{"id":"https://openalex.org/W1987851356","doi":"https://doi.org/10.1109/malware.2013.6703693","title":"Highly resilient peer-to-peer botnets are here: An analysis of Gameover Zeus","display_name":"Highly resilient peer-to-peer botnets are here: An analysis of Gameover Zeus","publication_year":2013,"publication_date":"2013-10-01","ids":{"openalex":"https://openalex.org/W1987851356","doi":"https://doi.org/10.1109/malware.2013.6703693","mag":"1987851356"},"language":"en","primary_location":{"id":"doi:10.1109/malware.2013.6703693","is_oa":false,"landing_page_url":"https://doi.org/10.1109/malware.2013.6703693","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2013 8th International Conference on Malicious and Unwanted Software: \"The Americas\" (MALWARE)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5009305206","display_name":"Dennis Andriesse","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Dennis Andriesse","raw_affiliation_strings":["VU University Amsterdam, The Netherlands"],"affiliations":[{"raw_affiliation_string":"VU University Amsterdam, The Netherlands","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033589837","display_name":"Christian Rossow","orcid":"https://orcid.org/0000-0003-2470-8444"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Christian Rossow","raw_affiliation_strings":["VU University Amsterdam, The Netherlands"],"affiliations":[{"raw_affiliation_string":"VU University Amsterdam, The Netherlands","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044222343","display_name":"Brett Stone-Gross","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Brett Stone-Gross","raw_affiliation_strings":["Dell SecureWorks"],"affiliations":[{"raw_affiliation_string":"Dell SecureWorks","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5003704061","display_name":"Daniel Plohmann","orcid":null},"institutions":[{"id":"https://openalex.org/I4210166245","display_name":"Fraunhofer Institute for Communication, Information Processing and Ergonomics","ror":"https://ror.org/05nn0gw40","country_code":"DE","type":"facility","lineage":["https://openalex.org/I4210166245","https://openalex.org/I4923324"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Daniel Plohmann","raw_affiliation_strings":["Fraunhofer FKIE, Bonn, Germany"],"affiliations":[{"raw_affiliation_string":"Fraunhofer FKIE, Bonn, Germany","institution_ids":["https://openalex.org/I4210166245"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5029566823","display_name":"Herbert Bos","orcid":"https://orcid.org/0000-0001-6179-1510"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Herbert Bos","raw_affiliation_strings":["VU University Amsterdam, The Netherlands"],"affiliations":[{"raw_affiliation_string":"VU University Amsterdam, The Netherlands","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5009305206"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":12.8178,"has_fulltext":false,"cited_by_count":99,"citation_normalized_percentile":{"value":0.9884612,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":95,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"116","last_page":"123"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10742","display_name":"Peer-to-Peer Network Technologies","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/zeus","display_name":"ZEUS (particle detector)","score":0.9766985177993774},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.8367233872413635},{"id":"https://openalex.org/keywords/peer-to-peer","display_name":"Peer-to-peer","score":0.6905254125595093},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.6691146492958069},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5511155724525452},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5332277417182922},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.424025297164917},{"id":"https://openalex.org/keywords/resilience","display_name":"Resilience (materials science)","score":0.41318416595458984},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.33141106367111206},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.13751140236854553},{"id":"https://openalex.org/keywords/physics","display_name":"Physics","score":0.0676318109035492}],"concepts":[{"id":"https://openalex.org/C2776444479","wikidata":"https://www.wikidata.org/wiki/Q8063038","display_name":"ZEUS (particle detector)","level":5,"score":0.9766985177993774},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.8367233872413635},{"id":"https://openalex.org/C534932454","wikidata":"https://www.wikidata.org/wiki/Q161410","display_name":"Peer-to-peer","level":2,"score":0.6905254125595093},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.6691146492958069},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5511155724525452},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5332277417182922},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.424025297164917},{"id":"https://openalex.org/C2779585090","wikidata":"https://www.wikidata.org/wiki/Q3457762","display_name":"Resilience (materials science)","level":2,"score":0.41318416595458984},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.33141106367111206},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.13751140236854553},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0676318109035492},{"id":"https://openalex.org/C89473665","wikidata":"https://www.wikidata.org/wiki/Q2748917","display_name":"Deep inelastic scattering","level":4,"score":0.0},{"id":"https://openalex.org/C191486275","wikidata":"https://www.wikidata.org/wiki/Q210028","display_name":"Scattering","level":2,"score":0.0},{"id":"https://openalex.org/C120665830","wikidata":"https://www.wikidata.org/wiki/Q14620","display_name":"Optics","level":1,"score":0.0},{"id":"https://openalex.org/C142199849","wikidata":"https://www.wikidata.org/wiki/Q3027672","display_name":"Inelastic scattering","level":3,"score":0.0},{"id":"https://openalex.org/C97355855","wikidata":"https://www.wikidata.org/wiki/Q11473","display_name":"Thermodynamics","level":1,"score":0.0}],"mesh":[],"locations_count":6,"locations":[{"id":"doi:10.1109/malware.2013.6703693","is_oa":false,"landing_page_url":"https://doi.org/10.1109/malware.2013.6703693","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2013 8th International Conference on Malicious and Unwanted Software: \"The Americas\" (MALWARE)","raw_type":"proceedings-article"},{"id":"pmh:oai:research.vu.nl:openaire_cris_publications/d89c7886-ab35-4f06-ba47-011e3f6da2e1","is_oa":false,"landing_page_url":"https://research.vu.nl/en/publications/d89c7886-ab35-4f06-ba47-011e3f6da2e1","pdf_url":null,"source":{"id":"https://openalex.org/S4306401107","display_name":"VU Research Portal","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I865915315","host_organization_name":"Vrije Universiteit Amsterdam","host_organization_lineage":["https://openalex.org/I865915315"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Andriesse, D, Rossow, C, Stone-Gross, B, Plohmann, D & Bos, H 2013, Highly resilient peer-to-peer botnets are here : An analysis of Gameover Zeus. in 2013 8th International Conference on Malicious and Unwanted Software [Proceedings] : \"The Americas\", MALWARE 2013., 6703693, ACM, IEEE Computer Society, Fajardo, Puerto Rico, USA, pp. 116-123, 2013 8th International Conference on Malicious and Unwanted Software: \"The Americas\", MALWARE 2013, Fajardo, PR, United States, 22/10/13. https://doi.org/10.1109/MALWARE.2013.6703693","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.680.2526","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.680.2526","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.syssec-project.eu/m/page-media/3/zeus_malware13.pdf","raw_type":"text"},{"id":"pmh:oai:publica.fraunhofer.de:publica/383084","is_oa":false,"landing_page_url":"https://publica.fraunhofer.de/handle/publica/383084","pdf_url":null,"source":{"id":"https://openalex.org/S4306400318","display_name":"Fraunhofer-Publica (Fraunhofer-Gesellschaft)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4923324","host_organization_name":"Fraunhofer-Gesellschaft","host_organization_lineage":["https://openalex.org/I4923324"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"conference paper"},{"id":"pmh:oai:research.vu.nl:publications/d89c7886-ab35-4f06-ba47-011e3f6da2e1","is_oa":false,"landing_page_url":"http://www.scopus.com/inward/record.url?scp=84893791719&partnerID=8YFLogxK","pdf_url":null,"source":{"id":"https://openalex.org/S4306401107","display_name":"VU