{"id":"https://openalex.org/W2144699258","doi":"https://doi.org/10.1145/1533057.1533064","title":"Towards complete node enumeration in a peer-to-peer botnet","display_name":"Towards complete node enumeration in a peer-to-peer botnet","publication_year":2009,"publication_date":"2009-03-10","ids":{"openalex":"https://openalex.org/W2144699258","doi":"https://doi.org/10.1145/1533057.1533064","mag":"2144699258"},"language":"en","primary_location":{"id":"doi:10.1145/1533057.1533064","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1533057.1533064","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 4th International Symposium on Information, Computer, and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5111984144","display_name":"Brent Byunghoon Kang","orcid":null},"institutions":[{"id":"https://openalex.org/I102149020","display_name":"University of North Carolina at Charlotte","ror":"https://ror.org/04dawnj30","country_code":"US","type":"education","lineage":["https://openalex.org/I102149020"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Brent ByungHoon Kang","raw_affiliation_strings":["University of North Carolina at Charlotte","University of North Carolina at Charlotte*"],"affiliations":[{"raw_affiliation_string":"University of North Carolina at Charlotte","institution_ids":["https://openalex.org/I102149020"]},{"raw_affiliation_string":"University of North Carolina at Charlotte*","institution_ids":["https://openalex.org/I102149020"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5068148122","display_name":"Eric Chan\u2010Tin","orcid":"https://orcid.org/0000-0001-8367-5836"},"institutions":[{"id":"https://openalex.org/I2800403580","display_name":"University of Minnesota System","ror":"https://ror.org/03grvy078","country_code":"US","type":"education","lineage":["https://openalex.org/I2800403580"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Eric Chan-Tin","raw_affiliation_strings":["University of Minnesota"],"affiliations":[{"raw_affiliation_string":"University of Minnesota","institution_ids":["https://openalex.org/I2800403580"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5016486447","display_name":"Christopher P. Lee","orcid":"https://orcid.org/0000-0002-2031-8361"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Christopher P. Lee","raw_affiliation_strings":["Georgia Institute of Technology","[Georgia Institute of Technology.]"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology","institution_ids":["https://openalex.org/I130701444"]},{"raw_affiliation_string":"[Georgia Institute of Technology.]","institution_ids":["https://openalex.org/I130701444"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5056518540","display_name":"James Tyra","orcid":null},"institutions":[{"id":"https://openalex.org/I2800403580","display_name":"University of Minnesota System","ror":"https://ror.org/03grvy078","country_code":"US","type":"education","lineage":["https://openalex.org/I2800403580"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"James Tyra","raw_affiliation_strings":["University of Minnesota"],"affiliations":[{"raw_affiliation_string":"University of Minnesota","institution_ids":["https://openalex.org/I2800403580"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000524388","display_name":"Hun Jeong Kang","orcid":null},"institutions":[{"id":"https://openalex.org/I2800403580","display_name":"University of Minnesota System","ror":"https://ror.org/03grvy078","country_code":"US","type":"education","lineage":["https://openalex.org/I2800403580"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hun Jeong Kang","raw_affiliation_strings":["University of Minnesota"],"affiliations":[{"raw_affiliation_string":"University of Minnesota","institution_ids":["https://openalex.org/I2800403580"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046041427","display_name":"Chris Nunnery","orcid":null},"institutions":[{"id":"https://openalex.org/I102149020","display_name":"University of North Carolina at Charlotte","ror":"https://ror.org/04dawnj30","country_code":"US","type":"education","lineage":["https://openalex.org/I102149020"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Chris Nunnery","raw_affiliation_strings":["University of North Carolina at Charlotte","University of North Carolina at Charlotte*"],"affiliations":[{"raw_affiliation_string":"University of North Carolina at Charlotte","institution_ids":["https://openalex.org/I102149020"]},{"raw_affiliation_string":"University