{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,22]],"date-time":"2026-03-22T06:27:34Z","timestamp":1774160854938,"version":"3.50.1"},"reference-count":41,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2020,9,15]],"date-time":"2020-09-15T00:00:00Z","timestamp":1600128000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,9,15]],"date-time":"2020-09-15T00:00:00Z","timestamp":1600128000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"funder":[{"DOI":"10.13039\/501100004595","name":"Universiti Sains Malaysia","doi-asserted-by":"publisher","award":["1001\/ PKOMP\/ 8014017"],"award-info":[{"award-number":["1001\/ PKOMP\/ 8014017"]}],"id":[{"id":"10.13039\/501100004595","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Comput Virol Hack Tech"],"published-print":{"date-parts":[[2021,3]]},"DOI":"10.1007\/s11416-020-00367-7","type":"journal-article","created":{"date-parts":[[2020,9,15]],"date-time":"2020-09-15T18:15:30Z","timestamp":1600193730000},"page":"61-74","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":10,"title":["The effects of feature selection on the classification of encrypted botnet"],"prefix":"10.1007","volume":"17","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4143-6305","authenticated-orcid":false,"given":"Zahian","family":"Ismail","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Aman","family":"Jantan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mohd. Najwadi","family":"Yusoff","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Muhammad Ubale","family":"Kiru","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,9,15]]},"reference":[{"key":"367_CR1","unstructured":"Cisco.: Enterprise Network Security - Encrypted Traffic Analytics (ETA). https:\/\/www.cisco.com\/c\/en\/us\/solutions\/enterprise-networks\/enterprise-network-security\/eta.html#~stickynav=1 (2019). Accessed 22 March 2019"},{"key":"367_CR2","unstructured":"Schwartz, M.J.: Police disrupt banking malware botnet but worldwide impact of ramnit takedown may prove temporary. https:\/\/www.bankinfosecurity.com\/european-police-target-ramnit-botnet-a-7947 (2015). Accessed 20 March 2019"},{"key":"367_CR3","unstructured":"CyberSecurity Malaysia.: Malaysia vs Malware. http:\/\/www.cybersecurity.my\/en\/knowledge_bank\/news\/2010\/main\/detail\/1900\/index.html (2010). Accessed 12 May 2016"},{"key":"367_CR4","unstructured":"Cloudbric.: 3 devastating cyber attacks on banks that show how vulnerable our money is. https:\/\/www.cloudbric.com\/blog\/2015\/09\/3-devastating-cyberattacks-on-banks-that-show-how-vulnerable-our-money-is\/ (2018). Accessed 21 March 2019"},{"key":"367_CR5","unstructured":"Zelster, L.: When bots use social media for command and control. https:\/\/zeltser.com\/bots-command-and-control-via-social-media\/ (2015). Accessed 24 March 2019"},{"key":"367_CR6","unstructured":"Bortolameotti, R.: C&C botnet detection over SSL. Master Thesis. https:\/\/pdfs.semanticscholar.org\/5a2e\/8739648c9a8a1b57c090845df28a8ffac2b6.pdf (2014)"},{"key":"367_CR7","unstructured":"Davis, G.: Social media swamped by social botnets. https:\/\/securingtomorrow.mcafee.com\/consumer\/consumer-threat-notices\/social-networks-but-for-botnets\/ (2015). Accessed 12 Feb 2019"},{"key":"367_CR8","unstructured":"Zilles, C.: What the heck is a social media botnet and why should i care?. https:\/\/socialmediahq.com\/heck-social-media-botnet-care\/ (2017). Accessed 5 March 2019"},{"key":"367_CR9","unstructured":"Leonard, J.: Necurs botnet in new phishing attack on banks. https:\/\/www.computing.co.uk\/ctg\/news\/3061278\/necurs-botnet-in-new-phishing-attack-on-banks (2018). Accessed 20 March 2019"},{"key":"367_CR10","unstructured":"Gooley, D.: The rise in SSL-based threats. https:\/\/www.zscaler.com\/blogs\/research\/rise-ssl-based-threats (2017). Accessed 10 Feb 2019"},{"key":"367_CR11","unstructured":"Desai, D.: SSL\/TLS-based malware attacks. https:\/\/www.zscaler.com\/blogs\/research\/ssltls-based-malware-attacks (2017). Accessed 20 March 2019"},{"key":"367_CR12","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOM.2013.6567180","author":"H Zhang","year":"2013","unstructured":"Zhang, H., Papadopoulos, C., Massey, D.: Detecting encrypted botnet traffic. Proc. IEEE INFOCOM (2013). https:\/\/doi.org\/10.1109\/INFCOM.2013.6567180","journal-title":"Proc. IEEE INFOCOM"},{"key":"367_CR13","doi-asserted-by":"publisher","unstructured":"Tyagi, R., Paul, T., Manoj, B.S., Thanudas, B.: A novel HTTP botnet traffic detection method. In: 12th IEEE International Conference