{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,25]],"date-time":"2025-10-25T14:22:40Z","timestamp":1761402160613},"reference-count":28,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2021,4,30]],"date-time":"2021-04-30T00:00:00Z","timestamp":1619740800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,4,30]],"date-time":"2021-04-30T00:00:00Z","timestamp":1619740800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["SN COMPUT. SCI."],"published-print":{"date-parts":[[2021,7]]},"DOI":"10.1007\/s42979-021-00634-4","type":"journal-article","created":{"date-parts":[[2021,5,3]],"date-time":"2021-05-03T10:49:51Z","timestamp":1620038991000},"update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["A Novel Approach of Botnets Detection Based on Analyzing Dynamical Network Traffic Behavior"],"prefix":"10.1007","volume":"2","author":[{"given":"Mahboubeh","family":"Nazari","sequence":"first","affiliation":[]},{"given":"Zahra","family":"Dahmardeh","sequence":"additional","affiliation":[]},{"given":"Sobhan","family":"Aliabady","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,4,30]]},"reference":[{"issue":"28","key":"634_CR1","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1016\/j.diin.2018.12.005","volume":"1","author":"M Singh","year":"2019","unstructured":"Singh M, Singh M, Kaur S. Detecting bot-infected machines using DNS fingerprinting. Digit Investig. 2019;1(28):14\u201333.","journal-title":"Digit Investig"},{"issue":"123","key":"634_CR2","doi-asserted-by":"publisher","first-page":"212","DOI":"10.1016\/j.eswa.2019.01.029","volume":"1","author":"MW Al-Nabki","year":"2019","unstructured":"Al-Nabki MW, Fidalgo E, Alegre E, Fern\u00e1ndez-Robles L. Torank: identifying the most influential suspicious domains in the tor network. Expert Syst Appl. 2019;1(123):212\u201326.","journal-title":"Expert Syst Appl"},{"issue":"50","key":"634_CR3","doi-asserted-by":"publisher","first-page":"91","DOI":"10.1016\/j.compeleceng.2016.01.012","volume":"1","author":"G Kirubavathi","year":"2016","unstructured":"Kirubavathi G, Anitha R. Botnet detection via mining of traffic flow characteristics. Comput Electr Eng. 2016;1(50):91\u2013101.","journal-title":"Comput Electr Eng"},{"key":"634_CR4","first-page":"1","volume":"27","author":"K Alieyan","year":"2019","unstructured":"Alieyan K, Almomani A, Anbar M, Alauthman M, Abdullah R, Gupta BB. DNS rule-based schema to botnet detection. Enterp Inf Syst. 2019;27:1\u201320.","journal-title":"Enterp Inf Syst"},{"issue":"5","key":"634_CR5","doi-asserted-by":"publisher","first-page":"43","DOI":"10.3390\/fi10050043","volume":"10","author":"XD Hoang","year":"2018","unstructured":"Hoang XD, Nguyen QC. Botnet detection based on machine learning techniques using DNS query data. Future Internet. 2018;10(5):43.","journal-title":"Future Internet"},{"issue":"2","key":"634_CR6","first-page":"7","volume":"11","author":"P Amini","year":"2019","unstructured":"Amini P, Azmi R, Araghizadeh MA. Analysis of network traffic flows for centralized botnet detection. J Telecommun Electron Comput Eng (JTEC). 2019;11(2):7\u201317.","journal-title":"J Telecommun Electron Comput Eng (JTEC)."},{"issue":"150","key":"634_CR7","doi-asserted-by":"publisher","first-page":"102479","DOI":"10.1016\/j.jnca.2019.102479","volume":"15","author":"M Alauthman","year":"2020","unstructured":"Alauthman M, Aslam N, Al-Kasassbeh M, Khan S, Al-Qerem A, Choo KK. An efficient reinforcement learning-based Botnet detection approach. J Netw Comput Appl. 2020;15(150):102479.","journal-title":"J Netw Comput Appl"},{"key":"634_CR8","doi-asserted-by":"crossref","unstructured":"Biradar AD, Padmavathi B. BotHook: a supervised machine learning approach for botnet detection using DNS query data. In: ICCCE 2019. Singapore: Springer; 2020. p. 261\u201369.","DOI":"10.1007\/978-981-13-8715-9_31"},{"key":"634_CR9","first-page":"1","volume":"20","author":"TA Tuan","year":"2019","unstructured":"Tuan TA, Long HV, Kumar R, Priyadarshini I, Son NT. Performance evaluation of Botnet DDoS attack detection using machine learning. Evol Intel. 