{"id":"https://openalex.org/W2109789989","doi":"https://doi.org/10.1109/icc.2009.5198970","title":"Efficient Detection of Bots in Subscribers' Computers","display_name":"Efficient Detection of Bots in Subscribers' Computers","publication_year":2009,"publication_date":"2009-06-01","ids":{"openalex":"https://openalex.org/W2109789989","doi":"https://doi.org/10.1109/icc.2009.5198970","mag":"2109789989"},"language":"en","primary_location":{"id":"doi:10.1109/icc.2009.5198970","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icc.2009.5198970","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2009 IEEE International Conference on Communications","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5085723324","display_name":"Jos\u00e9 Carlos Brustoloni","orcid":null},"institutions":[{"id":"https://openalex.org/I170201317","display_name":"University of Pittsburgh","ror":"https://ror.org/01an3r305","country_code":"US","type":"education","lineage":["https://openalex.org/I170201317"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"J. Brustoloni","raw_affiliation_strings":["Department of Computer Science, University of Pittsburgh, Pittsburgh, PA, USA","Department of Computer Science, University of Pittsburgh, Pittsburgh, PA USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Pittsburgh, Pittsburgh, PA, USA","institution_ids":["https://openalex.org/I170201317"]},{"raw_affiliation_string":"Department of Computer Science, University of Pittsburgh, Pittsburgh, PA USA","institution_ids":["https://openalex.org/I170201317"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081943471","display_name":"Nicholas L. Farnan","orcid":null},"institutions":[{"id":"https://openalex.org/I170201317","display_name":"University of Pittsburgh","ror":"https://ror.org/01an3r305","country_code":"US","type":"education","lineage":["https://openalex.org/I170201317"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"N. Farnan","raw_affiliation_strings":["Department of Computer Science, University of Pittsburgh, Pittsburgh, PA, USA","Department of Computer Science, University of Pittsburgh, Pittsburgh, PA USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Pittsburgh, Pittsburgh, PA, USA","institution_ids":["https://openalex.org/I170201317"]},{"raw_affiliation_string":"Department of Computer Science, University of Pittsburgh, Pittsburgh, PA USA","institution_ids":["https://openalex.org/I170201317"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5083709893","display_name":"Ricardo Villamar\u00edn-Salom\u00f3n","orcid":null},"institutions":[{"id":"https://openalex.org/I170201317","display_name":"University of Pittsburgh","ror":"https://ror.org/01an3r305","country_code":"US","type":"education","lineage":["https://openalex.org/I170201317"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"R. Villamarin-Salomon","raw_affiliation_strings":["Department of Computer Science, University of Pittsburgh, Pittsburgh, PA, USA","Department of Computer Science, University of Pittsburgh, Pittsburgh, PA USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Pittsburgh, Pittsburgh, PA, USA","institution_ids":["https://openalex.org/I170201317"]},{"raw_affiliation_string":"Department of Computer Science, University of Pittsburgh, Pittsburgh, PA USA","institution_ids":["https://openalex.org/I170201317"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5077767635","display_name":"David Kyle","orcid":null},"institutions":[{"id":"https://openalex.org/I170201317","display_name":"University of Pittsburgh","ror":"https://ror.org/01an3r305","country_code":"US","type":"education","lineage":["https://openalex.org/I170201317"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"D. Kyle","raw_affiliation_strings":["Department of Computer Science, University of Pittsburgh, Pittsburgh, PA, USA","Department of Computer Science, University of Pittsburgh, Pittsburgh, PA USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Pittsburgh, Pittsburgh, PA, USA","institution_ids":["https://openalex.org/I170201317"]},{"raw_affiliation_string":"Department of Computer Science, University of Pittsburgh, Pittsburgh, PA USA","institution_ids":["https://openalex.org/I170201317"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5085723324"],"corresponding_institution_ids":["https://openalex.org/I170201317"],"apc_list":null,"apc_paid":null,"fwci":0.6857,"has_fulltext":false,"cited_by_count":8,"citation_normalized_percentile":{"value":0.72826119,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":"4219","issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.713908851146698},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7139018774032593},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.68229079246521},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.4888283610343933},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.42554253339767456},{"id":"https://openalex.org/keywords/quality-of-service","display_name":"Quality