Research Portal","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I865915315","host_organization_name":"Vrije Universiteit Amsterdam","host_organization_lineage":["https://openalex.org/I865915315"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Andriesse, D, Rossow, C, Stone-Gross, B, Plohmann, D & Bos, H 2013, Highly resilient peer-to-peer botnets are here : An analysis of Gameover Zeus. in 2013 8th International Conference on Malicious and Unwanted Software [Proceedings] : \"The Americas\", MALWARE 2013., 6703693, ACM, IEEE Computer Society, Fajardo, Puerto Rico, USA, pp. 116-123, 2013 8th International Conference on Malicious and Unwanted Software: \"The Americas\", MALWARE 2013, Fajardo, PR, United States, 22/10/13. https://doi.org/10.1109/MALWARE.2013.6703693","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:vu:oai:research.vu.nl:publications/8b288d11-bc7d-4de7-bfa8-c4405fe38f3b","is_oa":false,"landing_page_url":"https://research.vu.nl/en/publications/8b288d11-bc7d-4de7-bfa8-c4405fe38f3b","pdf_url":null,"source":{"id":"https://openalex.org/S4306401843","display_name":"Data Archiving and Networked Services (DANS)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1322597698","host_organization_name":"Royal Netherlands Academy of Arts and Sciences","host_organization_lineage":["https://openalex.org/I1322597698"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Proceedings of the 2013 8th International Conference on Malicious and Unwanted Software: \"The Americas\", MALWARE 2013, 116 - 123","raw_type":"info:eu-repo/semantics/other"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320338370","display_name":"FP7 Information and Communication Technologies","ror":null}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":13,"referenced_works":["https://openalex.org/W1540597671","https://openalex.org/W1561983441","https://openalex.org/W1824436914","https://openalex.org/W1912382034","https://openalex.org/W1976866799","https://openalex.org/W1977415353","https://openalex.org/W2092756033","https://openalex.org/W2119245106","https://openalex.org/W2119425658","https://openalex.org/W2152955531","https://openalex.org/W2161022104","https://openalex.org/W6633578641","https://openalex.org/W6677516953"],"related_works":["https://openalex.org/W2294483539","https://openalex.org/W2378449000","https://openalex.org/W3187581118","https://openalex.org/W2929621094","https://openalex.org/W1996006176","https://openalex.org/W4285325964","https://openalex.org/W2119207053","https://openalex.org/W2062822216","https://openalex.org/W4388937261","https://openalex.org/W3047641002"],"abstract_inverted_index":{"Zeus":[0,17,50,82,101],"is":[1,69],"a":[2,54,76],"family":[3],"of":[4,16,49,64,79,89,91,99],"credential-stealing":[5],"trojans":[6],"which":[7],"originally":[8],"appeared":[9],"in":[10,57,96,102],"2007.":[11],"The":[12],"first":[13],"two":[14],"variants":[15],"are":[18,27],"based":[19],"on":[20],"centralized":[21],"command":[22,25],"servers.":[23],"These":[24],"servers":[26],"now":[28],"routinely":[29],"tracked":[30],"and":[31,98],"blocked":[32],"by":[33],"the":[34,46,86,92],"security":[35],"community.":[36],"In":[37],"an":[38],"apparent":[39],"effort":[40],"to":[41,61,73],"withstand":[42],"these":[43],"routine":[44],"countermeasures,":[45],"second":[47],"version":[48],"was":[51],"forked":[52],"into":[53],"peer-to-peer":[55,67,94,100],"variant":[56,68],"September":[58],"2011.":[59],"Compared":[60],"earlier":[62],"versions":[63],"Zeus,":[65],"this":[66,80],"fundamentally":[70],"more":[71],"difficult":[72],"disable.":[74],"Through":[75],"detailed":[77],"analysis":[78],"new":[81],"variant,":[83],"we":[84],"demonstrate":[85],"high":[87],"resilience":[88],"state":[90],"art":[93],"botnets":[95],"general,":[97],"particular.":[103]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":9},{"year":2022,"cited_by_count":7},{"year":2021,"cited_by_count":5},{"year":2020,"cited_by_count":4},{"year":2019,"cited_by_count":11},{"year":2018,"cited_by_count":13},{"year":2017,"cited_by_count":11},{"year":2016,"cited_by_count":9},{"year":2015,"cited_by_count":18},{"year":2014,"cited_by_count":7}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}