2019;20:1\u20132.","journal-title":"Evol Intel"},{"key":"634_CR10","doi-asserted-by":"crossref","unstructured":"Perc M. Diffusion dynamics and information spreading in multilayer networks: an overview. 2019;2351\u20135.","DOI":"10.1140\/epjst\/e2019-900201-4"},{"issue":"5","key":"634_CR11","first-page":"665","volume":"5","author":"M Jalili","year":"2017","unstructured":"Jalili M, Perc M. Information cascades in complex networks. J Complex Netw. 2017;5(5):665\u201393.","journal-title":"J Complex Netw"},{"issue":"511","key":"634_CR12","doi-asserted-by":"publisher","first-page":"284","DOI":"10.1016\/j.ins.2019.09.024","volume":"1","author":"W Wang","year":"2020","unstructured":"Wang W, Shang Y, He Y, Li Y, Liu J. BotMark: automated botnet detection with hybrid analysis of flow-based and graph-based traffic behaviors. Inf Sci. 2020;1(511):284\u201396.","journal-title":"Inf Sci"},{"key":"634_CR13","unstructured":"Khoshhalpour E, Shahriari HR. BotRevealer: behavioral detection of botnets based on botnet life-cycle. In: ISeCure, vol 10, no 1. 2018."},{"key":"634_CR14","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1016\/j.cose.2013.04.007","volume":"39","author":"D Zhao","year":"2013","unstructured":"Zhao D, Traore I, Sayed B, Lu W, Saad S, Ghorbani A, Garant D. Botnet detection based on traffic behavior analysis and flow intervals. Comput Secur. 2013;39:2\u201316.","journal-title":"Comput Secur."},{"key":"634_CR15","first-page":"42","volume":"21","author":"CM Chen","year":"2015","unstructured":"Chen CM, Lin HC. Detecting botnet by anomalous traffic. J Inf Secur Appl. 2015;21:42\u201351.","journal-title":"J Inf Secur Appl."},{"issue":"12","key":"634_CR16","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1016\/j.diin.2014.11.001","volume":"1","author":"R Sharifnya","year":"2015","unstructured":"Sharifnya R, Abadi M. Dfbotkiller: domain-flux botnet detection based on the history of group activities and failures in dns traffic. Digit Investig. 2015;1(12):15\u201326.","journal-title":"Digit Investig"},{"issue":"4","key":"634_CR17","doi-asserted-by":"publisher","first-page":"700","DOI":"10.1109\/LCOMM.2016.2517622","volume":"20","author":"SM Nezhad","year":"2016","unstructured":"Nezhad SM, Nazari M, Gharavol EA. A novel DoS and DDoS attacks detection algorithm using ARIMA time series model and chaotic system in computer networks. IEEE Commun Lett. 2016;20(4):700\u20133.","journal-title":"IEEE Commun Lett"},{"key":"634_CR18","unstructured":"Sebastian G. CTU-Malware-Capture-Botnet-254-1. Malware Capture Facility Project, May 2017, Retrieved from https:\/\/stratosphereips.org. Available from: https:\/\/mcfp.felk.cvut.cz\/publicDatasets\/CTU-Malware-Capture-Botnet-254-1\/."},{"key":"634_CR19","doi-asserted-by":"publisher","unstructured":"Shiravi A, Shiravi H, Tavallaee M, Ghorbani AA. Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput Secur. 