{"id":"https://openalex.org/W2058314598","doi":"https://doi.org/10.1109/tifs.2013.2290197","title":"Building a Scalable System for Stealthy P2P-Botnet Detection","display_name":"Building a Scalable System for Stealthy P2P-Botnet Detection","publication_year":2013,"publication_date":"2013-11-19","ids":{"openalex":"https://openalex.org/W2058314598","doi":"https://doi.org/10.1109/tifs.2013.2290197","mag":"2058314598"},"language":"en","primary_location":{"id":"doi:10.1109/tifs.2013.2290197","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2013.2290197","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://corescholar.libraries.wright.edu/cse/542","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100343070","display_name":"Junjie Zhang","orcid":"https://orcid.org/0000-0003-0061-3790"},"institutions":[{"id":"https://openalex.org/I19648265","display_name":"Wright State University","ror":"https://ror.org/04qk6pt94","country_code":"US","type":"education","lineage":["https://openalex.org/I19648265"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Junjie Zhang","raw_affiliation_strings":["Department of Computer Science and Engineering, Wright State University, Dayton, OH, USA","[Dept. of Comput. Sci. & Eng., Wright State Univ., Dayton, OH, USA]"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Wright State University, Dayton, OH, USA","institution_ids":["https://openalex.org/I19648265"]},{"raw_affiliation_string":"[Dept. of Comput. Sci. & Eng., Wright State Univ., Dayton, OH, USA]","institution_ids":["https://openalex.org/I19648265"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5071832270","display_name":"Roberto Perdisci","orcid":"https://orcid.org/0000-0002-7339-0041"},"institutions":[{"id":"https://openalex.org/I165733156","display_name":"University of Georgia","ror":"https://ror.org/00te3t702","country_code":"US","type":"education","lineage":["https://openalex.org/I165733156"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Roberto Perdisci","raw_affiliation_strings":["Department of Computer Science, University of Georgia, Athens, GA, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Georgia, Athens, GA, USA","institution_ids":["https://openalex.org/I165733156"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5047140382","display_name":"Wenke Lee","orcid":"https://orcid.org/0000-0003-2761-1277"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Wenke Lee","raw_affiliation_strings":["College of Computing, Georgia Institute of Technology, Atlanta, GA, USA","[Coll. of Comput., Georgia Inst. of Technol., Atlanta, GA, USA]"],"affiliations":[{"raw_affiliation_string":"College of Computing, Georgia Institute of Technology, Atlanta, GA, USA","institution_ids":["https://openalex.org/I130701444"]},{"raw_affiliation_string":"[Coll. of Comput., Georgia Inst. of Technol., Atlanta, GA, USA]","institution_ids":["https://openalex.org/I130701444"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100400376","display_name":"Xiapu Luo","orcid":"https://orcid.org/0000-0002-9082-3208"},"institutions":[{"id":"https://openalex.org/I14243506","display_name":"Hong Kong Polytechnic University","ror":"https://ror.org/0030zas98","country_code":"HK","type":"education","lineage":["https://openalex.org/I14243506"]}],"countries":["HK"],"is_corresponding":false,"raw_author_name":"Xiapu Luo","raw_affiliation_strings":["College of Computing, The Hong Kong Polytechnic University, Hong Kong","Coll. of Comput., Hong Kong Polytech. Univ., Hong Kong, China"],"affiliations":[{"raw_affiliation_string":"College of Computing, The Hong Kong Polytechnic University, Hong Kong","institution_ids":["https://openalex.org/I14243506"]},{"raw_affiliation_string":"Coll. of Comput., Hong Kong Polytech. Univ., Hong Kong, China","institution_ids":["https://openalex.org/I14243506"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5001522674","display_name":"Unum Sarfraz","orcid":null},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Unum Sarfraz","raw_affiliation_strings":["College of Computing, Georgia Institute of Technology, Atlanta, GA, USA","[Coll. of Comput., Georgia Inst. of Technol., Atlanta, GA, USA]"],"affiliations":[{"raw_affiliation_string":"College of Computing, Georgia Institute of Technology, Atlanta, GA, USA","institution_ids":["https://openalex.org/I130701444"]},{"raw_affiliation_string":"[Coll. of