{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,6,21]],"date-time":"2024-06-21T20:54:59Z","timestamp":1719003299028},"reference-count":42,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2014,10,8]],"date-time":"2014-10-08T00:00:00Z","timestamp":1412726400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/2.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["EURASIP J. on Info. Security"],"published-print":{"date-parts":[[2014,12]]},"DOI":"10.1186\/s13635-014-0015-3","type":"journal-article","created":{"date-parts":[[2014,10,7]],"date-time":"2014-10-07T14:04:13Z","timestamp":1412690653000},"update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":12,"title":["PeerShark: flow-clustering and conversation-generation for malicious peer-to-peer traffic identification"],"prefix":"10.1186","volume":"2014","author":[{"given":"Pratik","family":"Narang","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Chittaranjan","family":"Hota","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"VN","family":"Venkatakrishnan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2014,10,8]]},"reference":[{"key":"15_CR1","unstructured":"Ipoque Internet study 2008\/2009. Accessed 4 Jan 2014., [ http:\/\/www.ipoque.com\/en\/resources\/internet-studies ]"},{"issue":"4","key":"15_CR2","doi-asserted-by":"publisher","first-page":"335","DOI":"10.1145\/1041680.1041681","volume":"36","author":"S Androutsellis-Theotokis","year":"2004","unstructured":"Androutsellis-Theotokis S, Spinellis D: A survey of peer-to-peer content distribution technologies. ACM Comput. Surv 2004, 36(4):335-371. 10.1145\/1041680.1041681","journal-title":"ACM Comput. Surv"},{"key":"15_CR3","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1109\/SPW.2013.11","volume-title":"Proceedings of the 2013 IEEE Security and Privacy Workshops (SPW \u201913)","author":"P Kopiczko","year":"2013","unstructured":"Kopiczko P, Mazurczyk W, Szczypiorski K: Stegtorrent: a steganographic method for the p2p file sharing service. In Proceedings of the 2013 IEEE Security and Privacy Workshops (SPW \u201913). IEEE Computer Society, Washington, DC, USA; 2013:151-157."},{"issue":"2","key":"15_CR4","doi-asserted-by":"publisher","first-page":"349","DOI":"10.1007\/s10551-007-9424-2","volume":"80","author":"R-A Shang","year":"2008","unstructured":"Shang R-A, Chen Y-C, Chen P-C: Ethical decisions about sharing music files in the p2p environment. J. Bus. Ethics 2008, 80(2):349-365. 10.1007\/s10551-007-9424-2","journal-title":"J. Bus. Ethics"},{"key":"15_CR5","doi-asserted-by":"publisher","first-page":"111","DOI":"10.1145\/1851182.1851198","volume-title":"Proceedings of the ACM SIGCOMM 2010 Conference","author":"T Isdal","year":"2010","unstructured":"Isdal T, Piatek M, Krishnamurthy A, Anderson T: Privacy-preserving p2p data sharing with oneswarm. In Proceedings of the ACM SIGCOMM 2010 Conference. ACM, New York, NY, USA; 2010:111-122."},{"key":"15_CR6","unstructured":"Sandvine Global Internet Phenomena Report 2013. Accessed 4 Jan 2014., [ https:\/\/www.sandvine.com\/trends\/global-internet-phenomena\/ ]"},{"key":"15_CR7","volume-title":"P2P Networking and Applications","author":"J Buford","year":"2008","unstructured":"Buford J, Yu H, Lua EK: P2P Networking and Applications. Morgan Kaufmann Publishers Inc., San Francisco; 2008."},{"key":"15_CR8","first-page":"15","volume-title":"Proceedings of the 20th USENIX Conference on Security, (SEC\u201911)","author":"C Kanich","year":"2011","unstructured":"Kanich C, Weavery N, McCoy D, Halvorson T, Kreibichy C, Levchenko K, Paxson V, Voelker GM, Savage S: Show me the money: characterizing spam-advertised revenue. In Proceedings of the 20th USENIX Conference on Security, (SEC\u201911). USENIX Association, Berkeley, CA, USA; 2011:15-15."},{"key":"15_CR9","unstructured":"Microsoft Security Intelligence Report, Volume 9, January-June 2010. Accessed 1 Feb 2014., [ http:\/\/www.microsoft.com\/security\/sir\/ ]"},{"key":"15_CR10","doi-asserted-by":"publisher","first-page":"97","DOI":"10.1109\/SP.2013.17","volume-title":"Security and Privacy (SP), 2013 IEEE Symposium On","author":"C Rossow","year":"2013","unstructured":"Rossow C, Andriesse D, Werner T, Stone-Gross B, Plohmann D, Dietrich CJ, Bos H: Sok: P2PWNED - modeling and evaluating the resilience of peer-to-peer botnets. In Security and Privacy (SP), 2013 IEEE Symposium On. IEEE, Computer Society Washington, DC, USA; 2013:97-111."