{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,30]],"date-time":"2026-04-30T20:54:18Z","timestamp":1777582458559,"version":"3.51.4"},"reference-count":57,"publisher":"Springer Science and Business Media LLC","issue":"12","license":[{"start":{"date-parts":[[2019,10,14]],"date-time":"2019-10-14T00:00:00Z","timestamp":1571011200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2019,10,14]],"date-time":"2019-10-14T00:00:00Z","timestamp":1571011200000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Supercomput"],"published-print":{"date-parts":[[2019,12]]},"DOI":"10.1007\/s11227-019-03005-2","type":"journal-article","created":{"date-parts":[[2019,10,14]],"date-time":"2019-10-14T20:02:25Z","timestamp":1571083345000},"page":"8312-8338","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":46,"title":["Detecting and confronting flash attacks from IoT botnets"],"prefix":"10.1007","volume":"75","author":[{"given":"C. U.","family":"Om Kumar","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ponsy R. K.","family":"Sathia Bhama","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,10,14]]},"reference":[{"issue":"1","key":"3005_CR1","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1109\/TTE.2017.2753403","volume":"4","author":"Z Moghaddam","year":"2018","unstructured":"Moghaddam Z, Ahmad I, Habibi D, Phung QV (2018) Smart charging strategy for electric vehicle charging stations. IEEE Trans Transp Electr 4(1):76\u201388","journal-title":"IEEE Trans Transp Electr"},{"key":"3005_CR2","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1016\/j.enbuild.2012.01.041","volume":"49","author":"J Figueiredo","year":"2012","unstructured":"Figueiredo J, da Costa JS (2012) A SCADA system for energy management in intelligent buildings. Energy Build 49:85\u201398","journal-title":"Energy Build"},{"key":"3005_CR3","unstructured":"Jara A, Zamora M, Skarmeta A (2010) An architecture based on internet of things to support mobility and security in medical environments. In: IEEE, pp 1\u20135"},{"key":"3005_CR4","unstructured":"Scott C, Carbone R (2014) Designing and implementing a honeypot for a SCADA network. SANS Institute Reading Room"},{"issue":"1","key":"3005_CR5","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1109\/JIOT.2014.2306328","volume":"1","author":"A Zanella","year":"2014","unstructured":"Zanella A, Bui N, Castellani A, Vangelista L, Zorzi M (2014) Internet of things for smart cities. IEEE Internet Things J 1(1):22\u201332","journal-title":"IEEE Internet Things J"},{"key":"3005_CR6","doi-asserted-by":"crossref","unstructured":"Rao BBP, Saluia P, Sharma N, Mittal A, Sharma SV (2012) Cloud computing for internet of things and sensing based applications. In: Sixth International Conference on Sensing Technology (ICST), pp 374\u2013380","DOI":"10.1109\/ICSensT.2012.6461705"},{"key":"3005_CR7","doi-asserted-by":"publisher","first-page":"761","DOI":"10.1016\/j.future.2017.08.043","volume":"82","author":"AA Diro","year":"2018","unstructured":"Diro AA, Chilamkurti N (2018) Distributed attack detection scheme using deep learning approach for internet of things. Future Gener Comput Syst 82:761\u2013768","journal-title":"Future Gener Comput Syst"},{"key":"3005_CR8","doi-asserted-by":"publisher","first-page":"7700","DOI":"10.1109\/ACCESS.2018.2803446","volume":"6","author":"LF Maim\u00f3","year":"2018","unstructured":"Maim\u00f3 LF, G\u00f3mez \u00c1LP, Clemente FJG, P\u00e9rez MG, P\u00e9rez GM (2018) A self-adaptive deep learning-based system for anomaly detection in 5G networks. IEEE Access 6:7700\u20137712","journal-title":"IEEE Access"},{"key":"3005_CR9","doi-asserted-by":"crossref","unstructured":"Prokofiev