{"id":"https://openalex.org/W2586860586","doi":"https://doi.org/10.1109/glocomw.2016.7848877","title":"Detecting Peer-to-Peer Botnets in SCADA Systems","display_name":"Detecting Peer-to-Peer Botnets in SCADA Systems","publication_year":2016,"publication_date":"2016-12-01","ids":{"openalex":"https://openalex.org/W2586860586","doi":"https://doi.org/10.1109/glocomw.2016.7848877","mag":"2586860586"},"language":"en","primary_location":{"id":"doi:10.1109/glocomw.2016.7848877","is_oa":false,"landing_page_url":"https://doi.org/10.1109/glocomw.2016.7848877","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2016 IEEE Globecom Workshops (GC Wkshps)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5068868607","display_name":"Huan Yang","orcid":"https://orcid.org/0000-0001-8539-7104"},"institutions":[{"id":"https://openalex.org/I186143895","display_name":"Lehigh University","ror":"https://ror.org/012afjb06","country_code":"US","type":"education","lineage":["https://openalex.org/I186143895"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Huan Yang","raw_affiliation_strings":["Department of Computer Science and Engineering, Lehigh University, Bethlehem, PA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Lehigh University, Bethlehem, PA","institution_ids":["https://openalex.org/I186143895"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054701243","display_name":"Liang Cheng","orcid":"https://orcid.org/0000-0002-1615-9169"},"institutions":[{"id":"https://openalex.org/I186143895","display_name":"Lehigh University","ror":"https://ror.org/012afjb06","country_code":"US","type":"education","lineage":["https://openalex.org/I186143895"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Liang Cheng","raw_affiliation_strings":["Department of Computer Science and Engineering, Lehigh University, Bethlehem, PA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Lehigh University, Bethlehem, PA","institution_ids":["https://openalex.org/I186143895"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5046998111","display_name":"Mooi Choo Chuah","orcid":"https://orcid.org/0000-0002-0117-0621"},"institutions":[{"id":"https://openalex.org/I186143895","display_name":"Lehigh University","ror":"https://ror.org/012afjb06","country_code":"US","type":"education","lineage":["https://openalex.org/I186143895"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Mooi Choo Chuah","raw_affiliation_strings":["Department of Computer Science and Engineering, Lehigh University, Bethlehem, PA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Lehigh University, Bethlehem, PA","institution_ids":["https://openalex.org/I186143895"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5068868607"],"corresponding_institution_ids":["https://openalex.org/I186143895"],"apc_list":null,"apc_paid":null,"fwci":0.8034,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.77174438,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/scada","display_name":"SCADA","score":0.9701948761940002},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.8645710945129395},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6784336566925049},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5418508648872375},{"id":"https://openalex.org/keywords/identification","display_name":"Identification (biology)","score":0.5181240439414978},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.4030190706253052},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.37131205201148987},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.3383110761642456},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.18511998653411865},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.12433302402496338}],"concepts":[{"id":"https://openalex.org/C113863187","wikidata":"https://www.wikidata.org/wiki/Q17498","display_name":"SCADA","level":2,"score":0.9701948761940002},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.8645710945129395},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6784336566925049},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5418508648872375},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.5181240439414978},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.4030190706253052},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.37131205201148987},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.3383110761642456},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.18511998653411865},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.12433302402496338},{"id":"https://openalex.org/C59822182","wikidata":"https://www.wikidata.org/wiki/Q441","display_name":"Botany","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C119599485","wikidata":"https://www.wikidata.org/wiki/Q43035","display_name":"Electrical