{"id":"https://openalex.org/W2081835387","doi":"https://doi.org/10.1109/isias.2010.5604040","title":"Benchmarking IP blacklists for financial botnet detection","display_name":"Benchmarking IP blacklists for financial botnet detection","publication_year":2010,"publication_date":"2010-08-01","ids":{"openalex":"https://openalex.org/W2081835387","doi":"https://doi.org/10.1109/isias.2010.5604040","mag":"2081835387"},"language":"en","primary_location":{"id":"doi:10.1109/isias.2010.5604040","is_oa":false,"landing_page_url":"https://doi.org/10.1109/isias.2010.5604040","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2010 Sixth International Conference on Information Assurance and Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5058638208","display_name":"David Oro","orcid":null},"institutions":[{"id":"https://openalex.org/I4210150449","display_name":"Barcelona Digital Centro Tecnol\u00f3gico","ror":"https://ror.org/04v2q5t19","country_code":"ES","type":"company","lineage":["https://openalex.org/I4210150449"]}],"countries":["ES"],"is_corresponding":true,"raw_author_name":"David Oro","raw_affiliation_strings":["Security Research Group, Barcelona Digital Technology Centre, Barcelona, Spain","eSecurity Research Group, Barcelona Digital Technology Centre, Spain"],"affiliations":[{"raw_affiliation_string":"Security Research Group, Barcelona Digital Technology Centre, Barcelona, Spain","institution_ids":["https://openalex.org/I4210150449"]},{"raw_affiliation_string":"eSecurity Research Group, Barcelona Digital Technology Centre, Spain","institution_ids":["https://openalex.org/I4210150449"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5111394053","display_name":"Jes\u00fas Luna","orcid":null},"institutions":[{"id":"https://openalex.org/I4210150449","display_name":"Barcelona Digital Centro Tecnol\u00f3gico","ror":"https://ror.org/04v2q5t19","country_code":"ES","type":"company","lineage":["https://openalex.org/I4210150449"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Jesus Luna","raw_affiliation_strings":["Security Research Group, Barcelona Digital Technology Centre, Barcelona, Spain","eSecurity Research Group, Barcelona Digital Technology Centre, Spain"],"affiliations":[{"raw_affiliation_string":"Security Research Group, Barcelona Digital Technology Centre, Barcelona, Spain","institution_ids":["https://openalex.org/I4210150449"]},{"raw_affiliation_string":"eSecurity Research Group, Barcelona Digital Technology Centre, Spain","institution_ids":["https://openalex.org/I4210150449"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5021298662","display_name":"Toni Felguera","orcid":null},"institutions":[{"id":"https://openalex.org/I4210150449","display_name":"Barcelona Digital Centro Tecnol\u00f3gico","ror":"https://ror.org/04v2q5t19","country_code":"ES","type":"company","lineage":["https://openalex.org/I4210150449"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Toni Felguera","raw_affiliation_strings":["Security Research Group, Barcelona Digital Technology Centre, Barcelona, Spain","eSecurity Research Group, Barcelona Digital Technology Centre, Spain"],"affiliations":[{"raw_affiliation_string":"Security Research Group, Barcelona Digital Technology Centre, Barcelona, Spain","institution_ids":["https://openalex.org/I4210150449"]},{"raw_affiliation_string":"eSecurity Research Group, Barcelona Digital Technology Centre, Spain","institution_ids":["https://openalex.org/I4210150449"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5040418450","display_name":"Marc Vilanova","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Marc Vilanova","raw_affiliation_strings":["La Caixa, CSIRT, Barcelona, Spain","CSIRT, La Caixa, Barcelona, Spain"],"affiliations":[{"raw_affiliation_string":"La Caixa, CSIRT, Barcelona, Spain","institution_ids":[]},{"raw_affiliation_string":"CSIRT, La Caixa, Barcelona, Spain","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5109451093","display_name":"Jetzabel Serna","orcid":null},"institutions":[{"id":"https://openalex.org/I9617848","display_name":"Universitat Polit\u00e8cnica de Catalunya","ror":"https://ror.org/03mb6wj31","country_code":"ES","type":"education","lineage":["https://openalex.org/I9617848"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Jetzabel