AO, Smirnova YS, Surov VA (2018) A method to detect Internet of Things botnets. In: 2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus), pp 105\u2013108","DOI":"10.1109\/EIConRus.2018.8317041"},{"key":"3005_CR10","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1109\/MC.2017.62","volume":"2","author":"E Bertino","year":"2017","unstructured":"Bertino E, Islam N (2017) Botnets and internet of things security. Computer 2:76\u201379","journal-title":"Computer"},{"key":"3005_CR11","doi-asserted-by":"crossref","unstructured":"Ukil A, Sen J, Koilakonda S (2011) Embedded security for internet of things. In: Emerging Trends and Applications in Computer Science (NCETACS), pp 1\u20136","DOI":"10.1109\/NCETACS.2011.5751382"},{"key":"3005_CR12","unstructured":"Hallman R, Bryan J, Palavicini G, Divita J, Romero-Mariona J (2017) IoDDoS\u2014the internet of distributed denial of service attacks"},{"key":"3005_CR13","doi-asserted-by":"crossref","unstructured":"Doshi R, Apthorpe N, Feamster N (2018) Machine learning DDoS detection for consumer internet of things devices. In: 2018 IEEE security and privacy workshops (SPW)","DOI":"10.1109\/SPW.2018.00013"},{"key":"3005_CR14","unstructured":"De Donno M, Dragoni N, Giaretta A, Mazzara M (2016) AntibIoTic: protecting IoT devices against DDoS attacks. In: International Conference in Software Engineering for Defence Applications, pp 59\u201372"},{"key":"3005_CR15","doi-asserted-by":"crossref","unstructured":"Thapngam T, Yu S, Zhou W, Beliakov G (2011) Discriminating DDoS attack traffic from flash crowd through packet arrival patterns. In: 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp 952\u2013957","DOI":"10.1109\/INFCOMW.2011.5928950"},{"key":"3005_CR16","doi-asserted-by":"crossref","unstructured":"Zhang U, Luo X, Perdisci R, Gu G, Lee W, Feamster N (2011) Boosting the scalability of botnet detection using adaptive traffic sampling. In: 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS)","DOI":"10.1145\/1966913.1966930"},{"key":"3005_CR17","unstructured":"De Paula U, de Oliveira D, Frota Y, Barbosa VC, Drummond L (2015) Detecting and handling flash-crowd events on cloud environments. arXiv preprint \narXiv:1510.03913"},{"key":"3005_CR18","doi-asserted-by":"crossref","unstructured":"Stavrou A, Rubenstein D, Sahu S (2002) A lightweight, robust p2p system to handle flash crowds. In: IEEE International Conference on Network Protocols, pp 226\u2013235","DOI":"10.1109\/ICNP.2002.1181410"},{"key":"3005_CR19","doi-asserted-by":"crossref","unstructured":"Ari I, Hong B, Miller EL, Brandt SA, De Long D (2003) Managing flash crowds on the internet. In: IEEE\/ACM International Symposium on Modeling, Analysis and Simulation of Computer Telecommunications Systems, pp 246\u2013249","DOI":"10.1109\/MASCOT.2003.1240667"},{"issue":"3","key":"3005_CR20","doi-asserted-by":"publisher","first-page":"532","DOI":"10.1145\/1084772.1084776","volume":"5","author":"X Chen","year":"2005","unstructured":"Chen X, Heidemann J (2005) Flash crowd mitigation via adaptive admission control based on application-level observations. ACM Trans Internet Technol (TOIT) 5(3):532\u2013569","journal-title":"ACM Trans Internet Technol (TOIT)"},{"key":"3005_CR21","doi-asserted-by":"crossref","unstructured":"Ramamurthy P, Sekar V, Akella A, Krishnamurthy B, Shaikh A (2007) Using mini-flash crowds to infer resource constraints in remote web servers. In: ACM Proceedings of the 2007 SIGCOMM Workshop on Internet Network Management, pp 250\u2013255","DOI":"10.1145\/1321753.1321760"},{"key":"3005_CR22","doi-asserted-by":"crossref","unstructured":"Atajanov M, Shimokawa T, Yoshida N (2007) Autonomic multi-server distribution