of North Carolina at Charlotte*","institution_ids":["https://openalex.org/I102149020"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5080448648","display_name":"Zachariah Wadler","orcid":null},"institutions":[{"id":"https://openalex.org/I102149020","display_name":"University of North Carolina at Charlotte","ror":"https://ror.org/04dawnj30","country_code":"US","type":"education","lineage":["https://openalex.org/I102149020"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Zachariah Wadler","raw_affiliation_strings":["University of North Carolina at Charlotte","University of North Carolina at Charlotte*"],"affiliations":[{"raw_affiliation_string":"University of North Carolina at Charlotte","institution_ids":["https://openalex.org/I102149020"]},{"raw_affiliation_string":"University of North Carolina at Charlotte*","institution_ids":["https://openalex.org/I102149020"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5078804750","display_name":"Greg Sinclair","orcid":null},"institutions":[{"id":"https://openalex.org/I102149020","display_name":"University of North Carolina at Charlotte","ror":"https://ror.org/04dawnj30","country_code":"US","type":"education","lineage":["https://openalex.org/I102149020"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Greg Sinclair","raw_affiliation_strings":["University of North Carolina at Charlotte","University of North Carolina at Charlotte*"],"affiliations":[{"raw_affiliation_string":"University of North Carolina at Charlotte","institution_ids":["https://openalex.org/I102149020"]},{"raw_affiliation_string":"University of North Carolina at Charlotte*","institution_ids":["https://openalex.org/I102149020"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5051550317","display_name":"Nicholas Hopper","orcid":"https://orcid.org/0000-0003-2536-9587"},"institutions":[{"id":"https://openalex.org/I2800403580","display_name":"University of Minnesota System","ror":"https://ror.org/03grvy078","country_code":"US","type":"education","lineage":["https://openalex.org/I2800403580"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Nicholas Hopper","raw_affiliation_strings":["University of Minnesota"],"affiliations":[{"raw_affiliation_string":"University of Minnesota","institution_ids":["https://openalex.org/I2800403580"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5035849898","display_name":"David Dagon","orcid":null},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"David Dagon","raw_affiliation_strings":["Georgia Institute of Technology","[Georgia Institute of Technology.]"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology","institution_ids":["https://openalex.org/I130701444"]},{"raw_affiliation_string":"[Georgia Institute of Technology.]","institution_ids":["https://openalex.org/I130701444"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5073822030","display_name":"Yongdae Kim","orcid":"https://orcid.org/0000-0003-4879-1262"},"institutions":[{"id":"https://openalex.org/I2800403580","display_name":"University of Minnesota System","ror":"https://ror.org/03grvy078","country_code":"US","type":"education","lineage":["https://openalex.org/I2800403580"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yongdae Kim","raw_affiliation_strings":["University of Minnesota"],"affiliations":[{"raw_affiliation_string":"University of Minnesota","institution_ids":["https://openalex.org/I2800403580"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":11,"corresponding_author_ids":["https://openalex.org/A5111984144"],"corresponding_institution_ids":["https://openalex.org/I102149020"],"apc_list":null,"apc_paid":null,"fwci":7.605,"has_fulltext":false,"cited_by_count":59,"citation_normalized_percentile":{"value":0.97503851,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"23","last_page":"34"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10742","display_name":"Peer-to-Peer Network Technologies","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.9340771436691284},{"id":"https://openalex.org/keywords/firewall","display_name":"Firewall (physics)","score":0.7986716032028198},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7285574674606323},{"id":"https://openalex.org/keywords/enumeration","display_name":"Enumeration","score":0.6082925796508789},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6080552935600281},{"id":"https://openalex.org/keywords/peer-to-peer","display_name":"Peer-to-peer","score":0.5673832893371582},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.550832211971283},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.46956682205200195},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.4593975245952606},{"id":"https://openalex.org/keywords/ip-address","display_name":"Ip