{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,21]],"date-time":"2026-02-21T18:51:11Z","timestamp":1771699871866,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":31,"publisher":"ACM","license":[{"start":{"date-parts":[[2009,6,16]],"date-time":"2009-06-16T00:00:00Z","timestamp":1245110400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100002994","name":"Ministry of Knowledge Economy","doi-asserted-by":"publisher","award":["IITA-2009-C1090-0902-0016IITA-2009-2009-S-026-01"],"award-info":[{"award-number":["IITA-2009-C1090-0902-0016IITA-2009-2009-S-026-01"]}],"id":[{"id":"10.13039\/501100002994","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2009,6,16]]},"DOI":"10.1145\/1621890.1621893","type":"proceedings-article","created":{"date-parts":[[2009,10,20]],"date-time":"2009-10-20T12:43:40Z","timestamp":1256042620000},"page":"1-8","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":66,"title":["BotGAD"],"prefix":"10.1145","author":[{"given":"Hyunsang","family":"Choi","sequence":"first","affiliation":[{"name":"Korea University, Seoul, South Korea"}]},{"given":"Heejo","family":"Lee","sequence":"additional","affiliation":[{"name":"Korea University, Seoul, South Korea"}]},{"given":"Hyogon","family":"Kim","sequence":"additional","affiliation":[{"name":"Korea University, Seoul, South Korea"}]}],"member":"320","published-online":{"date-parts":[[2009,6,16]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Special Workshop on Malware Detection, Advances in Information Security, Springer Verlag.","author":"Barford P."},{"key":"e_1_3_2_1_2_1","volume-title":"The 2nd Workshop on Steps to Reducing Unwanted Traffic on the Internet (SRUTI '06)","author":"Binkley J. R.","year":"2006"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.5555\/1317531.1317931"},{"key":"e_1_3_2_1_4_1","volume-title":"The 1st Workshop on Steps to Reducing Unwanted Traffic on the Internet (SRUTI '05)","author":"Cooke E.","year":"2005"},{"key":"e_1_3_2_1_5_1","unstructured":"Cyber-TA. SRI Honeynet and BotHunter Malware Analysis Automatic Summary Analysis Table. http:\/\/www.cyber-ta.org\/releases\/malware-analysis\/public\/.  Cyber-TA. SRI Honeynet and BotHunter Malware Analysis Automatic Summary Analysis Table. http:\/\/www.cyber-ta.org\/releases\/malware-analysis\/public\/."},{"key":"e_1_3_2_1_6_1","volume-title":"OARC Workshop, 2005","author":"Dagon D.","year":"2005"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2007.44"},{"key":"e_1_3_2_1_8_1","unstructured":"Domaincrawler. Domain Information Services. http:\/\/www.domaincrawler.com\/.  Domaincrawler. Domain Information Services. http:\/\/www.domaincrawler.com\/."},{"key":"e_1_3_2_1_9_1","volume-title":"Proceedings of the 1st Workshop on Hot Topics in Understanding Botnets (HotBots'07)","author":"Goebel J.","year":"2007"},{"key":"e_1_3_2_1_10_1","volume-title":"Proceedings of the 1st Workshop on Hot Topics in Understanding Botnets (HotBots'07)","author":"Grizzard J.","year":"2007"},{"key":"e_1_3_2_1_11_1","volume-title":"Proceedings of the 17th USENIX Security Symposium (Security'08)","author":"Gu G.","year":"2008"},{"key":"e_1_3_2_1_12_1","volume-title":"Proceedings of the 16th USENIX Security Symposium (Security'07)","author":"Gu G.","year":"2007"},{"key":"e_1_3_2_1_13_1","volume-title":"Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS'08)","author":"Gu G.","year":"2008"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1016\/S1353-4858(07)70005-3"},{"key":"e_1_3_2_1_15_1","volume-title":"Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS'08)","author":"Holz T.","year":"2008"},{"key":"e_1_3_2_1_16_1","volume-title":"Proceedings of the Firts workshop on Large-scale Exploits and Emergent Threats (LEET'08)","author":"Holz T.","year":"2008"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMSWA.2008.4554418"},{"key":"e_1_3_2_1_18_1","unstructured":"J. Jones. Botnets: Detection and mitigation Feb 2003. FEDCIRC.  J. Jones. Botnets: Detection and mitigation Feb 2003. FEDCIRC."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.5555\/1323128.1323135"},{"key":"e_1_3_2_1_20_1","unstructured":"Korea Information Security Agency (KISA). Botnet C&C server domain list. http:\/\/www.knsp.org\/sink_dns\/total.uniq.dns.rr.txt.  Korea Information Security Agency (KISA). Botnet C&C server domain list. http:\/\/www.knsp.org\/sink_dns\/total.uniq.dns.rr.txt."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-85886-7_7"},{"key":"e_1_3_2_1_22_1","unstructured":"Microsoft Help and Support. http:\/\/support.microsoft.com\/kb\/318803.  Microsoft Help and Support. http:\/\/support.microsoft.com\/kb\/318803."},{"key":"e_1_3_2_1_23_1","unstructured":"Nmap Network Mapper. Free Security Scanner. http:\/\/nmap.org\/.  Nmap Network Mapper. Free Security Scanner. http:\/\/nmap.org\/."},{"key":"e_1_3_2_1_24_1","first-page":"1459","year":"1993","journal-title":"J. Oikarinen and D. Reed. Internet Relay Chat Protocol. RFC"},{"key":"e_1_3_2_1_25_1","volume-title":"The 2nd Workshop on Steps to Reducing Unwanted Traffic on the Internet (SRUTI '06)","author":"Ramachandran A.","year":"2006"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.5555\/1496702.1496707"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/1402958.1402991"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"crossref","unstructured":"P. Vixie S. Thomson Y. Rekhter and J. Bound. Dynamic updates in the domain name system (DNS update) 1997. http:\/\/www.faqs.org\/rfcs\/rfc2136.html\/.  P. Vixie S. Thomson Y. Rekhter and J. Bound. Dynamic updates in the domain name system (DNS update) 1997. http:\/\/www.faqs.org\/rfcs\/rfc2136.html\/.","DOI":"10.17487\/rfc2136"},{"key":"e_1_3_2_1_29_1","unstructured":"Wikipedia. Network Access Control. http:\/\/en.wikipedia.org\/wiki\/Network_Access_Control.  Wikipedia. Network Access Control. http:\/\/en.wikipedia.org\/wiki\/Network_Access_Control."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1282380.1282415"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.5555\/1387709.1387711"}],"event":{"name":"COMSWARE '09: Fourth International Conference on Communication System Software and Middleware","location":"Dublin Ireland","acronym":"COMSWARE '09","sponsor":["SIGAPP ACM Special Interest Group on Applied Computing","ACM Association for Computing Machinery","Create-Net","SIGSOFT ACM Special Interest Group on Software Engineering"]},"container-title":["Proceedings of the Fourth International ICST Conference on COMmunication System softWAre and middlewaRE"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1621890.1621893","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1621890.1621893","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T13:58:03Z","timestamp":1750255083000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1621890.1621893"}},"subtitle":["detecting botnets by capturing group activities in network traffic"],"short-title":[],"issued":{"date-parts":[[2009,6,16]]},"references-count":31,"alternative-id":["10.1145\/1621890.1621893","10.1145\/1621890"],"URL":"https:\/\/doi.org\/10.1145\/1621890.1621893","relation":{},"subject":[],"published":{"date-parts":[[2009,6,16]]},"assertion":[{"value":"2009-06-16","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}