{"id":"https://openalex.org/W2292210693","doi":"https://doi.org/10.1109/bmei.2015.7401590","title":"Botnet tracing based on distributed denial of service activity analysis","display_name":"Botnet tracing based on distributed denial of service activity analysis","publication_year":2015,"publication_date":"2015-10-01","ids":{"openalex":"https://openalex.org/W2292210693","doi":"https://doi.org/10.1109/bmei.2015.7401590","mag":"2292210693"},"language":"en","primary_location":{"id":"doi:10.1109/bmei.2015.7401590","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bmei.2015.7401590","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2015 8th International Conference on Biomedical Engineering and Informatics (BMEI)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5114506707","display_name":"Wei Ding","orcid":"https://orcid.org/0000-0002-9534-859X"},"institutions":[{"id":"https://openalex.org/I76569877","display_name":"Southeast University","ror":"https://ror.org/04ct4d772","country_code":"CN","type":"education","lineage":["https://openalex.org/I76569877"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Wei Ding","raw_affiliation_strings":["Key Laboratory of Computer Network, Southeast University, Nanjing, China"],"affiliations":[{"raw_affiliation_string":"Key Laboratory of Computer Network, Southeast University, Nanjing, China","institution_ids":["https://openalex.org/I76569877"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5002356676","display_name":"Wentao Ren","orcid":"https://orcid.org/0009-0001-2893-3414"},"institutions":[{"id":"https://openalex.org/I76569877","display_name":"Southeast University","ror":"https://ror.org/04ct4d772","country_code":"CN","type":"education","lineage":["https://openalex.org/I76569877"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Wentao Ren","raw_affiliation_strings":["Key Laboratory of Computer Network, Southeast University, Nanjing, China"],"affiliations":[{"raw_affiliation_string":"Key Laboratory of Computer Network, Southeast University, Nanjing, China","institution_ids":["https://openalex.org/I76569877"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5015766107","display_name":"Zhen Xia","orcid":null},"institutions":[{"id":"https://openalex.org/I76569877","display_name":"Southeast University","ror":"https://ror.org/04ct4d772","country_code":"CN","type":"education","lineage":["https://openalex.org/I76569877"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhen Xia","raw_affiliation_strings":["Key Laboratory of Computer Network, Southeast University, Nanjing, China"],"affiliations":[{"raw_affiliation_string":"Key Laboratory of Computer Network, Southeast University, Nanjing, China","institution_ids":["https://openalex.org/I76569877"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100335940","display_name":"Li Wang","orcid":"https://orcid.org/0000-0002-0973-1614"},"institutions":[{"id":"https://openalex.org/I76569877","display_name":"Southeast University","ror":"https://ror.org/04ct4d772","country_code":"CN","type":"education","lineage":["https://openalex.org/I76569877"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Li Wang","raw_affiliation_strings":["Key Laboratory of Computer Network, Southeast University, Nanjing, China"],"affiliations":[{"raw_affiliation_string":"Key Laboratory of Computer Network, Southeast University, Nanjing, China","institution_ids":["https://openalex.org/I76569877"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5114506707"],"corresponding_institution_ids":["https://openalex.org/I76569877"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.17311551,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":96},"biblio":{"volume":"99","issue":null,"first_page":"685","last_page":"689"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12326","display_name":"Network Packet Processing and Optimization","score":0.993399977684021,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.9949878454208374},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.9394102692604065},{"id":"https://openalex.org/keywords/trinoo","display_name":"Trinoo","score":0.8132995367050171},{"id":"https://openalex.org/keywords/application-layer-ddos-attack","display_name":"Application layer DDoS attack","score":0.7342851161956787},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7133604288101196},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.6477231383323669},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6397912502288818},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.6153237819671631},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.593184232711792},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.5738008618354797},{"id":"https://openalex.org/keywords/tracing","display_name":"Tracing","score":0.5622797608375549},{"id":"https://openalex.org/keywords/ip-traceback","display_name":"IP