{"id":"https://openalex.org/W2122682880","doi":"https://doi.org/10.1109/iwqos.2011.5931312","title":"Measuring the effectiveness of infrastructure-level detection of large-scale botnets","display_name":"Measuring the effectiveness of infrastructure-level detection of large-scale botnets","publication_year":2011,"publication_date":"2011-06-01","ids":{"openalex":"https://openalex.org/W2122682880","doi":"https://doi.org/10.1109/iwqos.2011.5931312","mag":"2122682880"},"language":"en","primary_location":{"id":"doi:10.1109/iwqos.2011.5931312","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iwqos.2011.5931312","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2011 IEEE Nineteenth IEEE International Workshop on Quality of Service","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5036523904","display_name":"Yuanyuan Zeng","orcid":"https://orcid.org/0000-0001-7621-3342"},"institutions":[{"id":"https://openalex.org/I27837315","display_name":"University of Michigan\u2013Ann Arbor","ror":"https://ror.org/00jmfr291","country_code":"US","type":"education","lineage":["https://openalex.org/I27837315"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Yuanyuan Zeng","raw_affiliation_strings":["University of Michigan, USA","(University of Michigan)"],"affiliations":[{"raw_affiliation_string":"University of Michigan, USA","institution_ids":["https://openalex.org/I27837315"]},{"raw_affiliation_string":"(University of Michigan)","institution_ids":["https://openalex.org/I27837315"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029645292","display_name":"Guanhua Yan","orcid":"https://orcid.org/0000-0001-7482-4043"},"institutions":[{"id":"https://openalex.org/I1343871089","display_name":"Los Alamos National Laboratory","ror":"https://ror.org/01e41cf67","country_code":"US","type":"facility","lineage":["https://openalex.org/I1330989302","https://openalex.org/I1343871089","https://openalex.org/I198811213","https://openalex.org/I4210120050"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Guanhua Yan","raw_affiliation_strings":["Los Alamos National Laboratory, USA","LOS Alamos National Laboratory"],"affiliations":[{"raw_affiliation_string":"Los Alamos National Laboratory, USA","institution_ids":["https://openalex.org/I1343871089"]},{"raw_affiliation_string":"LOS Alamos National Laboratory","institution_ids":["https://openalex.org/I1343871089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5073911119","display_name":"Stephan Eidenbenz","orcid":"https://orcid.org/0000-0002-2628-1854"},"institutions":[{"id":"https://openalex.org/I1343871089","display_name":"Los Alamos National Laboratory","ror":"https://ror.org/01e41cf67","country_code":"US","type":"facility","lineage":["https://openalex.org/I1330989302","https://openalex.org/I1343871089","https://openalex.org/I198811213","https://openalex.org/I4210120050"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Stephan Eidenbenz","raw_affiliation_strings":["Los Alamos National Laboratory, USA","LOS Alamos National Laboratory"],"affiliations":[{"raw_affiliation_string":"Los Alamos National Laboratory, USA","institution_ids":["https://openalex.org/I1343871089"]},{"raw_affiliation_string":"LOS Alamos National Laboratory","institution_ids":["https://openalex.org/I1343871089"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5053541912","display_name":"Kang G. Shin","orcid":"https://orcid.org/0000-0003-0086-8777"},"institutions":[{"id":"https://openalex.org/I27837315","display_name":"University of Michigan\u2013Ann Arbor","ror":"https://ror.org/00jmfr291","country_code":"US","type":"education","lineage":["https://openalex.org/I27837315"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kang G. Shin","raw_affiliation_strings":["University of Michigan, USA","(University of Michigan)"],"affiliations":[{"raw_affiliation_string":"University of Michigan, USA","institution_ids":["https://openalex.org/I27837315"]},{"raw_affiliation_string":"(University of Michigan)","institution_ids":["https://openalex.org/I27837315"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5036523904"],"corresponding_institution_ids":["https://openalex.org/I27837315"],"apc_list":null,"apc_paid":null,"fwci":1.4003,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.83123348,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"9"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10742","display_name":"Peer-to-Peer Network Technologies","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.9423799514770508},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6275694370269775},{"id":"https://openalex.org/keywords/scale","display_name":"Scale (ratio)","score":0.6247056722640991},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4682014584541321},{"id":"https://openalex.org/keywords/critical-infrastructure","display_name":"Critical