},{"key":"15_CR11","unstructured":"D Fisher, 88 percent of Citadel botnets down. Accessed 9 Jan 2014., [ http:\/\/threatpost.com\/microsoft-88-percent-of-citadel-botnets-down\/101503 ]"},{"key":"15_CR12","unstructured":"D Drinkwater, Gameover trojan rises from the dead. Accessed 20 Jul 2014., [ http:\/\/www.scmagazineuk.com\/gameover-trojan-rises-from-the-dead\/article\/357964\/ ]"},{"key":"15_CR13","unstructured":"T Greene, ZeuS botnet has a new use: stealing bank access codes via SMS. Accessed 9 Jun 2013., [ http:\/\/www.networkworld.com\/news\/2010\/092910-zeus-botnet-sms-banks.html ]"},{"key":"15_CR14","unstructured":"J Stewart, Storm worm DDoS attack. Accessed 1 Feb 2014., [ http:\/\/www.secureworks.com\/cyber-threat-intelligence\/threats\/storm-worm\/ ]"},{"key":"15_CR15","unstructured":"A Lelli, Waledac botnet back on rise. Accessed 1 Feb 2014., [ http:\/\/www.symantec.com\/connect\/blogs\/return-dead-waledacstorm-botnet-back-rise ]"},{"key":"15_CR16","unstructured":"J Leyden, Fridge hacked. Car hacked. Next up, your light bulbs. Accessed 12 Jul 2014., [ http:\/\/www.theregister.co.uk\/2014\/07\/07\/wifi\\_enabled\\_led\\_light\\_bulb\\_is\\_hackable\\_shocker\/ ]"},{"key":"15_CR17","doi-asserted-by":"publisher","first-page":"512","DOI":"10.1145\/988672.988742","volume-title":"Proceedings of the 13th International Conference on World Wide Web (WWW \u201904)","author":"S Sen","year":"2004","unstructured":"Sen S, Spatscheck O, Wang D: Accurate, scalable in-network identification of p2p traffic using application signatures. In Proceedings of the 13th International Conference on World Wide Web (WWW \u201904). ACM, New York, NY, USA; 2004:512-521."},{"key":"15_CR18","doi-asserted-by":"crossref","unstructured":"J Li, S Zhang, Y Lu, J Yan, in Global Telecommunications Conference, 2008. IEEE GLOBECOM 2008. Real-time p2p traffic identification (IEEE, USA, 2008), pp. 1\u20135.","DOI":"10.1109\/GLOCOM.2008.ECP.475"},{"key":"15_CR19","first-page":"37","volume-title":"Proceedings of the 28th IEEE International Conference on Computer Communications Workshops (INFOCOM\u201909)","author":"M Iliofotou","year":"2009","unstructured":"Iliofotou M, Kim H-C, Faloutsos M, Mitzenmacher P Pappu M, Varghese G: Graph-based p2p traffic classification at the internet backbone. In Proceedings of the 28th IEEE International Conference on Computer Communications Workshops (INFOCOM\u201909). IEEE Press, Piscataway, NJ, USA; 2009:37-42."},{"key":"15_CR20","volume-title":"Botminer: clustering analysis of network traffic for protocol- and structure-independent botnet detection","author":"G Gu","year":"2008","unstructured":"Gu G, Perdisci R, Zhang J, Lee W: Botminer: clustering analysis of network traffic for protocol- and structure-independent botnet detection. USENIX Association, Berkeley, CA, USA; 2008."},{"key":"15_CR21","first-page":"1","volume-title":"Proceedings of the 10th International IFIP TC 6 Conference on Networking - Volume Part I NETWORKING\u201911","author":"J Fran\u00e7ois","year":"2011","unstructured":"Fran\u00e7ois J, Wang S, State R, Engel T: Bottrack: tracking botnets using netflow and pagerank. In Proceedings of the 10th International IFIP TC 6 Conference on Networking - Volume Part I NETWORKING\u201911. Springer, Berlin, Heidelberg; 2011:1-14."},{"key":"15_CR22","first-page":"1","volume-title":"IFIP Networking Conference, 2013","author":"H Hang","year":"2013","unstructured":"Hang H, Wei X, Faloutsos M, Eliassi-Rad T: Entelecheia: detecting p2p botnets in their waiting stage. In IFIP Networking Conference, 2013. IEEE, USA; 2013:1-9."},{"key":"15_CR23","volume-title":"Detecting Peer-to-peer Botnets","author":"R Schoof","year":"2007","unstructured":"R Schoof, R Koning, Detecting Peer-to-peer Botnets. University of Amsterdam (2007). University of Amsterdam. Technical report."