{"id":"https://openalex.org/W2965181964","doi":"https://doi.org/10.1080/17517575.2019.1644673","title":"DNS rule-based schema to botnet detection","display_name":"DNS rule-based schema to botnet detection","publication_year":2019,"publication_date":"2019-07-25","ids":{"openalex":"https://openalex.org/W2965181964","doi":"https://doi.org/10.1080/17517575.2019.1644673","mag":"2965181964"},"language":"en","primary_location":{"id":"doi:10.1080/17517575.2019.1644673","is_oa":false,"landing_page_url":"https://doi.org/10.1080/17517575.2019.1644673","pdf_url":null,"source":{"id":"https://openalex.org/S24861202","display_name":"Enterprise Information Systems","issn_l":"1751-7575","issn":["1751-7575","1751-7583"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320547","host_organization_name":"Taylor & Francis","host_organization_lineage":["https://openalex.org/P4310320547"],"host_organization_lineage_names":["Taylor & Francis"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Enterprise Information Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5070490492","display_name":"Kamal Alieyan","orcid":"https://orcid.org/0000-0002-9021-3151"},"institutions":[{"id":"https://openalex.org/I139322472","display_name":"Universiti Sains Malaysia","ror":"https://ror.org/02rgb2k63","country_code":"MY","type":"education","lineage":["https://openalex.org/I139322472"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Kamal Alieyan","raw_affiliation_strings":["National Advanced IPv6 Centre (NAv6), Universiti Sains Malaysia, Gelugor, Penang, Malaysia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"National Advanced IPv6 Centre (NAv6), Universiti Sains Malaysia, Gelugor, Penang, Malaysia","institution_ids":["https://openalex.org/I139322472"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5013947060","display_name":"Ammar Almomani","orcid":"https://orcid.org/0000-0002-8808-6114"},"institutions":[{"id":"https://openalex.org/I33926330","display_name":"Al-Balqa Applied University","ror":"https://ror.org/00qedmt22","country_code":"JO","type":"education","lineage":["https://openalex.org/I33926330"]}],"countries":["JO"],"is_corresponding":true,"raw_author_name":"Ammar Almomani","raw_affiliation_strings":["Department of Information Technology, Al-Huson University College, Al-Balqa Applied University, Irbid, Jordan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Information Technology, Al-Huson University College, Al-Balqa Applied University, Irbid, Jordan","institution_ids":["https://openalex.org/I33926330"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5015229013","display_name":"Mohammed Anbar","orcid":"https://orcid.org/0000-0002-7026-6408"},"institutions":[{"id":"https://openalex.org/I139322472","display_name":"Universiti Sains Malaysia","ror":"https://ror.org/02rgb2k63","country_code":"MY","type":"education","lineage":["https://openalex.org/I139322472"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Mohammed Anbar","raw_affiliation_strings":["National Advanced IPv6 Centre (NAv6), Universiti Sains Malaysia, Gelugor, Penang, Malaysia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"National Advanced IPv6 Centre (NAv6), Universiti Sains Malaysia, Gelugor, Penang, Malaysia","institution_ids":["https://openalex.org/I139322472"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5051819567","display_name":"Mohammad Alauthman","orcid":"https://orcid.org/0000-0003-0319-1968"},"institutions":[{"id":"https://openalex.org/I153687341","display_name":"Zarqa University","ror":"https://ror.org/01wf1es90","country_code":"JO","type":"education","lineage":["https://openalex.org/I153687341"]}],"countries":["JO"],"is_corresponding":false,"raw_author_name":"Mohammad Alauthman","raw_affiliation_strings":["Department of Computer Science, Faculty of information technology, Zarqa university, Zarqa, Jordan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Faculty of information technology, Zarqa university, Zarqa, Jordan","institution_ids":["https://openalex.org/I153687341"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5051571958","display_name":"Rosni