Comput., Georgia Inst. of Technol., Atlanta, GA, USA]","institution_ids":["https://openalex.org/I130701444"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5100343070"],"corresponding_institution_ids":["https://openalex.org/I19648265"],"apc_list":null,"apc_paid":null,"fwci":10.5558,"has_fulltext":false,"cited_by_count":90,"citation_normalized_percentile":{"value":0.98423818,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":100},"biblio":{"volume":"9","issue":"1","first_page":"27","last_page":"38"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.9847269058227539},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.8696873784065247},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8505809903144836},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5253267288208008},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.5163449048995972},{"id":"https://openalex.org/keywords/peer-to-peer","display_name":"Peer-to-peer","score":0.42002496123313904},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.3503430485725403},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.31321316957473755},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.09967097640037537},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.09137424826622009}],"concepts":[{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.9847269058227539},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.8696873784065247},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8505809903144836},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5253267288208008},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.5163449048995972},{"id":"https://openalex.org/C534932454","wikidata":"https://www.wikidata.org/wiki/Q161410","display_name":"Peer-to-peer","level":2,"score":0.42002496123313904},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.3503430485725403},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.31321316957473755},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.09967097640037537},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.09137424826622009}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1109/tifs.2013.2290197","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2013.2290197","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},{"id":"pmh:oai:corescholar.libraries.wright.edu:cse-1542","is_oa":true,"landing_page_url":"https://corescholar.libraries.wright.edu/cse/542","pdf_url":null,"source":{"id":"https://openalex.org/S2737205702","display_name":"Journal of Bioresource Management","issn_l":"2309-3854","issn":["2309-3854"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4310316536","host_organization_name":"Bioresource Research Center (BRC), Islamabad","host_organization_lineage":["https://openalex.org/P4310316536"],"host_organization_lineage_names":["Bioresource Research Center (BRC), Islamabad"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Computer Science and Engineering Faculty Publications","raw_type":"text"},{"id":"pmh:oai:ira.lib.polyu.edu.hk:10397/8091","is_oa":false,"landing_page_url":"http://hdl.handle.net/10397/8091","pdf_url":null,"source":{"id":"https://openalex.org/S4306400205","display_name":"PolyU Institutional Research Archive (Hong Kong Polytechnic University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I14243506","host_organization_name":"Hong Kong Polytechnic University","host_organization_lineage":["https://openalex.org/I14243506"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Journal/Magazine Article"},{"id":"pmh:oai:works.bepress.com:junjie_zhang-1029","is_oa":true,"landing_page_url":"https://works.bepress.com/junjie_zhang/18","pdf_url":null,"source":{"id":"https://openalex.org/S2737205702","display_name":"Journal of Bioresource Management","issn_l":"2309-3854","issn":["2309-3854"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4310316536","host_organization_name":"Bioresource Research Center (BRC), Islamabad","host_organization_lineage":["https://openalex.org/P4310316536"],"host_organization_lineage_names":["Bioresource Research Center (BRC), Islamabad"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Junjie Zhang","raw_type":"text"}],"best_oa_location":{"id":"pmh:oai:corescholar.libraries.wright.edu:cse-1542","is_oa":true,"landing_page_url":"https://corescholar.libraries.wright.edu/cse/542","pdf_url":null,"source":{"id":"https://openalex.org/S2737205702","display_name":"Journal