},{"key":"15_CR24","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1007\/978-3-642-39235-1_4","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"B Rahbarinia","year":"2013","unstructured":"Rahbarinia B, Perdisci R, Lanzi A, Li K: Peerrush: mining for unwanted p2p traffic. In Detection of Intrusions and Malware, and Vulnerability Assessment. Springer, Berlin, Heidelberg; 2013:62-82."},{"key":"15_CR25","first-page":"16:1","volume-title":"Proceedings of the 6th ACM India Computing Convention (Compute \u201913)","author":"P Narang","year":"2013","unstructured":"Narang P, Reddy JM, Hota C: Feature selection for detection of peer-to-peer botnet traffic. In Proceedings of the 6th ACM India Computing Convention (Compute \u201913). ACM, New York, NY, USA; 2013:16:1-16:9."},{"key":"15_CR26","doi-asserted-by":"publisher","first-page":"121","DOI":"10.1109\/DSN.2011.5958212","volume-title":"Proceedings of the 2011 IEEE\/IFIP 41st International Conference on Dependable Systems & Networks (DSN \u201911)","author":"J Zhang","year":"2011","unstructured":"Zhang J, Perdisci R, Lee W, Sarfraz U, Luo X: Detecting stealthy p2p botnets using statistical traffic fingerprints. In Proceedings of the 2011 IEEE\/IFIP 41st International Conference on Dependable Systems & Networks (DSN \u201911). IEEE Computer Society, Washington, DC, USA; 2011:121-132."},{"issue":"1","key":"15_CR27","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1109\/TIFS.2013.2290197","volume":"9","author":"J Zhang","year":"2014","unstructured":"Zhang J, Perdisci R, Lee W, Luo X, Sarfraz U: Building a scalable system for stealthy p2p-botnet detection. IEEE Trans. Inf. Forensics Security 2014, 9(1):27-38. 10.1109\/TIFS.2013.2290197","journal-title":"IEEE Trans. Inf. Forensics Security"},{"key":"15_CR28","doi-asserted-by":"publisher","first-page":"241","DOI":"10.1109\/ICDCS.2010.76","volume-title":"Proceedings of the 2010 30th International Conference on Distributed Computing Systems (ICDCS \u201910)","author":"T-F Yen","year":"2010","unstructured":"Yen T-F, Reiter MK: Are your hosts trading or plotting? Telling p2p file-sharing and bots apart. In Proceedings of the 2010 30th International Conference on Distributed Computing Systems (ICDCS \u201910). IEEE Computer Society, Washington, DC, USA; 2010:241-252."},{"key":"15_CR29","first-page":"229","volume-title":"SIGCOMM Comput. Commun. Rev., vol. 35","author":"T Karagiannis","year":"2005","unstructured":"Karagiannis T, Papagiannaki K, Faloutsos M: Blinc: multilevel traffic classification in the dark. In SIGCOMM Comput. Commun. Rev., vol. 35. ACM, New York, NY, USA; 2005:229-240."},{"key":"15_CR30","doi-asserted-by":"publisher","first-page":"121","DOI":"10.1145\/1028788.1028804","volume-title":"Proceedings of the 4th ACM SIGCOMM Conference on Internet Measurement (IMC \u201904)","author":"T Karagiannis","year":"2004","unstructured":"Karagiannis T, Broido A, Faloutsos M, Claffy K: Transport layer identification of p2p traffic. In Proceedings of the 4th ACM SIGCOMM Conference on Internet Measurement (IMC \u201904). ACM, New York, NY, USA; 2004:121-134."},{"key":"15_CR31","first-page":"64","volume-title":"Communications and Network Security (CNS), 2013 IEEE Conference On","author":"L Li","year":"2013","unstructured":"Li L, Mathur S, Coskun B: Gangs of the internet: towards automatic discovery of peer-to-peer communities. In Communications and Network Security (CNS), 2013 IEEE Conference On. IEEE, USA; 2013:64-72."},{"key":"15_CR32","volume-title":"Proceedings of the 2014 IEEE Security and Privacy Workshops (SPW\u201914)","author":"P Narang","year":"2014","unstructured":"Narang P, Ray S, Hota C, Venkatakrishnan VN: Peershark: detecting peer-to-peer botnets by tracking conversations. In Proceedings of the 2014 IEEE Security and Privacy Workshops (SPW\u201914). IEEE, Computer Society Washington, DC, USA; 2014. in press"},{"key":"15_CR33","volume-title":"Mining concept-drifting data stream to detect peer to peer botnet traffic","author":"MM Masud","year":"2008","unstructured":"MM Masud, J Gao, L Khan, J Han, B Thuraisingham, Mining concept-drifting data stream to detect peer to peer botnet traffic (2008). Univ. of Texas at Dallas Technical Report# UTDCS-05- 08."