Abdullah","orcid":"https://orcid.org/0000-0002-3061-5837"},"institutions":[{"id":"https://openalex.org/I139322472","display_name":"Universiti Sains Malaysia","ror":"https://ror.org/02rgb2k63","country_code":"MY","type":"education","lineage":["https://openalex.org/I139322472"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Rosni Abdullah","raw_affiliation_strings":["National Advanced IPv6 Centre (NAv6), Universiti Sains Malaysia, Gelugor, Penang, Malaysia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"National Advanced IPv6 Centre (NAv6), Universiti Sains Malaysia, Gelugor, Penang, Malaysia","institution_ids":["https://openalex.org/I139322472"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5071261948","display_name":"Brij B. Gupta","orcid":"https://orcid.org/0000-0003-4929-4698"},"institutions":[{"id":"https://openalex.org/I105094715","display_name":"National Institute of Technology Kurukshetra","ror":"https://ror.org/04909p852","country_code":"IN","type":"education","lineage":["https://openalex.org/I105094715"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"B. B. Gupta","raw_affiliation_strings":["Department of Computer Engineering, National Institute of Technology Kurukshtra, Kurukshetra, India"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Engineering, National Institute of Technology Kurukshtra, Kurukshetra, India","institution_ids":["https://openalex.org/I105094715"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5013947060"],"corresponding_institution_ids":["https://openalex.org/I33926330"],"apc_list":null,"apc_paid":null,"fwci":7.4328,"has_fulltext":false,"cited_by_count":76,"citation_normalized_percentile":{"value":0.97500884,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":99,"max":100},"biblio":{"volume":"15","issue":"4","first_page":"545","last_page":"564"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.8996586799621582},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6024181842803955},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5472462177276611},{"id":"https://openalex.org/keywords/schema","display_name":"Schema (genetic algorithms)","score":0.5316781401634216},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.37924009561538696},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.2505621314048767},{"id":"https://openalex.org/keywords/information-retrieval","display_name":"Information retrieval","score":0.23069339990615845},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.13571682572364807}],"concepts":[{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.8996586799621582},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6024181842803955},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5472462177276611},{"id":"https://openalex.org/C52146309","wikidata":"https://www.wikidata.org/wiki/Q7431116","display_name":"Schema (genetic algorithms)","level":2,"score":0.5316781401634216},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.37924009561538696},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2505621314048767},{"id":"https://openalex.org/C23123220","wikidata":"https://www.wikidata.org/wiki/Q816826","display_name":"Information retrieval","level":1,"score":0.23069339990615845},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.13571682572364807}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1080/17517575.2019.1644673","is_oa":false,"landing_page_url":"https://doi.org/10.1080/17517575.2019.1644673","pdf_url":null,"source":{"id":"https://openalex.org/S24861202","display_name":"Enterprise Information Systems","issn_l":"1751-7575","issn":["1751-7575","1751-7583"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320547","host_organization_name":"Taylor & Francis","host_organization_lineage":["https://openalex.org/P4310320547"],"host_organization_lineage_names":["Taylor & Francis"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Enterprise Information Systems","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1215841812","display_name":null,"funder_award_id":"DSR-2018-#4.","funder_id":"https://openalex.org/F4320309917","funder_display_name":"Al-Balqa' Applied