{"id":"https://openalex.org/W4394691859","doi":"https://doi.org/10.1186/s40537-024-00900-1","title":"B-CAT: a model for detecting botnet attacks using deep attack behavior analysis on network traffic flows","display_name":"B-CAT: a model for detecting botnet attacks using deep attack behavior analysis on network traffic flows","publication_year":2024,"publication_date":"2024-04-10","ids":{"openalex":"https://openalex.org/W4394691859","doi":"https://doi.org/10.1186/s40537-024-00900-1"},"language":"en","primary_location":{"id":"doi:10.1186/s40537-024-00900-1","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s40537-024-00900-1","pdf_url":"https://journalofbigdata.springeropen.com/counter/pdf/10.1186/s40537-024-00900-1","source":{"id":"https://openalex.org/S2737955091","display_name":"Journal Of Big Data","issn_l":"2196-1115","issn":["2196-1115"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Big Data","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://journalofbigdata.springeropen.com/counter/pdf/10.1186/s40537-024-00900-1","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5076285880","display_name":"Muhammad Aidiel Rachman Putra","orcid":"https://orcid.org/0000-0002-2741-6853"},"institutions":[{"id":"https://openalex.org/I166843116","display_name":"Sepuluh Nopember Institute of Technology","ror":"https://ror.org/05kbmmt89","country_code":"ID","type":"education","lineage":["https://openalex.org/I166843116"]}],"countries":["ID"],"is_corresponding":true,"raw_author_name":"Muhammad Aidiel Rachman Putra","raw_affiliation_strings":["Department of Informatics, Institut Teknologi Sepuluh Nopember (ITS), Kampus ITS Keputih Sukolilo, Surabaya, 60111, Indonesia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Informatics, Institut Teknologi Sepuluh Nopember (ITS), Kampus ITS Keputih Sukolilo, Surabaya, 60111, Indonesia","institution_ids":["https://openalex.org/I166843116"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5075903779","display_name":"Tohari Ahmad","orcid":"https://orcid.org/0000-0002-3390-0756"},"institutions":[{"id":"https://openalex.org/I166843116","display_name":"Sepuluh Nopember Institute of Technology","ror":"https://ror.org/05kbmmt89","country_code":"ID","type":"education","lineage":["https://openalex.org/I166843116"]}],"countries":["ID"],"is_corresponding":false,"raw_author_name":"Tohari Ahmad","raw_affiliation_strings":["Department of Informatics, Institut Teknologi Sepuluh Nopember (ITS), Kampus ITS Keputih Sukolilo, Surabaya, 60111, Indonesia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Informatics, Institut Teknologi Sepuluh Nopember (ITS), Kampus ITS Keputih Sukolilo, Surabaya, 60111, Indonesia","institution_ids":["https://openalex.org/I166843116"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5030925726","display_name":"Dandy Pramana Hostiadi","orcid":"https://orcid.org/0000-0003-0096-8049"},"institutions":[{"id":"https://openalex.org/I4210165687","display_name":"Universitas Teknologi Indonesia","ror":"https://ror.org/04eqd3f31","country_code":"ID","type":"education","lineage":["https://openalex.org/I4210165687"]},{"id":"https://openalex.org/I4388891760","display_name":"Institut Teknologi Dan Bisnis STIKOM Bali","ror":"https://ror.org/01wn4rj56","country_code":null,"type":"education","lineage":["https://openalex.org/I4388891760"]}],"countries":["ID"],"is_corresponding":false,"raw_author_name":"Dandy Pramana Hostiadi","raw_affiliation_strings":["Department of Magister Information Systems, Institut Teknologi Dan Bisnis STIKOM Bali, Bali, Indonesia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Magister Information Systems, Institut Teknologi Dan Bisnis STIKOM Bali, Bali, Indonesia","institution_ids":["https://openalex.org/I4210165687","https://openalex.org/I4388891760"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5076285880"],"corresponding_institution_ids":["https://openalex.org/I166843116"],"apc_list":{"value":1060,"currency":"GBP","value_usd":1300},"apc_paid":{"value":1060,"currency":"GBP","value_usd":1300},"fwci":4.1705,"has_fulltext":true,"cited_by_count":13,"citation_normalized_percentile":{"value":0.94394877,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":"11","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.9046024084091187},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7605243921279907},{"id":"https://openalex.org/keywords/computational-science-and-engineering","display_name":"Computational