of service","score":0.4231339693069458},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.3217327892780304},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.23953431844711304}],"concepts":[{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.713908851146698},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7139018774032593},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.68229079246521},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.4888283610343933},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.42554253339767456},{"id":"https://openalex.org/C5119721","wikidata":"https://www.wikidata.org/wiki/Q220501","display_name":"Quality of service","level":2,"score":0.4231339693069458},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.3217327892780304},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.23953431844711304}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icc.2009.5198970","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icc.2009.5198970","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2009 IEEE International Conference on Communications","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","score":0.6000000238418579,"id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":22,"referenced_works":["https://openalex.org/W47988595","https://openalex.org/W139772808","https://openalex.org/W192309743","https://openalex.org/W1462349742","https://openalex.org/W1499648394","https://openalex.org/W1550514379","https://openalex.org/W1583098994","https://openalex.org/W1750254686","https://openalex.org/W1775772884","https://openalex.org/W1867219652","https://openalex.org/W1873122431","https://openalex.org/W2111165162","https://openalex.org/W2168248885","https://openalex.org/W6601890406","https://openalex.org/W6605725336","https://openalex.org/W6607792004","https://openalex.org/W6628628164","https://openalex.org/W6630065162","https://openalex.org/W6632893704","https://openalex.org/W6634779276","https://openalex.org/W6638021444","https://openalex.org/W6676847925"],"related_works":["https://openalex.org/W2294483539","https://openalex.org/W2378449000","https://openalex.org/W3187581118","https://openalex.org/W2938399969","https://openalex.org/W3143747655","https://openalex.org/W2002178493","https://openalex.org/W2901835651","https://openalex.org/W2883616266","https://openalex.org/W186576250","https://openalex.org/W2372254325"],"abstract_inverted_index":{"We":[0,52],"investigate":[1],"how":[2],"an":[3,28],"ISP":[4,47,60],"can":[5,138,149],"efficiently":[6],"detect":[7],"bots":[8,40],"in":[9],"its":[10,24,50,65,126],"subscribers'":[11,70],"computers,":[12],"possibly":[13],"as":[14],"a":[15,56,117,130,145],"value-added":[16],"service":[17,45],"or":[18,38,102,113],"to":[19,23,35,49],"prevent":[20],"collateral":[21],"damage":[22],"infrastructure.":[25],"By":[26],"causing":[27],"ISP's":[29],"email":[30],"servers":[31],"and":[32,63,75,137],"network":[33,135],"links":[34],"get":[36],"clogged":[37],"blacklisted,":[39],"reduce":[41],"the":[42,46],"quality":[43],"of":[44,93,104,133,152,154],"provides":[48],"subscribers.":[51,155],"describe":[53],"DNS":[54,67,71,76,98,147],"Flagger,":[55],"novel":[57],"device":[58],"for":[59],"bot":[61],"detection,":[62],"evaluate":[64],"efficiency.":[66],"flagger":[68,148],"matches":[69],"traffic":[72,136],"against":[73],"IP":[74],"signatures.":[77],"In":[78],"real-time":[79],"experiments,":[80],"we":[81],"found":[82],"that,":[83],"on":[84,108],"average,":[85],"major":[86,118],"anti-virus":[87],"programs":[88],"(AVs)":[89],"detected":[90,100],"only":[91,129],"59%":[92],"freshly":[94],"caught":[95],"bots,":[96,106],"while":[97],"Flagger":[99],"73.1%":[101],"91%":[103],"those":[105],"respectively":[107],"hosts":[109],"that":[110],"do":[111,114],"not":[112],"also":[115],"have":[116],"AV.":[119],"There":[120],"were":[121],"no":[122],"false":[123],"alarms.":[124],"Because":[125],"processing":[127],"involves":[128],"small":[131],"fraction":[132],"all":[134],"be":[139],"performed":[140],"at":[141],"very":[142],"high":[143],"speed,":[144],"single":[146],"handle":[150],"hundreds":[151],"thousands":[153]},"counts_by_year":[{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2015,"cited_by_count":2},{"year":2014,"cited_by_count":1},{"year":2013,"cited_by_count":1},{"year":2012,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}