address","score":0.42542338371276855},{"id":"https://openalex.org/keywords/bittorrent","display_name":"BitTorrent","score":0.41765856742858887},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.2865299880504608}],"concepts":[{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.9340771436691284},{"id":"https://openalex.org/C77714075","wikidata":"https://www.wikidata.org/wiki/Q5452017","display_name":"Firewall (physics)","level":5,"score":0.7986716032028198},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7285574674606323},{"id":"https://openalex.org/C156340839","wikidata":"https://www.wikidata.org/wiki/Q2704791","display_name":"Enumeration","level":2,"score":0.6082925796508789},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6080552935600281},{"id":"https://openalex.org/C534932454","wikidata":"https://www.wikidata.org/wiki/Q161410","display_name":"Peer-to-peer","level":2,"score":0.5673832893371582},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.550832211971283},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.46956682205200195},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.4593975245952606},{"id":"https://openalex.org/C2985371682","wikidata":"https://www.wikidata.org/wiki/Q11135","display_name":"Ip address","level":2,"score":0.42542338371276855},{"id":"https://openalex.org/C520566109","wikidata":"https://www.wikidata.org/wiki/Q133862","display_name":"BitTorrent","level":3,"score":0.41765856742858887},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2865299880504608},{"id":"https://openalex.org/C124017977","wikidata":"https://www.wikidata.org/wiki/Q11412","display_name":"Gravitation","level":2,"score":0.0},{"id":"https://openalex.org/C114614502","wikidata":"https://www.wikidata.org/wiki/Q76592","display_name":"Combinatorics","level":1,"score":0.0},{"id":"https://openalex.org/C115304011","wikidata":"https://www.wikidata.org/wiki/Q72755","display_name":"Schwarzschild radius","level":3,"score":0.0},{"id":"https://openalex.org/C74650414","wikidata":"https://www.wikidata.org/wiki/Q11397","display_name":"Classical mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C183915046","wikidata":"https://www.wikidata.org/wiki/Q1316152","display_name":"Charged black hole","level":4,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":5,"locations":[{"id":"doi:10.1145/1533057.1533064","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1533057.1533064","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 4th International Symposium on Information, Computer, and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.154.846","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.154.846","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www-users.cs.umn.edu/~hopper/p2pbot_asiaccs09.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.232.3342","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.232.3342","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www-users.cs.umn.edu/%7Ekyd/doc/20100621_3.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.510.6993","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.510.6993","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.isr.uncc.edu/paper/p2pbot_asiaccs09_final.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.564.8009","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.564.8009","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://ropas.snu.ac.kr/seminar/20090114paper.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G7469223578","display_name":null,"funder_award_id":"CNS-0716025DUE-0723808DUE-0830624","funder_id":"https://openalex.org/F4320337388","funder_display_name":"Division of Computer and Network Systems"},{"id":"https://openalex.org/G7781127048","display_name":null,"funder_award_id":"CNS-0716025DUE-0723808DUE-0830624","funder_id":"https://openalex.org/F4320337408","funder_display_name":"Division of Undergraduate Education"}],"funders":[{"id":"https://openalex.org/F4320337388","display_name":"Division of Computer and Network Systems","ror":"https://ror.org/02rdzmk74"},{"id":"https://openalex.org/F4320337408","display_name":"Division