University"}],"funders":[{"id":"https://openalex.org/F4320309917","display_name":"Al-Balqa' Applied University","ror":"https://ror.org/00qedmt22"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":40,"referenced_works":["https://openalex.org/W49753005","https://openalex.org/W212035617","https://openalex.org/W1540365150","https://openalex.org/W1603231998","https://openalex.org/W1626362440","https://openalex.org/W1674877186","https://openalex.org/W1917856122","https://openalex.org/W1926916177","https://openalex.org/W1964267679","https://openalex.org/W1970399788","https://openalex.org/W1992713826","https://openalex.org/W1995027100","https://openalex.org/W2000827064","https://openalex.org/W2003116136","https://openalex.org/W2003967425","https://openalex.org/W2019311308","https://openalex.org/W2038004736","https://openalex.org/W2065323196","https://openalex.org/W2070226850","https://openalex.org/W2082550445","https://openalex.org/W2089225488","https://openalex.org/W2102671922","https://openalex.org/W2105578938","https://openalex.org/W2116049325","https://openalex.org/W2125345194","https://openalex.org/W2146729596","https://openalex.org/W2159909072","https://openalex.org/W2200639883","https://openalex.org/W2239778906","https://openalex.org/W2322959901","https://openalex.org/W2395749704","https://openalex.org/W2509152081","https://openalex.org/W2590438586","https://openalex.org/W2753589199","https://openalex.org/W2775849634","https://openalex.org/W2907376671","https://openalex.org/W4200185493","https://openalex.org/W4246888445","https://openalex.org/W4253563357","https://openalex.org/W4298226103"],"related_works":["https://openalex.org/W2899084033","https://openalex.org/W3159690896","https://openalex.org/W4230824443","https://openalex.org/W1989286518","https://openalex.org/W2945572725","https://openalex.org/W2921012173","https://openalex.org/W2758517546","https://openalex.org/W3134680667","https://openalex.org/W2804396347","https://openalex.org/W2185943007"],"abstract_inverted_index":{"Botnets":[0],"are":[1,17],"considered":[2],"a":[3,60,126],"serious":[4],"issue":[5],"today.":[6],"They":[7],"have":[8],"several":[9],"negative":[10],"economic":[11],"impacts":[12,16],"as":[13,24,159],"well.":[14],"Such":[15],"affecting":[18],"organizations":[19],"and":[20,26,50,86,97,106,125],"individuals.":[21],"Recent":[22],"botnets\u2013such":[23],"Zeus":[25],"Citadel\u2019s":[27],"Conficker\u2013use":[28],"the":[29,40,45,53,71,102,113,118,138,141,149],"Domain":[30],"Name":[31],"System":[32],"(DNS)":[33],"to":[34,43,91],"avoid":[35],"detection.":[36],"These":[37],"botnets":[38],"use":[39],"DNS":[41,61,74,84,95,104],"server":[42],"prevent":[44],"network":[46],"administrator":[47],"from":[48],"locating":[49],"shutting":[51],"down":[52],"C&C":[54],"servers.":[55],"Therefore,":[56],"this":[57],"paper":[58],"proposes":[59],"rule-based":[62],"approach":[63,80,115,150],"for":[64],"Botnet":[65],"Detection":[66],"(DNS-BD)":[67],"that":[68,112,148,155],"can":[69,116,156],"improve":[70],"accuracy":[72,122],"of":[73,77,123,129,140,161],"traffic-based":[75],"detection":[76],"botnets.":[78],"This":[79],"is":[81],"based":[82],"on":[83],"query":[85,96,105],"response":[87,98,107],"behaviours;":[88],"it":[89],"aims":[90],"detect":[92,117],"any":[93,162],"abnormal":[94],"behaviours":[99],"by":[100],"applying":[101],"proposed":[103,114,142,151],"rules.":[108],"The":[109],"result":[110],"showed":[111],"botnet":[119],"with":[120,133],"an":[121],"99.35%":[124],"false-positive":[127],"rate":[128],"0.25%.":[130],"A":[131],"comparison":[132],"well-known":[134],"DNS-based":[135],"approaches":[136,154],"evaluates":[137],"effectiveness":[139],"approach.":[143],"It":[144],"has":[145],"been":[146],"concluded":[147],"outperforms":[152],"other":[153],"be":[157],"implemented":[158],"part":[160],"anti-viruses":[163],"IDS":[164],"product.":[165]},"counts_by_year":[{"year":2026,"cited_by_count":5},{"year":2025,"cited_by_count":7},{"year":2024,"cited_by_count":10},{"year":2023,"cited_by_count":14},{"year":2022,"cited_by_count":14},{"year":2021,"cited_by_count":12},{"year":2020,"cited_by_count":14}],"updated_date":"2026-05-26T13:28:51.108037","created_date":"2025-10-10T00:00:00"}