Serna","raw_affiliation_strings":["Computer Architecture Department, Technical University of Catalonia, Barcelona, Spain","Computer Architecture Department, Technical University of Catalonia, Barcelona, Spain#TAB#"],"affiliations":[{"raw_affiliation_string":"Computer Architecture Department, Technical University of Catalonia, Barcelona, Spain","institution_ids":["https://openalex.org/I9617848"]},{"raw_affiliation_string":"Computer Architecture Department, Technical University of Catalonia, Barcelona, Spain#TAB#","institution_ids":["https://openalex.org/I9617848"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5058638208"],"corresponding_institution_ids":["https://openalex.org/I4210150449"],"apc_list":null,"apc_paid":null,"fwci":0.7122,"has_fulltext":false,"cited_by_count":10,"citation_normalized_percentile":{"value":0.73220269,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":"6","issue":null,"first_page":"62","last_page":"67"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.9549046754837036},{"id":"https://openalex.org/keywords/blacklist","display_name":"Blacklist","score":0.939922571182251},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6860774159431458},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6502184867858887},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5635217428207397},{"id":"https://openalex.org/keywords/blacklisting","display_name":"Blacklisting","score":0.5203002095222473},{"id":"https://openalex.org/keywords/drone","display_name":"Drone","score":0.49324363470077515},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.4544936716556549},{"id":"https://openalex.org/keywords/order","display_name":"Order (exchange)","score":0.4295915365219116},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.2901970446109772},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.25913041830062866},{"id":"https://openalex.org/keywords/finance","display_name":"Finance","score":0.16564199328422546},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.09005779027938843}],"concepts":[{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.9549046754837036},{"id":"https://openalex.org/C2781345505","wikidata":"https://www.wikidata.org/wiki/Q2535979","display_name":"Blacklist","level":2,"score":0.939922571182251},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6860774159431458},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6502184867858887},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5635217428207397},{"id":"https://openalex.org/C2779797433","wikidata":"https://www.wikidata.org/wiki/Q632959","display_name":"Blacklisting","level":2,"score":0.5203002095222473},{"id":"https://openalex.org/C59519942","wikidata":"https://www.wikidata.org/wiki/Q650665","display_name":"Drone","level":2,"score":0.49324363470077515},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.4544936716556549},{"id":"https://openalex.org/C182306322","wikidata":"https://www.wikidata.org/wiki/Q1779371","display_name":"Order (exchange)","level":2,"score":0.4295915365219116},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.2901970446109772},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.25913041830062866},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.16564199328422546},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.09005779027938843},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C54355233","wikidata":"https://www.wikidata.org/wiki/Q7162","display_name":"Genetics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/isias.2010.5604040","is_oa":false,"landing_page_url":"https://doi.org/10.1109/isias.2010.5604040","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2010 Sixth International Conference on Information Assurance and Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6899999976158142,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":31,"referenced_works":["https://openalex.org/W1655456","https://openalex.org/W172574161","https://openalex.org/W1550514379","https://openalex.org/W1551705282","https://openalex.org/W1583098994","https://openalex.org/W1734799737","https://openalex.org/W1863743301","https://openalex.org/W1922851884","https://openalex.org/W1969953346","https://openalex.org/W2000038758","https://openalex.org/W2017884509","https://openalex.org/W2061455058","https://openalex.org/W2100576135","https://openalex.org/W2121320294","https://openalex.org/W2144699258","https://openalex.org/W2154894831","https://openalex.org/W2155536216","https://openalex.org/W2160404300","https://openalex.org/W2168248885","https://openalex.org/W2173213060","https://openalex.org/W2999097477","https://openalex.org/W3005557970","https://openalex.org/W3215533141","https://openalex.org/W6600068801","https://openalex.org/W6632893704","https://openalex.org/W6632924670","https://openalex.org/W6634779276","https://openalex.org/W6637631891","https://openalex.org/W6640487242","https://openalex.org/W6678053823","https://openalex.org/W6681620709"],"related_works":["https://openalex.org/W2181543702","https://openalex.org/W3172840274","https://openalex.org/W2769847412","https://openalex.org/W4241417517","https://openalex.org/W2991976289","https://openalex.org/W2017968904","https://openalex.org/W2005813008","https://openalex.org/W2514488323","https://openalex.org/W4312347107","https://openalex.org/W1550514379"],"abstract_inverted_index":{"Every":[0],"day,":[1],"hundreds":[2],"or":[3,21,255],"even":[4],"thousands":[5],"of":[6,24,76,105,122,136,140,223,251],"computers":[7],"are":[8,85,120,186],"infected":[9],"with":[10,95,161,195],"financial":[11,27,77,96,123,253],"malware":[12],"(i.e.":[13,70],"Zeus)":[14],"that":[15,29,47,66,119,182,202,229,260],"forces":[16],"them":[17],"to":[18,38,110,188,206,211,239],"become":[19],"zombies":[20],"drones,":[22],"capable":[23,135],"joining":[25],"massive":[26],"botnets":[28,56,78],"can":[30,264],"be":[31,265],"hired":[32],"by":[33,143],"well-organized":[34],"cyber-criminals":[35,84],"in":[36,237,242],"order":[37,238],"steal":[39],"online":[40],"banking":[41],"customers'":[42],"credentials.":[43],"Despite":[44],"the":[45,67,103,138,196,221,231],"fact":[46],"detection":[48],"and":[49,54,61,114,149,192,199],"mitigation":[50],"mechanisms":[51],"for":[52],"spam":[53],"DDoS-related":[55],"have":[57,130],"been":[58,159],"widely":[59],"researched":[60],"developed,":[62],"it":[63,145,203],"is":[64,204,248,259],"true":[65],"passive":[68],"nature":[69],"low":[71,93],"network":[72],"traffic,":[73],"fewer":[74],"connections)":[75],"greatly":[79],"hinder":[80],"their":[81],"countermeasures.":[82],"Therefore,":[83],"still":[86],"obtaining":[87],"high":[88],"economical":[89],"profits":[90],"at":[91],"relatively":[92],"risk":[94],"botnets.":[97,124],"In":[98],"this":[99,127],"paper":[100],"we":[101,129,219],"propose":[102],"use":[104],"publicly":[106],"available":[107],"IP":[108,165,184,226,247],"blacklists":[109,185],"detect":[111,189],"both":[112,190],"drones":[113,191],"Command":[115],"&":[116],"Control":[117],"nodes":[118],"part":[121],"To":[125],"prove":[126],"hypothesis":[128],"developed":[131],"a":[132,141,147,169,224,245,249,252,262],"formal":[133],"framework":[134,157],"evaluating":[137],"quality":[139,209,235],"blacklist":[142,176,213],"comparing":[144],"versus":[146],"baseline":[148],"taking":[150],"into":[151,268],"account":[152],"different":[153,174,208],"metrics.":[154,217],"The":[155],"contributed":[156],"has":[158],"tested":[160],"approximately":[162],"500":[163],"million":[164],"addresses,":[166],"retrieved":[167],"during":[168],"one-month":[170],"period":[171],"from":[172],"seven":[173],"well-known":[175],"providers.":[177],"Our":[178,257],"experimental":[179],"results":[180],"showed":[181],"these":[183],"able":[187],"C&C":[193],"related":[194],"Zeus":[197],"botnet":[198,254],"most":[200],"important,":[201],"possible":[205],"assign":[207],"scores":[210],"each":[212],"based":[214],"on":[215],"our":[216],"Finally,":[218],"introduce":[220],"basics":[222],"high-performance":[225],"reputation":[227],"system":[228,263],"uses":[230],"previously":[232],"obtained":[233],"blacklists'":[234],"scores,":[236],"reply":[240],"almost":[241],"real-time":[243],"whether":[244],"certain":[246],"member":[250],"not.":[256],"belief":[258],"such":[261],"easily":[266],"integrated":[267],"e-banking":[269],"anti-fraud":[270],"systems.":[271]},"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2020,"cited_by_count":2},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":2},{"year":2014,"cited_by_count":1},{"year":2013,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}