of Undergraduate Education","ror":"https://ror.org/02kd4km72"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":19,"referenced_works":["https://openalex.org/W187875600","https://openalex.org/W191098608","https://openalex.org/W834117276","https://openalex.org/W1499648394","https://openalex.org/W1520914943","https://openalex.org/W1583098994","https://openalex.org/W1775772884","https://openalex.org/W1777255155","https://openalex.org/W1962340579","https://openalex.org/W1997096104","https://openalex.org/W2096273775","https://openalex.org/W2102671922","https://openalex.org/W2119245106","https://openalex.org/W2128672542","https://openalex.org/W2150288915","https://openalex.org/W2152955531","https://openalex.org/W2280775762","https://openalex.org/W6607594771","https://openalex.org/W6623419025"],"related_works":["https://openalex.org/W2506521144","https://openalex.org/W2374794717","https://openalex.org/W2915643217","https://openalex.org/W2998538681","https://openalex.org/W2361273211","https://openalex.org/W1968856480","https://openalex.org/W1853908281","https://openalex.org/W2912508499","https://openalex.org/W1642214788","https://openalex.org/W1937926640"],"abstract_inverted_index":{"Modern":[0],"advanced":[1],"botnets":[2],"may":[3],"employ":[4],"a":[5,104,143,172,201,209,243,260],"decentralized":[6],"peer-to-peer":[7,215],"overlay":[8],"network":[9],"to":[10,23,42,66,79,205],"bootstrap":[11],"and":[12,16,47,76,185],"maintain":[13],"their":[14],"command":[15],"control":[17],"channels,":[18],"making":[19],"them":[20],"more":[21,220],"resilient":[22],"traditional":[24],"mitigation":[25],"efforts":[26],"such":[27],"as":[28],"server":[29],"incapacitation.":[30],"As":[31,123,176],"an":[32,177],"alternative":[33],"strategy,":[34],"the":[35,44,49,53,58,84,154,162,182,191,214,227,247,254,268,272],"malware":[36],"defense":[37],"community":[38],"has":[39,88],"been":[40],"trying":[41],"identify":[43,67,93,206],"bot-infected":[45,125],"hosts":[46,95,164,189],"enumerate":[48,161],"IP":[50,118],"addresses":[51,119],"of":[52,120,146,223,246,271],"participating":[54],"nodes":[55,207],"so":[56],"that":[57,219,225,236,253,264],"list":[59],"can":[60,160],"be":[61],"used":[62,106],"by":[63,101,199],"system":[64],"administrators":[65],"local":[68,81],"infections,":[69],"block":[70],"spam":[71],"emails":[72],"sent":[73,115],"from":[74,267],"bots,":[75],"configure":[77],"firewalls":[78,97],"protect":[80],"users.":[82],"Enumerating":[83],"infected":[85,94,121,163,188],"hosts,":[86],"however,":[87],"presented":[89],"challenges.":[90],"One":[91],"cannot":[92],"behind":[96,132,171,208,230],"or":[98,129,134,167,174,232],"NAT":[99,135,233],"devices":[100],"employing":[102],"crawlers,":[103],"commonly":[105],"enumeration":[107,139,238],"technique":[108],"where":[109],"recursive":[110],"get-peerlist":[111],"lookup":[112],"requests":[113],"are":[114,131,170,229],"newly":[116],"discovered":[117],"hosts.":[122],"many":[124],"machines":[126],"in":[127],"homes":[128],"offices":[130],"firewall":[133,173,231],"devices,":[136,234],"these":[137],"crawler-based":[138,237],"methods":[140],"would":[141,240],"miss":[142,241],"large":[144],"portions":[145],"botnet":[147,184,217,248],"infections.":[148],"In":[149],"this":[150],"paper,":[151],"we":[152,180,251,265],"present":[153],"Passive":[155],"P2P":[156],"Monitor":[157],"(PPM),":[158],"which":[159],"regardless":[165],"whether":[166],"not":[168],"they":[169],"NAT.":[175],"empirical":[178,269],"study,":[179],"examined":[181],"Storm":[183,216,273],"enumerated":[186],"its":[187],"using":[190],"PPM.":[192],"We":[193],"also":[194],"improve":[195],"our":[196],"PPM":[197,228],"design":[198],"incorporating":[200],"FireWall":[202],"Checker":[203],"(FWC)":[204],"firewall.":[210],"Our":[211],"experiment":[212],"with":[213],"shows":[218],"than":[221],"40%":[222],"bots":[224],"contact":[226],"implying":[235],"techniques":[239],"out":[242],"significant":[244],"portion":[245],"population.":[249],"Finally,":[250],"show":[252],"PPM's":[255],"coverage":[256,262],"is":[257],"based":[258],"on":[259],"probability-based":[261],"model":[263],"derived":[266],"observation":[270],"botnet.":[274]},"counts_by_year":[{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":4},{"year":2016,"cited_by_count":3},{"year":2015,"cited_by_count":4},{"year":2014,"cited_by_count":5},{"year":2013,"cited_by_count":11},{"year":2012,"cited_by_count":4}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}