2012;31(3):357\u201374. https:\/\/doi.org\/10.1016\/j.cose.2011.12.012. Available from: https:\/\/www.unb.ca\/cic\/datasets\/botnet.html(ISSN 0167-4048).","DOI":"10.1016\/j.cose.2011.12.012"},{"issue":"2","key":"634_CR20","doi-asserted-by":"publisher","first-page":"378","DOI":"10.1016\/j.comnet.2012.07.021","volume":"57","author":"SS Silva","year":"2013","unstructured":"Silva SS, Silva RM, Pinto RC, Salles RM. Botnets: a survey. Comput Netw. 2013;57(2):378\u2013403.","journal-title":"Comput Netw"},{"key":"634_CR21","doi-asserted-by":"crossref","unstructured":"Dietrich CJ, Rossow C, Freiling FC, Bos H, Van Steen M, Pohlmann N. On Botnets that use DNS for command and control. In: 2011 seventh european conference on computer network defense. IEEE. 2011. p. 9\u201316.","DOI":"10.1109\/EC2ND.2011.16"},{"issue":"2","key":"634_CR22","doi-asserted-by":"publisher","first-page":"898","DOI":"10.1109\/SURV.2013.091213.00134","volume":"16","author":"S Khattak","year":"2013","unstructured":"Khattak S, Ramay NR, Khan KR, Syed AA, Khayam SA. A taxonomy of botnet behavior, detection, and defense. IEEE Commun Surv Tutor. 2013;16(2):898\u2013924.","journal-title":"IEEE Commun Surv Tutor"},{"issue":"8","key":"634_CR23","first-page":"1","volume":"28","author":"E Stinson","year":"2008","unstructured":"Stinson E, Mitchell JC. Towards systematic evaluation of the evadability of Bot\/Botnet detection methods. WOOT. 2008;28(8):1\u20139.","journal-title":"WOOT"},{"key":"634_CR24","unstructured":"Zhang X. ActiBot: a botnet to evade active detection. 2011."},{"key":"634_CR25","doi-asserted-by":"crossref","unstructured":"Ying W. Encrypted botnet detection scheme. In: 2014 ninth international conference on P2P, parallel, grid, cloud and internet computing. IEEE. 2014. p. 559\u201365.","DOI":"10.1109\/3PGCIC.2014.110"},{"issue":"1","key":"634_CR26","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1016\/j.comnet.2011.07.018","volume":"56","author":"H Choi","year":"2012","unstructured":"Choi H, Lee H. Identifying botnets by capturing group activities in DNS traffic. Comput Netw. 2012;56(1):20\u201333.","journal-title":"Comput Netw"},{"key":"634_CR27","doi-asserted-by":"crossref","unstructured":"Pomorova O, Savenko O, Lysenko S, Kryshchuk A, Bobrovnikova K. Anti-evasion technique for the botnets detection based on the passive DNS monitoring and active DNS probing. In: International conference on computer networks. Cham: Springer; 2016. p. 83\u201395.","DOI":"10.1007\/978-3-319-39207-3_8"},{"key":"634_CR28","doi-asserted-by":"crossref","unstructured":"Lysenko S, Pomorova O, Savenko O, Kryshchuk A, Bobrovnikova K. DNS-based anti-evasion technique for botnets detection. In: 2015 IEEE 8th international conference on intelligent data acquisition and advanced computing systems: technology and applications (IDAACS), vol. 1. IEEE. 2015. p. 453\u201358.","DOI":"10.1109\/IDAACS.2015.7340777"}],"container-title":["SN Computer Science"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s42979-021-00634-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s42979-021-00634-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s42979-021-00634-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,6,26]],"date-time":"2021-06-26T20:11:18Z","timestamp":1624738278000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s42979-021-00634-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,4,30]]},"references-count":28,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2021,7]]}},"alternative-id":["634"],"URL":"https:\/\/doi.org\/10.1007\/s42979-021-00634-4","relation":{},"ISSN":["2662-995X","2661-8907"],"issn-type":[{"value":"2662-995X","type":"print"},{"value":"2661-8907","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,4,30]]},"assertion":[{"value":"6 December 2020","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"5 April 2021","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"30 April 2021","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"On behalf of all authors, the corresponding author states that there is no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}],"article-number":"247"}}