{"id":"https://openalex.org/W3001902713","doi":"https://doi.org/10.1155/2020/9024726","title":"Hybrid Botnet Detection Based on Host and Network Analysis","display_name":"Hybrid Botnet Detection Based on Host and Network Analysis","publication_year":2020,"publication_date":"2020-01-22","ids":{"openalex":"https://openalex.org/W3001902713","doi":"https://doi.org/10.1155/2020/9024726","mag":"3001902713"},"language":"en","primary_location":{"id":"doi:10.1155/2020/9024726","is_oa":true,"landing_page_url":"https://doi.org/10.1155/2020/9024726","pdf_url":"https://downloads.hindawi.com/journals/jcnc/2020/9024726.pdf","source":{"id":"https://openalex.org/S2764435486","display_name":"Journal of Computer Networks and Communications","issn_l":"2090-7141","issn":["2090-7141","2090-715X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319869","host_organization_name":"Hindawi Publishing Corporation","host_organization_lineage":["https://openalex.org/P4310319869"],"host_organization_lineage_names":["Hindawi Publishing Corporation"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Computer Networks and Communications","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://downloads.hindawi.com/journals/jcnc/2020/9024726.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5091065160","display_name":"Suzan Almutairi","orcid":"https://orcid.org/0000-0002-0275-3685"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Suzan Almutairi","raw_affiliation_strings":["Technical and Vocational Corporation, Riyadh, Saudi Arabia"],"raw_orcid":"https://orcid.org/0000-0002-0275-3685","affiliations":[{"raw_affiliation_string":"Technical and Vocational Corporation, Riyadh, Saudi Arabia","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5004582265","display_name":"Saouc\u00e8ne Mahfoudh","orcid":"https://orcid.org/0000-0002-1904-9803"},"institutions":[{"id":"https://openalex.org/I3132564352","display_name":"Dar Al-Hekma University","ror":"https://ror.org/01g0jya04","country_code":"SA","type":"education","lineage":["https://openalex.org/I3132564352"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Saoucene Mahfoudh","raw_affiliation_strings":["Engineering, Computing and Informatics, Dar Al\u2010Hekma University, Jeddah, Saudi Arabia"],"raw_orcid":"https://orcid.org/0000-0002-1904-9803","affiliations":[{"raw_affiliation_string":"Engineering, Computing and Informatics, Dar Al\u2010Hekma University, Jeddah, Saudi Arabia","institution_ids":["https://openalex.org/I3132564352"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5043720491","display_name":"Sultan Almutairi","orcid":"https://orcid.org/0000-0002-8784-9984"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Sultan Almutairi","raw_affiliation_strings":["Technology Control Company, Riyadh, Saudi Arabia"],"raw_orcid":"https://orcid.org/0000-0002-8784-9984","affiliations":[{"raw_affiliation_string":"Technology Control Company, Riyadh, Saudi Arabia","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5018783541","display_name":"Jalal S. Alowibdi","orcid":"https://orcid.org/0000-0003-4928-4246"},"institutions":[{"id":"https://openalex.org/I4210099699","display_name":"University of Jeddah","ror":"https://ror.org/015ya8798","country_code":"SA","type":"education","lineage":["https://openalex.org/I4210099699"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Jalal S. Alowibdi","raw_affiliation_strings":["Faculty of Computing and Information Technology, University of Jeddah, Jeddah, Saudi Arabia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Faculty of Computing and Information Technology, University of Jeddah, Jeddah, Saudi Arabia","institution_ids":["https://openalex.org/I4210099699"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5091065160"],"corresponding_institution_ids":[],"apc_list":{"value":1400,"currency":"USD","value_usd":1400},"apc_paid":{"value":1400,"currency":"USD","value_usd":1400},"fwci":7.2837,"has_fulltext":true,"cited_by_count":54,"citation_normalized_percentile":{"value":0.97257889,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":"2020","issue":null,"first_page":"1","last_page":"16"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.9956679344177246},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7970843315124512},{"id":"https://openalex.org/keywords/netflow","display_name":"NetFlow","score":0.7823388576507568},{"id":"https://openalex.org/keywords/host","display_name":"Host (biology)","score":0.6998291015625},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5832170248031616},{"id":"https://openalex.org/keywords/spamming","display_name":"Spamming","score":0.554176926612854},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.45426928997039795},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.4511411190032959},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.4171903431415558},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.414359986782074},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.2351725697517395},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.12764781713485718}],"concepts":[{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.9956679344177246},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7970843315124512},{"id":"https://openalex.org/C188067584","wikidata":"https://www.wikidata.org/wiki/Q219363","display_name":"NetFlow","level":2,"score":0.7823388576507568},{"id":"https://openalex.org/C126831891","wikidata":"https://www.wikidata.org/wiki/Q221673","display_name":"Host (biology)","level":2,"score":0.6998291015625},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5832170248031616},{"id":"https://openalex.org/C158955206","wikidata":"https://www.wikidata.org/wiki/Q83058","display_name":"Spamming","level":3,"score":0.554176926612854},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.45426928997039795},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.4511411190032959},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.4171903431415558},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.414359986782074},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.2351725697517395},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.12764781713485718},{"id":"https://openalex.org/C18903297","wikidata":"https://www.wikidata.org/wiki/Q7150","display_name":"Ecology","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1155/2020/9024726","is_oa":true,"landing_page_url":"https://doi.org/10.1155/2020/9024726","pdf_url":"https://downloads.hindawi.com/journals/jcnc/2020/9024726.pdf","source":{"id":"https://openalex.org/S2764435486","display_name":"Journal of Computer Networks and Communications","issn_l":"2090-7141","issn":["2090-7141","2090-715X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319869","host_organization_name":"Hindawi Publishing Corporation","host_organization_lineage":["https://openalex.org/P4310319869"],"host_organization_lineage_names":["Hindawi Publishing Corporation"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Computer Networks and Communications","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:f8fff346f0074210a904c5156997a42f","is_oa":true,"landing_page_url":"https://doaj.org/article/f8fff346f0074210a904c5156997a42f","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Journal of Computer Networks and Communications, Vol 2020 (2020)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1155/2020/9024726","is_oa":true,"landing_page_url":"https://doi.org/10.1155/2020/9024726","pdf_url":"https://downloads.hindawi.com/journals/jcnc/2020/9024726.pdf","source":{"id":"https://openalex.org/S2764435486","display_name":"Journal of Computer Networks and Communications","issn_l":"2090-7141","issn":["2090-7141","2090-715X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319869","host_organization_name":"Hindawi Publishing Corporation","host_organization_lineage":["https://openalex.org/P4310319869"],"host_organization_lineage_names":["Hindawi Publishing Corporation"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Computer Networks and Communications","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.8600000143051147,"display_name":"Life below water","id":"https://metadata.un.org/sdg/14"}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3001902713.pdf","grobid_xml":"https://content.openalex.org/works/W3001902713.grobid-xml"},"referenced_works_count":10,"referenced_works":["https://openalex.org/W148781121","https://openalex.org/W1936523258","https://openalex.org/W1992713826","https://openalex.org/W2026621111","https://openalex.org/W2036014286","https://openalex.org/W2070578874","https://openalex.org/W2122239256","https://openalex.org/W2254364023","https://openalex.org/W2295089206","https://openalex.org/W2527763677"],"related_works":["https://openalex.org/W2124355208","https://openalex.org/W4307740390","https://openalex.org/W2929621094","https://openalex.org/W1996006176","https://openalex.org/W4230824443","https://openalex.org/W2292210693","https://openalex.org/W2184748140","https://openalex.org/W4205869786","https://openalex.org/W2176994834","https://openalex.org/W2110675786"],"abstract_inverted_index":{"Botnet":[0],"is":[1,53,102,131],"one":[2],"of":[3,17,50,59,73,93,154,166,194,200],"the":[4,18,21,51,71,84,140,144,195],"most":[5],"dangerous":[6,38],"cyber-security":[7],"issues.":[8],"The":[9,32,48,112,189],"botnet":[10,35,52,74,113,141,203],"infects":[11],"unprotected":[12],"machines":[13],"and":[14,23,28,46,57,81,109,124,135,158,168,187],"keeps":[15],"track":[16],"communication":[19,114],"with":[20],"command":[22],"control":[24],"server":[25],"to":[26,36,64,133,138],"send":[27],"receive":[29],"malicious":[30],"commands.":[31],"attacker":[33],"uses":[34],"initiate":[37],"attacks":[39],"such":[40],"as":[41],"DDoS,":[42],"fishing,":[43],"data":[44],"stealing,":[45],"spamming.":[47],"size":[49],"usually":[54],"very":[55],"large,":[56],"millions":[58],"infected":[60],"hosts":[61],"may":[62],"belong":[63],"it.":[65],"In":[66],"this":[67],"paper,":[68],"we":[69,87,116],"addressed":[70],"problem":[72],"detection":[75],"based":[76],"on":[77,184],"network\u2019s":[78],"flows":[79],"records":[80,205],"activities":[82],"in":[83,97,104,119,198],"host.":[85],"Thus,":[86],"propose":[88],"a":[89,152,163,169,175],"general":[90],"technique":[91,101,191],"capable":[92],"detecting":[94,202],"new":[95],"botnets":[96],"early":[98],"phase.":[99],"Our":[100,160],"implemented":[103],"both":[105],"sides:":[106],"host":[107],"side":[108],"network":[110],"side.":[111],"traffic":[115],"are":[117],"interested":[118],"includes":[120],"HTTP,":[121],"P2P,":[122],"IRC,":[123],"DNS":[125],"using":[126,151],"IP":[127],"fluxing.":[128],"HANABot":[129],"algorithm":[130],"proposed":[132,190],"preprocess":[134],"extract":[136],"features":[137,186],"distinguish":[139],"behavior":[142],"from":[143],"legitimate":[145],"behavior.":[146],"We":[147],"evaluate":[148],"our":[149],"solution":[150],"collection":[153],"real":[155],"datasets":[156],"(malicious":[157],"legitimate).":[159],"experiment":[161],"shows":[162],"high":[164],"level":[165],"accuracy":[167],"low":[170],"false":[171],"positive":[172],"rate.":[173],"Furthermore,":[174],"comparison":[176],"between":[177],"some":[178,193],"existing":[179],"approaches":[180,197],"was":[181],"given,":[182],"focusing":[183],"specific":[185],"performance.":[188],"outperforms":[192],"presented":[196],"terms":[199],"accurately":[201],"flow":[204],"within":[206],"Netflow":[207],"traces.":[208]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":14},{"year":2022,"cited_by_count":15},{"year":2021,"cited_by_count":12},{"year":2020,"cited_by_count":4}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}