of Bioresource Management","issn_l":"2309-3854","issn":["2309-3854"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4310316536","host_organization_name":"Bioresource Research Center (BRC), Islamabad","host_organization_lineage":["https://openalex.org/P4310316536"],"host_organization_lineage_names":["Bioresource Research Center (BRC), Islamabad"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Computer Science and Engineering Faculty Publications","raw_type":"text"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":36,"referenced_works":["https://openalex.org/W1549590828","https://openalex.org/W1594972289","https://openalex.org/W1775772884","https://openalex.org/W1922851884","https://openalex.org/W1962340579","https://openalex.org/W1972629404","https://openalex.org/W2002873370","https://openalex.org/W2012095206","https://openalex.org/W2017331368","https://openalex.org/W2041855183","https://openalex.org/W2082456656","https://openalex.org/W2095897464","https://openalex.org/W2099452399","https://openalex.org/W2114590627","https://openalex.org/W2123503408","https://openalex.org/W2124188766","https://openalex.org/W2129066856","https://openalex.org/W2144098589","https://openalex.org/W2148573461","https://openalex.org/W2152955531","https://openalex.org/W2162733677","https://openalex.org/W2169786565","https://openalex.org/W2170214103","https://openalex.org/W2280775762","https://openalex.org/W4231029117","https://openalex.org/W4236506014","https://openalex.org/W4255738146","https://openalex.org/W6632952332","https://openalex.org/W6635614179","https://openalex.org/W6638021444","https://openalex.org/W6640487242","https://openalex.org/W6641353988","https://openalex.org/W6651230344","https://openalex.org/W6670887436","https://openalex.org/W6678511680","https://openalex.org/W6683783481"],"related_works":["https://openalex.org/W2193050358","https://openalex.org/W2119207053","https://openalex.org/W2062822216","https://openalex.org/W1982914007","https://openalex.org/W4388937261","https://openalex.org/W2159583675","https://openalex.org/W1852113167","https://openalex.org/W1493858311","https://openalex.org/W1824242903","https://openalex.org/W2155470929"],"abstract_inverted_index":{"Peer-to-peer":[0],"(P2P)":[1],"botnets":[2,22],"have":[3],"recently":[4],"been":[5],"adopted":[6],"by":[7],"botmasters":[8],"for":[9,49],"their":[10],"resiliency":[11],"against":[12],"take-down":[13],"efforts.":[14],"Besides":[15],"being":[16],"harder":[17],"to":[18,24,90],"take":[19],"down,":[20],"modern":[21],"tend":[23],"be":[25],"stealthier":[26],"in":[27,82],"the":[28,41,131],"way":[29],"they":[30],"perform":[31],"malicious":[32],"activities,":[33],"making":[34],"current":[35],"detection":[36,53,64,125],"approaches":[37],"ineffective.":[38],"In":[39,55],"addition,":[40],"rapidly":[42],"growing":[43],"volume":[44],"of":[45,52,67,116,130],"network":[46],"traffic":[47,93,100],"calls":[48],"high":[50,124],"scalability":[51,112,129],"systems.":[54],"this":[56],"paper,":[57],"we":[58],"propose":[59],"a":[60,113],"novel":[61],"scalable":[62],"botnet":[63,99],"system":[65,73],"capable":[66],"detecting":[68],"stealthy":[69],"P2P":[70,83,92,98,103],"botnets.":[71],"Our":[72],"first":[74],"identifies":[75],"all":[76],"hosts":[77],"that":[78],"are":[79],"likely":[80],"engaged":[81],"communications.":[84],"It":[85],"then":[86],"derives":[87],"statistical":[88],"fingerprints":[89],"profile":[91],"and":[94,101,127],"further":[95],"distinguish":[96],"between":[97],"legitimate":[102],"traffic.":[104],"The":[105],"parallelized":[106],"computation":[107],"with":[108],"bounded":[109],"complexity":[110],"makes":[111],"built-in":[114],"feature":[115],"our":[117],"system.":[118,133],"Extensive":[119],"evaluation":[120],"has":[121],"demonstrated":[122],"both":[123],"accuracy":[126],"great":[128],"proposed":[132]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":3},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":8},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":9},{"year":2019,"cited_by_count":12},{"year":2018,"cited_by_count":15},{"year":2017,"cited_by_count":7},{"year":2016,"cited_by_count":10},{"year":2015,"cited_by_count":10},{"year":2014,"cited_by_count":8}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}