Science and Engineering","score":0.6993707418441772},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5490139722824097},{"id":"https://openalex.org/keywords/traffic-analysis","display_name":"Traffic analysis","score":0.4569452702999115},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.3354429006576538},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.16070684790611267},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.155960351228714},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.08881795406341553}],"concepts":[{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.9046024084091187},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7605243921279907},{"id":"https://openalex.org/C68597687","wikidata":"https://www.wikidata.org/wiki/Q362601","display_name":"Computational Science and Engineering","level":2,"score":0.6993707418441772},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5490139722824097},{"id":"https://openalex.org/C2781317605","wikidata":"https://www.wikidata.org/wiki/Q7832483","display_name":"Traffic analysis","level":2,"score":0.4569452702999115},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3354429006576538},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.16070684790611267},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.155960351228714},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.08881795406341553}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1186/s40537-024-00900-1","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s40537-024-00900-1","pdf_url":"https://journalofbigdata.springeropen.com/counter/pdf/10.1186/s40537-024-00900-1","source":{"id":"https://openalex.org/S2737955091","display_name":"Journal Of Big Data","issn_l":"2196-1115","issn":["2196-1115"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Big Data","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:c4cbe7e46a994c87a469c49ad21c2048","is_oa":true,"landing_page_url":"https://doaj.org/article/c4cbe7e46a994c87a469c49ad21c2048","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Journal of Big Data, Vol 11, Iss 1, Pp 1-23 (2024)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1186/s40537-024-00900-1","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s40537-024-00900-1","pdf_url":"https://journalofbigdata.springeropen.com/counter/pdf/10.1186/s40537-024-00900-1","source":{"id":"https://openalex.org/S2737955091","display_name":"Journal Of Big Data","issn_l":"2196-1115","issn":["2196-1115"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Big Data","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.4399999976158142,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320327937","display_name":"Institut Teknologi Sepuluh Nopember","ror":"https://ror.org/05kbmmt89"}],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4394691859.pdf"},"referenced_works_count":41,"referenced_works":["https://openalex.org/W1529004212","https://openalex.org/W1675560586","https://openalex.org/W1998851664","https://openalex.org/W2046316403","https://openalex.org/W2077488147","https://openalex.org/W2118874001","https://openalex.org/W2123976890","https://openalex.org/W2164348526","https://openalex.org/W2168248885","https://openalex.org/W2306528090","https://openalex.org/W2536601910","https://openalex.org/W2604385419","https://openalex.org/W2613920221","https://openalex.org/W2734933926","https://openalex.org/W2795067647","https://openalex.org/W2803167497","https://openalex.org/W2891182902","https://openalex.org/W2899670782","https://openalex.org/W2941828467","https://openalex.org/W2950399464","https://openalex.org/W2965181964","https://openalex.org/W2973442392","https://openalex.org/W3003301664","https://openalex.org/W3003492673","https://openalex.org/W3003591012","https://openalex.org/