in flash crowds alleviation network. In: International Conference on Embedded and Ubiquitous Computing. Springer, pp 309\u2013320","DOI":"10.1007\/978-3-540-77090-9_28"},{"key":"3005_CR23","unstructured":"Zeidan Loo HR, Manaf AA (2011) Botnet command and control mechanisms. In: Second International Conference on Computer and Electrical Engineering, ICCEE \u201809. pp 564\u2013568"},{"key":"3005_CR24","unstructured":"Plohmann D, Gerhards-Padilla E (2018) Case study of miner botnet. In: 2018 16th Annual Conference on Privacy, Security and Trust (PST), pp 1\u201316"},{"key":"3005_CR25","doi-asserted-by":"crossref","unstructured":"Murynets I, Jover RP (2013) Anomaly detection in cellular machine-to-machine communications. In: 2013 IEEE International Conference on Communications (ICC), Budapest, pp 2138\u20132143","DOI":"10.1109\/ICC.2013.6654843"},{"key":"3005_CR26","doi-asserted-by":"crossref","unstructured":"Liu CM, Chen SY, Zhang Y, Chen R, Guo KL (2012) An IoT anomaly detection model based on artificial immunity. In: Advances materials research, vol 424. Trans Tech Publications, pp 625\u2013628","DOI":"10.4028\/www.scientific.net\/AMR.424-425.625"},{"issue":"10","key":"3005_CR27","first-page":"63","volume":"4","author":"ML Bringer","year":"2012","unstructured":"Bringer ML, Chelmecki CA, Fujinoki H (2012) A survey: recent advances and future trends in honeypot research. Int J Comput Netw Inf Secur 4(10):63","journal-title":"Int J Comput Netw Inf Secur"},{"key":"3005_CR28","doi-asserted-by":"crossref","unstructured":"Guarnizo JD, Tambe A, Bhunia SS, Ochoa M, Tippenhauer NO, Shabtai A, Elovici Y (2017) Siphon: towards scalable high-interaction physical honeypots. In: Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security, pp 57\u201368","DOI":"10.1145\/3055186.3055192"},{"key":"3005_CR29","unstructured":"Tuor A, Kaplan S, Hutchinson B, Nichols N, Robinson S (2017) Deep learning for unsupervised insider threat detection in structured cybersecurity data streams. In: Workshops at the Thirty-First AAAI Conference on Artificial Intelligence"},{"key":"3005_CR30","doi-asserted-by":"crossref","unstructured":"Dong X, Hu J, Cui Y (2018) Overview of botnet detection based on machine learning. In: 2018 3rd International Conference on Mechanical, Control and Computer Engineering (ICMCCE), pp 476\u2013479","DOI":"10.1109\/ICMCCE.2018.00106"},{"key":"3005_CR31","unstructured":"Binkley JR, Singh S (2006) An algorithm for anomaly-based botnet detection. In: Proceedings of the 2nd Conference on Steps to Reducing Unwanted Traffic on the Internet (SRUTI\u201906)"},{"key":"3005_CR32","unstructured":"Gu G, Porras P, Yegneswaran V, Fong M, Lee W (2007) BotHunter: detecting malware infection through IDS-driven dialog correlation. In: Proceedings of the 16th USENIX Security Symposium on USENIX Security Symposium (SS\u201907)"},{"issue":"2","key":"3005_CR33","first-page":"161","volume":"2","author":"HR Zeidanloo","year":"2010","unstructured":"Zeidanloo HR, Manaf A, Ahmad R, Zamani M, Chaeikar S (2010) A proposed framework for P2P botnet detection. Int J Eng Technol 2(2):161","journal-title":"Int J Eng Technol"},{"key":"3005_CR34","unstructured":"Yen T-F, Reiter MK (2008) Traffic aggregation for malware detection. In: Proceedings of the 5th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA \u201808)"},{"key":"3005_CR35","unstructured":"Jelasity M, Bilicki V, et al (2009) Towards automated detection of peer-to-peer botnets: on the limits of local approaches. In: Proceedings of the 2nd USENIX Conference on Large-Scale Exploits and Emergent Threats: Botnets, Spyware, Worms, and More (LEET\u201909)"},{"key":"3005_CR36","doi-asserted-by":"crossref","unstructured":"Villamarin-Salomon R, Brustoloni JC (2008) Identifying botnets using anomaly detection techniques applied to DNS traffic. In: Proceedings of the 5th IEEE Consumer Communications and Networking Conference (CCNC\u201908)","DOI":"10.1109\/ccnc08.2007.112"},{"key":"3005_CR37","unstructured":"Nagaraja S, Mittal P, Hong CY, et al (2010) BotGrep: finding P2P bots with structured graph analysis. In: Proceedings of the 19th USENIX Conference on Security Symposium. Washington, USA, pp 1\u20137"},{"key":"3005_CR38","unstructured":"Gu GF, Perdisci R, Zhang JJ, Lee WK (2008) BotMiner: clustering analysis of network traffic for protocol and structure-independent botnet detection. In: Proceedings of the 17th USENIX Conference on Security Symposium. San Jose, USA, pp 139\u2013154"},{"key":"3005_CR39","unstructured":"Gu GF, Zhang JJ, Lee WK (2008) BotSniffer: detecting botnet command and control channels in network traffic. In: Proceedings of the Annual Network and Distributed System Security Symposium. San Diego, USA, pp 1\u201318"},{"key":"3005_CR40","unstructured":"Chen S-C, Chen Y-R, Tzeng W-G (2018) Effective botnet detection through neural networks on convolutional features. In: 2018 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications\/12th IEEE International Conference on Big Data Science And Engineering (TrustCom\/BigDataSE), pp 372\u2013378"},{"key":"3005_CR41","doi-asserted-by":"crossref","unstructured":"Livadas C, Walsh R, Lapsley D, Strayer T (2006) Analysis of flow records: don\u2019t know: using machine learning techniques to identify botnet traffic. In: Proceedings of the 31st IEEE Conference on Local Computer Networks","DOI":"10.1109\/LCN.2006.322210"},{"key":"3005_CR42","doi-asserted-by":"crossref","unstructured":"Bahsi H, N\u00f5mm S, La Torre FB (2018) Dimensionality reduction for machine learning based IoT botnet detection. In: 2018 15th International Conference on Control, Automation, Robotics and Vision (ICARCV), pp 1857\u20131862","DOI":"10.1109\/ICARCV.2018.8581205"},{"key":"3005_CR43","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1016\/j.cose.2013.04.007","volume":"39","author":"D Zhao","year":"2013","unstructured":"Zhao D, Traore I, Sayed B, Lu W, Saad S, Ghorbani A et al (2013) Botnet detection based on traffic behavior analysis and flow intervals. J Comput Secur 39:2\u201316","journal-title":"J Comput Secur"},{"issue":"8","key":"3005_CR44","doi-asserted-by":"publisher","first-page":"1796","DOI":"10.1109\/TCYB.2015.2490802","volume":"46","author":"OY Al-Jarrah","year":"2016","unstructured":"Al-Jarrah OY, Alhussein O, Yoo PD, Muhaidat S, Taha K, Kim K (2016) Data randomization and cluster-based partitioning for botnet intrusion detection. IEEE Trans Cybern 46(8):1796\u20131806","journal-title":"IEEE Trans Cybern"},{"issue":"3","key":"3005_CR45","doi-asserted-by":"publisher","first-page":"12","DOI":"10.1109\/MPRV.2018.03367731","volume":"17","author":"Y Meidan","year":"2018","unstructured":"Meidan Y, Bohadana M, Mathov Y, Mirsky Y, Shabtai A, Breitenbacher D, Elovici Y (2018) N-BaIoT\u2014network-based detection of IoT botnet attacks using deep autoencoders. IEEE Pervasive Comput 17(3):12\u201322","journal-title":"IEEE Pervasive Comput"},{"key":"3005_CR46","doi-asserted-by":"crossref","unstructured":"Gopal TS, Meerolla M, Jyostna G, Eswari PRL, Magesh E (2018) Mitigating Mirai malware spreading in IoT environment. In: 2018 International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp 2226\u20132230","DOI":"10.1109\/ICACCI.2018.8554643"},{"issue":"4","key":"3005_CR47","doi-asserted-by":"publisher","first-page":"968","DOI":"10.1109\/JIOT.2017.2704093","volume":"4","author":"J