engineering","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/glocomw.2016.7848877","is_oa":false,"landing_page_url":"https://doi.org/10.1109/glocomw.2016.7848877","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2016 IEEE Globecom Workshops (GC Wkshps)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6499999761581421,"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320306084","display_name":"U.S. Department of Energy","ror":"https://ror.org/01bj3aw27"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":17,"referenced_works":["https://openalex.org/W1529728259","https://openalex.org/W1575698026","https://openalex.org/W1599476119","https://openalex.org/W1607212196","https://openalex.org/W1975709942","https://openalex.org/W1976866799","https://openalex.org/W1992713826","https://openalex.org/W2012446724","https://openalex.org/W2059001009","https://openalex.org/W2060479059","https://openalex.org/W2075986968","https://openalex.org/W2120540932","https://openalex.org/W2153268908","https://openalex.org/W2254364023","https://openalex.org/W2322987107","https://openalex.org/W2415768081","https://openalex.org/W2501709940"],"related_works":["https://openalex.org/W2294483539","https://openalex.org/W2378449000","https://openalex.org/W3187581118","https://openalex.org/W2938399969","https://openalex.org/W3143747655","https://openalex.org/W2002178493","https://openalex.org/W2901835651","https://openalex.org/W2883616266","https://openalex.org/W186576250","https://openalex.org/W2372254325"],"abstract_inverted_index":{"Supervisory":[0],"Control":[1],"and":[2,8,23,26,54,153],"Data":[3],"Acquisition":[4],"(SCADA)":[5],"systems":[6,19],"monitor":[7],"control":[9],"critical":[10],"infrastructure":[11],"such":[12],"as":[13,58],"the":[14,30,91,122,139,146,191,208],"smart":[15],"grid.":[16],"As":[17],"SCADA":[18,67,80,103,111,216],"become":[20,35],"increasingly":[21],"interconnected":[22],"adopt":[24],"more":[25,27],"cyber-enabled":[28],"components,":[29],"risks":[31],"of":[32,110,118],"cyber":[33,64],"attacks":[34,65],"a":[36,98,127],"major":[37],"concern.":[38],"Due":[39],"to":[40,49,62,75,131,166],"their":[41],"decentralized":[42],"organization,":[43],"peer-to-peer":[44],"(P2P)":[45],"botnets":[46,78,179],"are":[47,219],"resilient":[48],"many":[50],"existing":[51],"takedown":[52],"measures":[53],"can":[55,211],"be":[56],"exploited":[57],"an":[59],"effective":[60],"way":[61],"launch":[63],"on":[66],"systems.":[68],"However,":[69],"little":[70],"work":[71],"has":[72],"been":[73],"done":[74],"detect":[76,212],"P2P":[77,178,215,222],"in":[79],"systems,":[81,104],"which":[82,136,173],"carry":[83],"traffic":[84,107],"flows":[85],"with":[86,198],"characteristics":[87],"significantly":[88,137],"different":[89],"from":[90,161],"Internet.":[92],"In":[93,121,145],"this":[94],"paper,":[95],"we":[96,125,149],"design":[97,126],"P2P-botnet":[99,143,171],"detection":[100,196],"method":[101,116,210],"for":[102,142,170],"leveraging":[105],"built-in":[106],"monitoring":[108],"capabilities":[109],"networking":[112],"devices.":[113],"The":[114],"proposed":[115,192,209],"consists":[117],"two":[119],"stages.":[120],"first":[123],"stage,":[124,148],"simple":[128],"feature":[129],"test":[130],"filter":[132],"out":[133],"non-P2P":[134],"hosts,":[135],"reduces":[138],"data":[140],"volume":[141],"identification.":[144],"second":[147],"jointly":[150],"consider":[151],"flow-based":[152],"connectivity-based":[154],"features":[155],"that":[156,190,207,218],"effectively":[157],"set":[158],"apart":[159],"bots":[160],"benign":[162],"hosts.":[163],"We":[164],"propose":[165],"use":[167],"unsupervised":[168],"learning":[169],"identification,":[172],"not":[174],"only":[175],"identifies":[176],"known":[177],"but":[180],"also":[181],"captures":[182],"newly":[183],"emerged":[184],"ones.":[185],"Our":[186],"simulation":[187],"results":[188],"show":[189],"system":[193],"achieves":[194],"high":[195],"rates":[197],"very":[199],"few":[200],"false":[201],"positives.":[202],"Furthermore,":[203],"our":[204],"evaluation":[205],"shows":[206],"hosts":[213],"running":[214],"applications":[217],"infected":[220],"by":[221],"bots.":[223]},"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}