Electronics, Energy, Environment, Communication, Computer, Control: (E3-C3), INDICON 2015, pp. 1\u20136 (2015). https:\/\/doi.org\/10.1109\/INDICON.2015.7443675","DOI":"10.1109\/INDICON.2015.7443675"},{"key":"367_CR14","doi-asserted-by":"publisher","unstructured":"Sherry, J., Lan, C., Popa, R.A., Ratnasamy, S.: BlindBox: deep packet inspection over encrypted traffic. In: Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication - SIGCOMM \u201915, pp. 213\u2013226 (2015). https:\/\/doi.org\/10.1145\/2785956.2787502","DOI":"10.1145\/2785956.2787502"},{"key":"367_CR15","unstructured":"Burghouwt, P.: Detection of botnet command and control traffic in enterprise networks. Ph.D. Thesis, The Hague University of Applied Science, Netherlands (2015)"},{"key":"367_CR16","unstructured":"Zhang, H.: Detecting advanced botnets in enterprise networks. Ph.D. Thesis, 2017, Department of Computer Science, Colorado State University, USA (2017)"},{"key":"367_CR17","doi-asserted-by":"publisher","unstructured":"Tegeler, F., Fu, X., Vigna, G., Kruegel, C.: BotFinder: finding bots in network traffic without deep packet inspection. In: Proceedings of the 8th International Conference on Emerging Networking Experiments and Technologies - CoNEXT \u201912, p. 349 (2012). https:\/\/doi.org\/10.1145\/2413176.2413217","DOI":"10.1145\/2413176.2413217"},{"key":"367_CR18","doi-asserted-by":"publisher","unstructured":"Wang, Y.: Encrypted botnet detection scheme. In: Proceedings - 2014 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2014, pp. 559\u2013565 (2014). https:\/\/doi.org\/10.1109\/3PGCIC.2014.110","DOI":"10.1109\/3PGCIC.2014.110"},{"key":"367_CR19","first-page":"54","volume-title":"Detecting Encrypted Traffic: A Machine Learning Approach","author":"S Cha","year":"2017","unstructured":"Cha, S., Kim, H.: Detecting Encrypted Traffic: A Machine Learning Approach, pp. 54\u201365. Springer, Cham (2017)"},{"key":"367_CR20","doi-asserted-by":"crossref","unstructured":"Rossow, C., Dietrich, C.J.: ProVeX: detecting botnets with encrypted command and control channels. In: International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA), 18\u201319 July 2013, Berlin, Germany, pp. 21\u201340 (2013)","DOI":"10.1007\/978-3-642-39235-1_2"},{"key":"367_CR21","unstructured":"Beker, J.: Botnets: detecting encrypted command and control channels via traffic analysis. Report (2005)"},{"key":"367_CR22","unstructured":"Sorensen, N.V., Sorensen, S.B., Feuz, K.D., Kerzhner, G., Mano, C.D.: Detecting covert botnets using communication patterns (2009)"},{"key":"367_CR23","unstructured":"Computer Economics.: Malware report: the economic impact of viruses, Spyware, Adware, Bot-Nets, and Other Malicious Code. http:\/\/www.computereconomics.com (2011). Accessed 22 March 2019"},{"key":"367_CR24","doi-asserted-by":"publisher","first-page":"100","DOI":"10.1016\/j.cose.2014.05.011","volume":"45","author":"S Garcia","year":"2014","unstructured":"Garcia, S., Grill, M., Stiborek, J., Zunino, A.: An empirical comparison of botnet detection methods. Comput. Secur. 45, 100\u2013123 (2014)","journal-title":"Comput. Secur."},{"key":"367_CR25","doi-asserted-by":"crossref","unstructured":"Arshad, S., Abbaspour, M., Kharrazi, M., Sanatkar, H.: An anomaly-based botnet detection approach for identifying stealthy botnets (2011)","DOI":"10.1109\/ICCAIE.2011.6162198"},{"issue":"2","key":"367_CR26","doi-asserted-by":"publisher","first-page":"475","DOI":"10.1016\/j.comnet.2012.06.019","volume":"57","author":"CJ Dietrich","year":"2013","unstructured":"Dietrich, C.J., Rossow, C., Pohlmann, N.: CoCoSpot: clustering and recognizing botnet command and control channels using traffic analysis. Comput. Netw. 57(2), 475\u2013486 (2013). https:\/\/doi.org\/10.1016\/j.comnet.2012.06.019","journal-title":"Comput. Netw."},{"issue":"2","key":"367_CR27","first-page":"1440","volume":"3","author":"RS Roshna","year":"2013","unstructured":"Roshna, R.S., Ewards, V.: Botnet detection using adaptive neuro fuzzy inference. System 3(2), 1440\u20131445 (2013)","journal-title":"System"},{"key":"367_CR28","unstructured":"Bilge, L.: EXPOSURE\u202f: a passive DNS analysis service to detect and report malicious domains. ACM Trans. Inf. Syst. Secur. (TISSEC14), 4 (2011)"},{"key":"367_CR29","doi-asserted-by":"publisher","unstructured":"Saad, S., Traore, I., Ghorbani, A., Sayed, B., Zhao, D., Lu, W., Hakimian, P.: Detecting P2P botnets through network behavior analysis and machine learning. In: 2011 Ninth Annual International Conference on Privacy Security and Trust, pp. 174\u2013180 (2011). https:\/\/doi.org\/10.1109\/PST.2011.5971980","DOI":"10.1109\/PST.2011.5971980"},{"key":"367_CR30","unstructured":"Warmer, M.: Detection of web-based command & control channels, (November). Master Thesis, University of Twente, Netherlands. http:\/\/essay.utwente.nl\/61232\/ (2011)"},{"key":"367_CR31","doi-asserted-by":"publisher","unstructured":"Shanti, K., Seenivasan, D.: Detection of botnet by analyzing network traffic flow characteristics using open source tools. In: 2015 IEEE 9th International Conference on Intelligent Systems and Control (ISCO), 9\u201310 January 2015, Andhra Pradesh, India (2015). https:\/\/doi.org\/10.1109\/isco.2015.7282353","DOI":"10.1109\/isco.2015.7282353"},{"key":"367_CR32","doi-asserted-by":"publisher","unstructured":"Richer, T.J.: Entropy-based detection of botnet command and control. In: Proceedings of the Australasian Computer Science Week Multiconference on - ACSW \u201917, pp. 1\u20134 (2017). https:\/\/doi.org\/10.1145\/3014812.3014889","DOI":"10.1145\/3014812.3014889"},{"key":"367_CR33","unstructured":"MCFP (Malware Capture Facility Project \u2013 CTU University). https:\/\/mcfp.weebly.com\/mcfp-dataset.html. Accessed 15 Aug 2018"},{"key":"367_CR34","unstructured":"Beigi, E.B., Jazi, H.H., Stakhanova, N., Ghorbani, A.A.: Towards effective feature selection in machine learning-based botnet detection approaches. In: 2014 IEEE Conference on Communications and Network Security, pp. 247\u2013255. IEEE (2014)"},{"issue":"8","key":"367_CR35","first-page":"45","volume":"9","author":"S Buriya","year":"2015","unstructured":"Buriya, S., Patel, A.K., Yadav, S.S., Buriya, S., Patel, A.K., Yadav, S.S.: Botnet behavior analysis using Na\u00efve Bayes classification algorithm without deep packet. Int. J. Comput. Eng. Appl. 9(8), 45\u201354 (2015)","journal-title":"Int. J. Comput. Eng. Appl."},{"key":"367_CR36","unstructured":"Ritu, Kaushal, R.: Machine learning approach for botnets detection. In: 3rd Security and Privacy Symposium, 13\u201314 February 2015, IIIT \u2013 Delhi (2015)"},{"key":"367_CR37","doi-asserted-by":"crossref","unstructured":"Jianguo, J., Qi, B., Zhixin, S., Wang, Y., Lv, B.: Botnet detection method analysis on the effect of feature extraction. In: 2016 IEEE Trustcom\/BigDataSE\/ISPA, pp. 1882\u20131888. IEEE","DOI":"10.1109\/TrustCom.2016.0288"},{"key":"367_CR38","doi-asserted-by":"publisher","first-page":"91","DOI":"10.1016\/j.compeleceng.2016.01.012","volume":"50","author":"G Kirubavathi","year":"2016","unstructured":"Kirubavathi, G., Anitha, R.: Botnet detection via mining of traffic flow characteristics. Comput. Electr. Eng. 50, 91\u2013101 (2016). https:\/\/doi.org\/10.1016\/j.compeleceng.2016.01.012","journal-title":"Comput. Electr. Eng."},{"key":"367_CR39","unstructured":"NIMS (Network Information Management and Security Group - Dalhousie University), https:\/\/projects.cs.dal.ca\/projectx\/Download.html. Accessed 15 Aug 2018"},{"key":"367_CR40","doi-asserted-by":"crossref","unstructured":"Haddadi, F., Zincir-Heywood, A.N.: Botnet detection system analysis on the effect of botnet evolution and feature representation. In: Proceedings of the Companion Publication of the 2015 Annual Conference on Genetic and Evolutionary Computation, pp. 893\u2013900. ACM","DOI":"10.1145\/2739482.2768435"},{"key":"367_CR41","doi-asserted-by":"crossref","unstructured":"Awad, M., Khanna, R.: Support vector machines for classification. In: Efficient Learning Machines, pp. 39\u201366. Apress, Berkeley, CA (2015)","DOI":"10.1007\/978-1-4302-5990-9_3"}],"container-title":["Journal of Computer Virology and Hacking Techniques"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-020-00367-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11416-020-00367-7\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-020-00367-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,9,15]],"date-time":"2021-09-15T00:42:08Z","timestamp":1631666528000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11416-020-00367-7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,9,15]]},"references-count":41,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2021,3]]}},"alternative-id":["367"],"URL":"https:\/\/doi.org\/10.1007\/s11416-020-00367-7","relation":{},"ISSN":["2263-8733"],"issn-type":[{"value":"2263-8733","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,9,15]]},"assertion":[{"value":"22 November 2019","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"31 August 2020","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"15 September 2020","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}