{"id":"https://openalex.org/W2167330065","doi":"https://doi.org/10.1186/s13635-014-0015-3","title":"PeerShark: flow-clustering and conversation-generation for malicious peer-to-peer traffic identification","display_name":"PeerShark: flow-clustering and conversation-generation for malicious peer-to-peer traffic identification","publication_year":2014,"publication_date":"2014-10-07","ids":{"openalex":"https://openalex.org/W2167330065","doi":"https://doi.org/10.1186/s13635-014-0015-3","mag":"2167330065"},"language":"en","primary_location":{"id":"doi:10.1186/s13635-014-0015-3","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s13635-014-0015-3","pdf_url":"https://jis-eurasipjournals.springeropen.com/counter/pdf/10.1186/s13635-014-0015-3","source":{"id":"https://openalex.org/S5820498","display_name":"EURASIP Journal on Information Security","issn_l":"1687-4161","issn":["1687-4161","1687-417X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"EURASIP Journal on Information Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://jis-eurasipjournals.springeropen.com/counter/pdf/10.1186/s13635-014-0015-3","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5089824017","display_name":"Pratik Narang","orcid":"https://orcid.org/0000-0003-1865-3512"},"institutions":[{"id":"https://openalex.org/I4210101034","display_name":"Birla Institute of Technology and Science - Hyderabad Campus","ror":"https://ror.org/014ctt859","country_code":"IN","type":"education","lineage":["https://openalex.org/I4210101034","https://openalex.org/I74796645"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Pratik Narang","raw_affiliation_strings":["BITS-Pilani, Hyderabad Campus, Hyderabad, 500078, Telangana, India"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"BITS-Pilani, Hyderabad Campus, Hyderabad, 500078, Telangana, India","institution_ids":["https://openalex.org/I4210101034"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5063245652","display_name":"Chittaranjan Hota","orcid":"https://orcid.org/0000-0002-6031-6408"},"institutions":[{"id":"https://openalex.org/I4210101034","display_name":"Birla Institute of Technology and Science - Hyderabad Campus","ror":"https://ror.org/014ctt859","country_code":"IN","type":"education","lineage":["https://openalex.org/I4210101034","https://openalex.org/I74796645"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Chittaranjan Hota","raw_affiliation_strings":["BITS-Pilani, Hyderabad Campus, Hyderabad, 500078, Telangana, India"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"BITS-Pilani, Hyderabad Campus, Hyderabad, 500078, Telangana, India","institution_ids":["https://openalex.org/I4210101034"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5058117020","display_name":"V. N. Venkatakrishnan","orcid":"https://orcid.org/0000-0002-1690-9185"},"institutions":[{"id":"https://openalex.org/I39422238","display_name":"University of Illinois Chicago","ror":"https://ror.org/02mpq6x41","country_code":"US","type":"education","lineage":["https://openalex.org/I39422238"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"VN Venkatakrishnan","raw_affiliation_strings":["University of Illinois at Chicago, Chicago, 60607, IL, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Illinois at Chicago, Chicago, 60607, IL, USA","institution_ids":["https://openalex.org/I39422238"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":{"value":840,"currency":"EUR","value_usd":1040},"apc_paid":{"value":840,"currency":"EUR","value_usd":1040},"fwci":2.9604,"has_fulltext":true,"cited_by_count":19,"citation_normalized_percentile":{"value":0.92494084,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"2014","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.9747431874275208},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8506516218185425},{"id":"https://openalex.org/keywords/spamming","display_name":"Spamming","score":0.7274750471115112},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6140794157981873},{"id":"https://openalex.org/keywords/deep-packet-inspection","display_name":"Deep packet inspection","score":0.6019932627677917},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.5750203728675842},{"id":"https://openalex.org/keywords/peer-to-peer","display_name":"Peer-to-peer","score":0.5510894060134888},{"id":"https://openalex.org/keywords/identification","display_name":"Identification (biology)","score":0.5356763005256653},{"id":"https://openalex.org/keywords/network-administrator","display_name":"Network administrator","score":0.5327235460281372},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.45963841676712036},{"id":"https://openalex.org/keywords/single-point-of-failure","display_name":"Single point of failure","score":0.4517516493797302},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.4381117820739746},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.2121516764163971},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.13005077838897705}],"concepts":[{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.9747431874275208},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8506516218185425},{"id":"https://openalex.org/C158955206","wikidata":"https://www.wikidata.org/wiki/Q83058","display_name":"Spamming","level":3,"score":0.7274750471115112},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6140794157981873},{"id":"https://openalex.org/C204679922","wikidata":"https://www.wikidata.org/wiki/Q734252","display_name":"Deep packet inspection","level":3,"score":0.6019932627677917},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.5750203728675842},{"id":"https://openalex.org/C534932454","wikidata":"https://www.wikidata.org/wiki/Q161410","display_name":"Peer-to-peer","level":2,"score":0.5510894060134888},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.5356763005256653},{"id":"https://openalex.org/C2779173999","wikidata":"https://www.wikidata.org/wiki/Q680296","display_name":"Network administrator","level":2,"score":0.5327235460281372},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.45963841676712036},{"id":"https://openalex.org/C165136773","wikidata":"https://www.wikidata.org/wiki/Q1363179","display_name":"Single