traceback","score":0.4308852553367615},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.14959290623664856},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1388293206691742}],"concepts":[{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.9949878454208374},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.9394102692604065},{"id":"https://openalex.org/C43639116","wikidata":"https://www.wikidata.org/wiki/Q7843050","display_name":"Trinoo","level":5,"score":0.8132995367050171},{"id":"https://openalex.org/C120865594","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Application layer DDoS attack","level":4,"score":0.7342851161956787},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7133604288101196},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.6477231383323669},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6397912502288818},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.6153237819671631},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.593184232711792},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.5738008618354797},{"id":"https://openalex.org/C138673069","wikidata":"https://www.wikidata.org/wiki/Q322229","display_name":"Tracing","level":2,"score":0.5622797608375549},{"id":"https://openalex.org/C2776059407","wikidata":"https://www.wikidata.org/wiki/Q5973212","display_name":"IP traceback","level":4,"score":0.4308852553367615},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.14959290623664856},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1388293206691742}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/bmei.2015.7401590","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bmei.2015.7401590","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2015 8th International Conference on Biomedical Engineering and Informatics (BMEI)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":13,"referenced_works":["https://openalex.org/W59037818","https://openalex.org/W1518813109","https://openalex.org/W1546893224","https://openalex.org/W1583098994","https://openalex.org/W1674877186","https://openalex.org/W1909110254","https://openalex.org/W1980276603","https://openalex.org/W1992713826","https://openalex.org/W1998491523","https://openalex.org/W2017873141","https://openalex.org/W2104209065","https://openalex.org/W2106796827","https://openalex.org/W6602452583"],"related_works":["https://openalex.org/W1968168724","https://openalex.org/W2353701916","https://openalex.org/W2353807305","https://openalex.org/W2184397768","https://openalex.org/W2199179552","https://openalex.org/W1493760256","https://openalex.org/W2151002785","https://openalex.org/W2097156747","https://openalex.org/W2359323920","https://openalex.org/W2097740006"],"abstract_inverted_index":{"Most":[0],"of":[1,4,16,90,113,120],"DDoS(Distributed":[2],"Denial":[3],"Service)":[5],"attacks":[6],"use":[7],"botnets":[8],"as":[9,86],"the":[10,17,37,71,91,118],"carrier,":[11],"which":[12],"has":[13,102],"become":[14],"one":[15],"serious":[18],"threat":[19],"to":[20,65],"Internet.":[21],"However,":[22],"botnet":[23,48],"detection":[24,100],"is":[25,34,63],"difficult":[26],"in":[27],"backbone":[28],"because":[29],"C&C(command":[30],"&":[31],"control":[32],"channel)":[33],"blended":[35],"into":[36],"heavy":[38],"background":[39],"traffic.":[40],"This":[41,99],"paper":[42],"proposed":[43],"a":[44,111],"method":[45],"for":[46,94],"locating":[47],"by":[49,78],"DDoS":[50,60,83],"activity":[51],"data":[52],"analysis":[53],"and":[54,76,97],"DPI(Deep":[55],"Packet":[56],"Inspection)":[57],"technology.":[58],"The":[59,115],"attack":[61,92],"traffic":[62],"sampled":[64],"locate":[66],"suspicious":[67],"hosts":[68],"firstly,":[69],"then":[70],"hosts'":[72],"packets":[73],"are":[74],"collected":[75],"analyzed":[77],"DPI":[79],"technology":[80],"with":[81],"some":[82],"parameters,":[84],"such":[85],"victim,":[87],"start":[88],"time":[89],"etc.":[93],"finding":[95],"C&C":[96],"Servers.":[98],"model":[101],"been":[103],"implemented,":[104],"named":[105],"BTS":[106],"(Botnet":[107],"tracking":[108],"system)":[109],"at":[110],"POP":[112],"CERNET.":[114],"tests":[116],"showed":[117],"practicability":[119],"this":[121],"model.":[122]},"counts_by_year":[{"year":2023,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}