W3021588303","https://openalex.org/W3023858164","https://openalex.org/W3035907965","https://openalex.org/W3044183625","https://openalex.org/W3048668222","https://openalex.org/W3115389209","https://openalex.org/W3155978035","https://openalex.org/W3198463309","https://openalex.org/W3212929491","https://openalex.org/W4206177813","https://openalex.org/W4214921682","https://openalex.org/W4224301650","https://openalex.org/W4225002643","https://openalex.org/W4283395623","https://openalex.org/W4296982334","https://openalex.org/W4376626707"],"related_works":["https://openalex.org/W3159690896","https://openalex.org/W2945572725","https://openalex.org/W1989286518","https://openalex.org/W4230824443","https://openalex.org/W2921012173","https://openalex.org/W2758517546","https://openalex.org/W3134680667","https://openalex.org/W2804396347","https://openalex.org/W2185943007","https://openalex.org/W2225089553"],"abstract_inverted_index":{"Abstract":[0],"Threats":[1],"on":[2,94,162,255],"computer":[3,33,95],"networks":[4],"have":[5,61,86,107,263],"been":[6,129,264],"increasing":[7],"rapidly,":[8],"and":[9,47,65,77,81,122,180,200,209,232,242,247],"irresponsible":[10],"parties":[11],"are":[12,40],"always":[13],"trying":[14],"to":[15,21,28,109,195,205,216,245],"exploit":[16,29],"vulnerabilities":[17,30],"in":[18,31,50,221,258],"the":[19,55,73,100,111,138,149,152,201,218,249,267],"network":[20,34,156,259],"do":[22],"various":[23],"dangerous":[24],"things.":[25],"One":[26],"way":[27],"a":[32,41,168,197],"is":[35,75,193,203],"by":[36],"employing":[37],"malware.":[38],"Botnets":[39,52],"type":[42],"of":[43,57,102,113,151,187,236,251],"malware":[44],"that":[45,72,132,171],"infects":[46],"attacks":[48,60,253],"targets":[49],"groups.":[51],"develop":[53],"quickly;":[54],"characteristics":[56,112,150,175,224,250],"initially":[58],"sporadic":[59],"grown":[62],"into":[63],"periodic":[64],"simultaneous.":[66],"This":[67],"rapid":[68],"development":[69],"has":[70,128],"proved":[71],"botnet":[74,91,103,142,153,174,207,252],"advanced":[76],"requires":[78,144],"more":[79],"attention":[80],"proper":[82],"handling.":[83],"Many":[84],"studies":[85,106],"introduced":[87],"detection":[88,169],"models":[89],"for":[90,266],"attack":[92,117,210,223],"activity":[93,208],"networks.":[96],"Apart":[97],"from":[98],"detecting":[99],"presence":[101],"attacks,":[104],"those":[105,135],"attempted":[108],"explore":[110],"botnets,":[114],"such":[115],"as":[116],"intensity,":[118],"relationships":[119],"between":[120],"activities,":[121],"time":[123],"segment":[124],"analysis.":[125,182,227],"However,":[126],"there":[127],"no":[130],"research":[131,166],"explicitly":[133,254],"detects":[134],"characteristics.":[136,211],"On":[137],"other":[139],"hand,":[140],"each":[141],"characteristic":[143],"different":[145,271],"handling,":[146],"while":[147],"recognizing":[148,222],"can":[154,172],"help":[155],"administrators":[157],"make":[158],"appropriate":[159],"decisions.":[160],"Based":[161],"these":[163],"reasons,":[164],"this":[165],"builds":[167],"model":[170,219],"recognize":[173,248],"using":[176,269],"sequential":[177,237],"traffic":[178,238],"mining":[179],"similarity":[181,226,240],"The":[183,191,228],"proposed":[184],"method":[185],"consists":[186],"two":[188],"main":[189],"processes.":[190],"first":[192],"training":[194],"build":[196],"knowledge":[198],"base,":[199],"second":[202],"testing":[204],"detect":[206,246],"It":[212],"involves":[213],"dynamic":[214,243],"thresholds":[215],"improve":[217],"sensitivity":[220],"through":[225],"novelty":[229],"includes":[230],"developing":[231],"combining":[233],"analytical":[234],"techniques":[235],"mining,":[239],"analysis,":[241],"threshold":[244],"actual":[256],"behavior":[257],"traffic.":[260],"Extensive":[261],"experiments":[262],"conducted":[265],"evaluation":[268],"three":[270],"datasets":[272],"whose":[273],"results":[274],"show":[275],"better":[276],"performance":[277],"than":[278],"others.":[279]},"counts_by_year":[{"year":2025,"cited_by_count":10},{"year":2024,"cited_by_count":3}],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-10-10T00:00:00"}