point of failure","level":2,"score":0.4517516493797302},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.4381117820739746},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2121516764163971},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.13005077838897705},{"id":"https://openalex.org/C59822182","wikidata":"https://www.wikidata.org/wiki/Q441","display_name":"Botany","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1186/s13635-014-0015-3","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s13635-014-0015-3","pdf_url":"https://jis-eurasipjournals.springeropen.com/counter/pdf/10.1186/s13635-014-0015-3","source":{"id":"https://openalex.org/S5820498","display_name":"EURASIP Journal on Information Security","issn_l":"1687-4161","issn":["1687-4161","1687-417X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"EURASIP Journal on Information Security","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1186/s13635-014-0015-3","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s13635-014-0015-3","pdf_url":"https://jis-eurasipjournals.springeropen.com/counter/pdf/10.1186/s13635-014-0015-3","source":{"id":"https://openalex.org/S5820498","display_name":"EURASIP Journal on Information Security","issn_l":"1687-4161","issn":["1687-4161","1687-417X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"EURASIP Journal on Information Security","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.4300000071525574}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2167330065.pdf","grobid_xml":"https://content.openalex.org/works/W2167330065.grobid-xml"},"referenced_works_count":37,"referenced_works":["https://openalex.org/W63790640","https://openalex.org/W1492658158","https://openalex.org/W1503941663","https://openalex.org/W1546503963","https://openalex.org/W1585610988","https://openalex.org/W1676351273","https://openalex.org/W1775772884","https://openalex.org/W1976339811","https://openalex.org/W1976866799","https://openalex.org/W1985690171","https://openalex.org/W2041855183","https://openalex.org/W2052340408","https://openalex.org/W2055135015","https://openalex.org/W2058314598","https://openalex.org/W2059001009","https://openalex.org/W2067959371","https://openalex.org/W2095815177","https://openalex.org/W2097101695","https://openalex.org/W2107773629","https://openalex.org/W2110675786","https://openalex.org/W2114590627","https://openalex.org/W2117406486","https://openalex.org/W2122226347","https://openalex.org/W2125121851","https://openalex.org/W2133990480","https://openalex.org/W2136347453","https://openalex.org/W2144098589","https://openalex.org/W2160279333","https://openalex.org/W2170214103","https://openalex.org/W2280775762","https://openalex.org/W2309755354","https://openalex.org/W2551524776","https://openalex.org/W2773534870","https://openalex.org/W2773722012","https://openalex.org/W3144654918","https://openalex.org/W3202272593","https://openalex.org/W4300672471"],"related_works":["https://openalex.org/W2124355208","https://openalex.org/W4307740390","https://openalex.org/W4205698284","https://openalex.org/W2176994834","https://openalex.org/W1481472066","https://openalex.org/W3005900565","https://openalex.org/W4205869786","https://openalex.org/W81326293","https://openalex.org/W2112063328","https://openalex.org/W1550514379"],"abstract_inverted_index":{"The":[0],"distributed":[1],"and":[2,30,50,76,162,169,187,203],"decentralized":[3],"nature":[4],"of":[5,28,92,96,111,160,173,184],"peer-to-peer":[6],"(P2P)":[7],"networks":[8],"has":[9],"offered":[10],"a":[11,69,84,144,151,166],"lucrative":[12],"alternative":[13],"to":[14,16,24,34,71,106,118,150],"bot-masters":[15],"build":[17,190],"botnets.":[18,113,205],"P2P":[19,73,81,112,120,185,201,204,211],"botnets":[20,121],"are":[21,44],"not":[22,148],"prone":[23],"any":[25,93],"single":[26],"point":[27],"failure":[29],"have":[31],"been":[32],"proven":[33],"be":[35],"highly":[36],"resilient":[37],"against":[38],"takedown":[39],"attempts.":[40],"Moreover,":[41],"smarter":[42],"bots":[43,97],"stealthy":[45,109],"in":[46,83,143],"their":[47],"communication":[48,62],"patterns":[49],"elude":[51],"the":[52,90,108,158,171,181],"standard":[53],"discovery":[54],"techniques":[55],"which":[56,146,195],"look":[57],"for":[58],"anomalous":[59],"network":[60,152,182],"or":[61,133],"behavior.":[63],"In":[64],"this":[65],"paper,":[66],"we":[67,116,189],"present":[68],"methodology":[70],"detect":[72,107,119,209],"botnet":[74,212],"traffic":[75,82,213],"differentiate":[77,198],"it":[78],"from":[79,180],"benign":[80,200],"network.":[85],"Our":[86,154],"approach":[87,155],"neither":[88],"assumes":[89],"availability":[91],"\u2018seed\u2019":[94],"information":[95],"nor":[98],"relies":[99],"on":[100],"deep":[101],"packet":[102],"inspection.":[103],"It":[104],"aims":[105],"behavior":[110],"That":[114],"is,":[115],"aim":[117],"when":[122],"they":[123,135],"lie":[124],"dormant":[125],"(to":[126],"evade":[127],"detection":[128,131],"by":[129],"intrusion":[130],"systems)":[132],"while":[134],"perform":[136],"malicious":[137],"activities":[138],"(spamming,":[139],"password":[140],"stealing,":[141],"etc.)":[142],"manner":[145],"is":[147],"observable":[149],"administrator.":[153],"PeerSharkPeerShark":[156,206],"combines":[157],"benefits":[159],"flow-based":[161],"conversation-based":[163],"approaches":[164],"with":[165,214],"two-tier":[167],"architecture,":[168],"addresses":[170],"limitations":[172],"these":[174],"approaches.":[175],"By":[176],"extracting":[177],"statistical":[178],"features":[179],"traces":[183],"applications":[186,202],"botnets,":[188],"supervised":[191],"machine":[192],"learning":[193],"models":[194],"can":[196],"accurately":[197],"between":[199],"could":[207],"also":[208],"unknown":[210],"high":[215],"accuracy.":[216]},"counts_by_year":[{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":5},{"year":2018,"cited_by_count":3},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":3},{"year":2015,"cited_by_count":1},{"year":2014,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}