infrastructure","score":0.4559631049633026},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.4325443506240845},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.3669266104698181},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1625176966190338},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.12374672293663025}],"concepts":[{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.9423799514770508},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6275694370269775},{"id":"https://openalex.org/C2778755073","wikidata":"https://www.wikidata.org/wiki/Q10858537","display_name":"Scale (ratio)","level":2,"score":0.6247056722640991},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4682014584541321},{"id":"https://openalex.org/C29852176","wikidata":"https://www.wikidata.org/wiki/Q373338","display_name":"Critical infrastructure","level":2,"score":0.4559631049633026},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.4325443506240845},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3669266104698181},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1625176966190338},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.12374672293663025},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/iwqos.2011.5931312","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iwqos.2011.5931312","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2011 IEEE Nineteenth IEEE International Workshop on Quality of Service","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.470.8239","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.470.8239","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://kabru.eecs.umich.edu/papers/publications/2011/IWQoS.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.721.9572","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.721.9572","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.binghamton.edu/%7Eghyan/papers/iwqos11.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6299999952316284,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":30,"referenced_works":["https://openalex.org/W16833051","https://openalex.org/W47988595","https://openalex.org/W1462349742","https://openalex.org/W1551705282","https://openalex.org/W1583098994","https://openalex.org/W1594972289","https://openalex.org/W1775772884","https://openalex.org/W1962340579","https://openalex.org/W2095815177","https://openalex.org/W2101737843","https://openalex.org/W2107673345","https://openalex.org/W2119245106","https://openalex.org/W2119895316","https://openalex.org/W2120836104","https://openalex.org/W2131998892","https://openalex.org/W2158049821","https://openalex.org/W2159281894","https://openalex.org/W2161515166","https://openalex.org/W2162101611","https://openalex.org/W2519409755","https://openalex.org/W6600678348","https://openalex.org/W6628628164","https://openalex.org/W6634779276","https://openalex.org/W6635614179","https://openalex.org/W6638021444","https://openalex.org/W6675112455","https://openalex.org/W6677516953","https://openalex.org/W6683268954","https://openalex.org/W6683824902","https://openalex.org/W6726558391"],"related_works":["https://openalex.org/W2294483539","https://openalex.org/W2378449000","https://openalex.org/W2901835651","https://openalex.org/W2883616266","https://openalex.org/W186576250","https://openalex.org/W2002178493","https://openalex.org/W2929621094","https://openalex.org/W1996006176","https://openalex.org/W4285325964","https://openalex.org/W1599449514"],"abstract_inverted_index":{"Botnets":[0],"are":[1],"one":[2],"of":[3,71,79,108,121],"the":[4,10,40,69,86,106,119,125,129],"most":[5],"serious":[6],"security":[7],"threats":[8],"to":[9,32],"Internet":[11,130],"and":[12,24,58,124],"its":[13,33],"end":[14],"users.":[15],"In":[16,73],"recent":[17],"years,":[18],"utilizing":[19],"P2P":[20,48,80,101],"as":[21],"a":[22,83,94],"Command":[23],"Control":[25],"(C&C)":[26],"protocol":[27],"has":[28],"become":[29],"popular":[30],"due":[31],"decentralized":[34],"nature":[35],"that":[36],"can":[37],"help":[38],"hide":[39],"botmaster's":[41],"identity.":[42],"Most":[43],"bot":[44],"detection":[45,78],"approaches":[46],"targeting":[47],"botnets":[49,81],"either":[50],"rely":[51],"on":[52],"behavior":[53],"monitoring":[54],"or":[55],"traffic":[56],"flow":[57],"packet":[59],"analysis,":[60],"requiring":[61],"fine-grained":[62],"information":[63],"collected":[64],"locally.":[65],"This":[66],"requirement":[67],"limits":[68],"scale":[70],"detection.":[72],"this":[74],"paper,":[75],"we":[76,104],"consider":[77],"at":[82,112],"high-level":[84],"-":[85],"infrastructure":[87],"level-by":[88],"exploiting":[89],"their":[90],"structural":[91],"properties":[92],"from":[93],"graph":[95],"analysis":[96],"perspective.":[97],"Using":[98],"three":[99],"different":[100],"overlay":[102],"structures,":[103],"measure":[105],"effectiveness":[107],"detecting":[109],"each":[110],"structure":[111],"various":[113],"locations":[114],"(the":[115],"Autonomous":[116],"System":[117],"(AS),":[118],"Point":[120],"Presence":[122],"(PoP),":[123],"router":[126],"rendezvous)":[127],"in":[128],"infrastructure.":[131]},"counts_by_year":[{"year":2021,"cited_by_count":1},{"year":2014,"cited_by_count":1},{"year":2013,"cited_by_count":1},{"year":2012,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2016-06-24T00:00:00"}