},{"key":"15_CR34","first-page":"727","volume-title":"Proceedings of the Seventeenth International Conference on Machine Learning (ICML \u201900)","author":"D Pelleg","year":"2000","unstructured":"Pelleg D, Moore AW: X-means: extending k-means with efficient estimation of the number of clusters. In Proceedings of the Seventeenth International Conference on Machine Learning (ICML \u201900). Morgan Kaufmann Publishers Inc., San Francisco, CA, USA; 2000:727-734."},{"issue":"1","key":"15_CR35","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1145\/1656274.1656278","volume":"11","author":"M Hall","year":"2009","unstructured":"Hall M, Frank E, Holmes G, Pfahringer B, Reutemann P, Witten IH: The WEKA data mining software: an update. ACM SIGKDD Explor. Newslett 2009, 11(1):10-18. 10.1145\/1656274.1656278","journal-title":"ACM SIGKDD Explor. Newslett"},{"key":"15_CR36","unstructured":"D Fisher, Storm, Nugache lead dangerous new botnet barrage. Accessed 20 Jul 2014., [ http:\/\/searchsecurity.techtarget.com\/news\/1286808\/Storm-Nugache-lead-dangerous-new-botnet-barrage ]"},{"issue":"6","key":"15_CR37","first-page":"18","volume":"32","author":"S Stover","year":"2007","unstructured":"Stover S, Dittrich D, Hernandez J, Dietrich S: Analysis of the storm and nugache trojans: p2p is here. USENIX; login 2007, 32(6):18-27.","journal-title":"USENIX; login"},{"key":"15_CR38","doi-asserted-by":"publisher","first-page":"81","DOI":"10.1007\/978-3-642-14215-4_5","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"A Nappa","year":"2010","unstructured":"Nappa A, Fattori A, Balduzzi M, Dell\u2019Amico M, Cavallaro L: Take a deep breath: a stealthy, resilient and cost-effective botnet using skype. In Detection of Intrusions and Malware, and Vulnerability Assessment. Springer, Berlin, Heidelberg; 2010:81-100."},{"key":"15_CR39","doi-asserted-by":"crossref","first-page":"659","DOI":"10.1007\/978-0-387-73003-5_196","volume-title":"Encyclopedia of Biometrics","author":"D Reynolds","year":"2009","unstructured":"D Reynolds Gaussian mixture models, in Encyclopedia of Biometrics, ed. by S Li, A Jain (Springer, 2009), pp. 659\u2013663."},{"issue":"6","key":"15_CR40","doi-asserted-by":"publisher","first-page":"47","DOI":"10.1109\/79.543975","volume":"13","author":"TK Moon","year":"1996","unstructured":"Moon TK: The expectation-maximization algorithm. IEEE Signal Processing Mag. 1996, 13(6):47-60. 10.1109\/79.543975","journal-title":"IEEE Signal Processing Mag"},{"key":"15_CR41","unstructured":"M Gillett, Skype\u2019s cloud-based architecture. Accessed 3 Jul 2014., [ http:\/\/blogs.skype.com\/2012\/07\/26\/what-does-skypes-architecture-do\/ ]"},{"key":"15_CR42","unstructured":"LO Murchu, Stuxnet P2P component. Accessed 12 Feb 2014., [ http:\/\/www.symantec.com\/connect\/blogs\/stuxnet-p2p-component ]"}],"container-title":["EURASIP Journal on Information Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1186\/s13635-014-0015-3\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13635-014-0015-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13635-014-0015-3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13635-014-0015-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,8,25]],"date-time":"2020-08-25T13:26:36Z","timestamp":1598361996000},"score":1,"resource":{"primary":{"URL":"https:\/\/jis-eurasipjournals.springeropen.com\/articles\/10.1186\/s13635-014-0015-3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,10,8]]},"references-count":42,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2014,12]]}},"alternative-id":["15"],"URL":"https:\/\/doi.org\/10.1186\/s13635-014-0015-3","relation":{},"ISSN":["1687-417X"],"issn-type":[{"value":"1687-417X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2014,10,8]]},"assertion":[{"value":"11 August 2014","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"12 September 2014","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"8 October 2014","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}],"article-number":"15"}}