Resource records for the DNS security extensions. http:\/\/www.ietf.org\/rfc\/rfc4034.txt (2005)","DOI":"10.17487\/rfc4034"},{"key":"310_CR31","doi-asserted-by":"crossref","unstructured":"Arends, R., Austein, R., Larson, M., Massey, D., Rose, S.: RFC 4035: Protocol modifications for the DNS security extensions. http:\/\/www.ietf.org\/rfc\/rfc4035.txt (2005)","DOI":"10.17487\/rfc4035"},{"key":"310_CR32","doi-asserted-by":"crossref","unstructured":"Anagnostopoulos, M., Kambourakis, G., Konstantinou, E., Gritzalis, S.: DNSSEC vs. DNSCurve: A Side-by-Side Comparison, p. 201. IGI Global (2012)","DOI":"10.4018\/978-1-4666-0104-8.ch012"},{"key":"310_CR33","doi-asserted-by":"crossref","unstructured":"Rijswijk-Deij, van R., Sperotto, A., Pras, A.: DNSSEC and its potential for DDoS attacks: a comprehensive measurement study. In: Proceedings of the 2014 Conference on Internet Measurement Conference, IMC \u201914, pp. 449\u2013460, ACM, New York, NY, USA (2014)","DOI":"10.1145\/2663716.2663731"},{"key":"310_CR34","unstructured":"Scapy project. http:\/\/www.secdev.org\/projects\/scapy\/"},{"key":"310_CR35","doi-asserted-by":"crossref","unstructured":"Eslahi, M., Salleh, R., Anuar, N.B.: MoBots: a new generation of botnets on mobile devices and networks. In: IEEE Symposium on Computer Applications and Industrial Electronics (ISCAIE), 2012, pp. 262\u2013266, Dec (2012)","DOI":"10.1109\/ISCAIE.2012.6482109"},{"key":"310_CR36","doi-asserted-by":"crossref","unstructured":"Reinfelder, L., Benenson, Z., Gassmann, F.: Differences between android and iphone users in their security and privacy awareness. In: Eckert, C., Katsikas, S.K., Pernul, G., (eds.), Trust, Privacy, and Security in Digital Business, vol. 8647 of Lecture Notes in Computer Science, pp. 156\u2013167. Springer International Publishing (2014)","DOI":"10.1007\/978-3-319-09770-1_14"},{"key":"310_CR37","doi-asserted-by":"crossref","unstructured":"Schmidt, A.-D., Bye, R., Schmidt, H.-G., Clausen, J., Kiraz, O., Yuksel, K.A., Camtepe, S.A., Albayrak, S.: Static analysis of executables for collaborative malware detection on android. In: IEEE International Conference on Communications, 2009. ICC \u201909, pp. 1\u20135, June (2009)","DOI":"10.1109\/ICC.2009.5199486"},{"key":"310_CR38","doi-asserted-by":"crossref","unstructured":"Abdullah, Z., Saudi, M.M., Anuar, N.B.: Mobile botnet detection: proof of concept. In: IEEE 5th Control and System Graduate Research Colloquium (ICSGRC), 2014, pp. 257\u2013262, Aug (2014)","DOI":"10.1109\/ICSGRC.2014.6908733"},{"key":"310_CR39","doi-asserted-by":"crossref","unstructured":"Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM \u201911, pp. 15\u201326, ACM, New York, NY, USA (2011)","DOI":"10.1145\/2046614.2046619"},{"issue":"4","key":"310_CR40","first-page":"251","volume":"26","author":"A Feizollah","year":"2014","unstructured":"Feizollah, A., Anuar, N.B., Salleh, R., Amalina, F., Maarof, Rauf Ridzuan, Shamshirband, Shahaboddin: A study of machine learning classifiers for anomaly-based mobile botnet detection. Malays. J. Comput. Sci. 26(4), 251\u2013265 (2014)","journal-title":"Malays. J. Comput. Sci."},{"key":"310_CR41","doi-asserted-by":"crossref","unstructured":"Vural, I., Venter, H.: Mobile botnet detection using network forensics. In: ArneJ. Berre, Asuncion Gomez-Perez, Kurt Tutschku, and Dieter Fensel, editors, Future Internet\u2014FIS 2010, vol. 6369 of Lecture Notes in Computer Science, pp. 57\u201367. Springer, Berlin (2010)","DOI":"10.1007\/978-3-642-15877-3_7"},{"key":"310_CR42","unstructured":"Oberheide, J., Cooke, E., Jahanian, F.: CloudAV: N-version antivirus in the network cloud. In 17th USENIX Security Symposium, pp. 91\u2013106 (2008)"},{"key":"310_CR43","doi-asserted-by":"crossref","unstructured":"Portokalidis, G., Homburg, P., Anagnostakis, K., Bos, H.: Paranoid android: versatile protection for smartphones. In: Proceedings of the 26th Annual Computer Security Applications Conference, ACSAC \u201910, pp. 347\u2013356, ACM, New York, NY, USA, (2010)","DOI":"10.1145\/1920261.1920313"},{"key":"310_CR44","doi-asserted-by":"crossref","unstructured":"Damopoulos, D., Kambourakis, G., Portokalidis, G.: The best of both worlds: a framework for the synergistic operation of host and cloud anomaly-based IDS for smartphones. In: Proceedings of the Seventh European Workshop on System Security, EuroSec \u201914, pp. 6:1\u20136:6, ACM, New York, NY, USA (2014)","DOI":"10.1145\/2592791.2592797"},{"key":"310_CR45","doi-asserted-by":"crossref","unstructured":"Tsiatsikas, Z., Anagnostopoulos, M., Kambourakis, G., Lambrou, S., Geneiatakis, D.: Hidden in plain sight. SDP-Based covert channel for botnet communication. In: Fischer-Hubner, S., Lambrinoudakis, C., Lopez, J. (eds.), Trust, Privacy and Security in Digital Business, vol. 9264 of Lecture Notes in Computer Science, pp. 48\u201359. Springer International Publishing (2015)","DOI":"10.1007\/978-3-319-22906-5_4"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-015-0310-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10207-015-0310-0\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-015-0310-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-015-0310-0","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,2]],"date-time":"2019-09-02T22:59:42Z","timestamp":1567465182000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10207-015-0310-0"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,12,31]]},"references-count":45,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2016,10]]}},"alternative-id":["310"],"URL":"https:\/\/doi.org\/10.1007\/s10207-015-0310-0","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015,12,31]]}}}