Habibi","year":"2017","unstructured":"Habibi J, Midi D, Mudgerikar A, Bertino E (2017) Heimdall: mitigating the internet of insecure things. IEEE Internet Things J 4(4):968\u2013978","journal-title":"IEEE Internet Things J"},{"key":"3005_CR48","doi-asserted-by":"crossref","unstructured":"Zeidanloo HR, Shooshtari MJZ, Amoli PV, Safari M, Zamani M (2010) A taxonomy of botnet detection techniques. In: IEEE","DOI":"10.1109\/ICCSIT.2010.5563555"},{"key":"3005_CR49","doi-asserted-by":"crossref","unstructured":"Anirudh M, Thileeban SA, Nallathambi DJ (2017) Use of honeypots for mitigating DoS attacks targeted on IoT networks. In: 2017 International Conference on Computer, Communication and Signal Processing (ICCCSP), pp 1\u20134","DOI":"10.1109\/ICCCSP.2017.7944057"},{"key":"3005_CR50","unstructured":"Khattab SM, Sangpachatanaruk C, Mosse D, Melhem R, Znati T (2014) Roaming honeypots for mitigating service-level denial-of-service attacks. In: 34th International Conference on Distributed Computing Systems, 2014. Proceedings. Tokyo, Japan, pp 328\u2013337"},{"key":"3005_CR51","unstructured":"Provos N (2012) A virtual honeypot framework. In: USENIX Security Symposium, vol 173, pp 1\u201314"},{"key":"3005_CR52","doi-asserted-by":"crossref","unstructured":"Eskandari S, Leoutsarakos A, Mursch T, Clark J (2018) A first look at browser-based cryptojacking. In: 2018 IEEE European Symposium on Security and Privacy Workshops, pp 58\u201366","DOI":"10.1109\/EuroSPW.2018.00014"},{"key":"3005_CR53","doi-asserted-by":"crossref","unstructured":"Zareh A, Zareh A (2018) BotcoinTrap: detection of bitcoin miner botnet using host based approach. In: 2018 15th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC), pp 1\u20136","DOI":"10.1109\/ISCISC.2018.8546867"},{"key":"3005_CR54","doi-asserted-by":"crossref","unstructured":"Carlin D, OrKane P, Sezer S, Burgess J (2018) Detecting cryptomining using dynamic analysis. In: 2018 16th Annual Conference on Privacy, Security and Trust (PST), pp 1\u20136","DOI":"10.1109\/PST.2018.8514167"},{"key":"3005_CR55","doi-asserted-by":"crossref","unstructured":"Hong G, Yang Z, Yang S, Zhang L, Nan Y, Zhang Z, Yang M et al (2018) How you get shot in the back: a systematical study about cryptojacking in the real world. In: 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS\u201918), pp 15\u201319","DOI":"10.1145\/3243734.3243840"},{"key":"3005_CR56","unstructured":"Saad M, Khormali A, Mohaisen A (2018) End-to-end analysis of in-browser cryptojacking. \narXiv:1809.02152\n\n [cs.CR], pp 1\u201315"},{"key":"3005_CR57","unstructured":"Wyke J, Labs S (2012) The zero access botnet\u2013mining and fraud for massive financial gain, pp 1\u201360"}],"container-title":["The Journal of Supercomputing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11227-019-03005-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11227-019-03005-2\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11227-019-03005-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,10,12]],"date-time":"2020-10-12T23:12:41Z","timestamp":1602544361000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11227-019-03005-2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,10,14]]},"references-count":57,"journal-issue":{"issue":"12","published-print":{"date-parts":[[2019,12]]}},"alternative-id":["3005"],"URL":"https:\/\/doi.org\/10.1007\/s11227-019-03005-2","relation":{},"ISSN":["0920-8542","1573-0484"],"issn-type":[{"value":"0920-8542","type":"print"},{"value":"1573-0484","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,10,14]]},"assertion":[{"value":"14 October 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}