{"id":"https://openalex.org/W2990235422","doi":"https://doi.org/10.3233/faia190053","title":"Clustering Botnet Behavior Using K-Means with Uncertain Data","display_name":"Clustering Botnet Behavior Using K-Means with Uncertain Data","publication_year":2019,"publication_date":"2019-01-01","ids":{"openalex":"https://openalex.org/W2990235422","doi":"https://doi.org/10.3233/faia190053","mag":"2990235422"},"language":"en","primary_location":{"id":"doi:10.3233/faia190053","is_oa":false,"landing_page_url":"https://doi.org/10.3233/faia190053","pdf_url":null,"source":{"id":"https://openalex.org/S4210201731","display_name":"Frontiers in artificial intelligence and applications","issn_l":"0922-6389","issn":["0922-6389","1879-8314"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Frontiers in Artificial Intelligence and Applications","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Ibrahim Wan Nur Hidayah","orcid":null},"institutions":[{"id":"https://openalex.org/I75092371","display_name":"University of Hradec Kr\u00e1lov\u00e9","ror":"https://ror.org/05k238v14","country_code":"CZ","type":"education","lineage":["https://openalex.org/I75092371"]}],"countries":["CZ"],"is_corresponding":true,"raw_author_name":"Ibrahim Wan Nur Hidayah","raw_affiliation_strings":["University of Hradec Kr\u00e1lov\u00e9, Hradec Kr\u00e1lov\u00e9, Czechia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Hradec Kr\u00e1lov\u00e9, Hradec Kr\u00e1lov\u00e9, Czechia","institution_ids":["https://openalex.org/I75092371"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Selamat Ali","orcid":null},"institutions":[{"id":"https://openalex.org/I4210089915","display_name":"Newcastle University Medicine Malaysia","ror":"https://ror.org/009e9eq52","country_code":"MY","type":"education","lineage":["https://openalex.org/I4210089915"]},{"id":"https://openalex.org/I4576418","display_name":"University of Technology Malaysia","ror":"https://ror.org/026w31v75","country_code":"MY","type":"education","lineage":["https://openalex.org/I4576418"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Selamat Ali","raw_affiliation_strings":["University of Technology Malaysia, Johor Bahru, Malaysia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Technology Malaysia, Johor Bahru, Malaysia","institution_ids":["https://openalex.org/I4210089915","https://openalex.org/I4576418"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Anuar Syahid","orcid":null},"institutions":[{"id":"https://openalex.org/I4210089915","display_name":"Newcastle University Medicine Malaysia","ror":"https://ror.org/009e9eq52","country_code":"MY","type":"education","lineage":["https://openalex.org/I4210089915"]},{"id":"https://openalex.org/I4576418","display_name":"University of Technology Malaysia","ror":"https://ror.org/026w31v75","country_code":"MY","type":"education","lineage":["https://openalex.org/I4576418"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Anuar Syahid","raw_affiliation_strings":["University of Technology Malaysia, Johor Bahru, Malaysia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Technology Malaysia, Johor Bahru, Malaysia","institution_ids":["https://openalex.org/I4210089915","https://openalex.org/I4576418"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5045569977","display_name":"Ond\u0159ej Krejcar","orcid":"https://orcid.org/0000-0002-5992-2574"},"institutions":[{"id":"https://openalex.org/I75092371","display_name":"University of Hradec Kr\u00e1lov\u00e9","ror":"https://ror.org/05k238v14","country_code":"CZ","type":"education","lineage":["https://openalex.org/I75092371"]}],"countries":["CZ"],"is_corresponding":false,"raw_author_name":"Krejcar Ondrej","raw_affiliation_strings":["University of Hradec Kr\u00e1lov\u00e9, Hradec Kr\u00e1lov\u00e9, Czechia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Hradec Kr\u00e1lov\u00e9, Hradec Kr\u00e1lov\u00e9, Czechia","institution_ids":["https://openalex.org/I75092371"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I75092371"],"apc_list":null,"apc_paid":null,"fwci":0.4549,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.65065177,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"244","last_page":"257"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9671000242233276,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12761","display_name":"Data Stream Mining Techniques","score":0.96670001745224,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.7928678393363953},{"id":"https://openalex.org/keywords/cluster-analysis","display_name":"Cluster analysis","score":0.7659919261932373},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.4908793568611145},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.38594383001327515},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.2894827127456665},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.08274996280670166},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.04199633002281189}],"concepts":[{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.7928678393363953},{"id":"https://openalex.org/C73555534","wikidata":"https://www.wikidata.org/wiki/Q622825","display_name":"Cluster analysis","level":2,"score":0.7659919261932373},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.4908793568611145},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.38594383001327515},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.2894827127456665},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.08274996280670166},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.04199633002281189}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.3233/faia190053","is_oa":false,"landing_page_url":"https://doi.org/10.3233/faia190053","pdf_url":null,"source":{"id":"https://openalex.org/S4210201731","display_name":"Frontiers in artificial intelligence and applications","issn_l":"0922-6389","issn":["0922-6389","1879-8314"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Frontiers in Artificial Intelligence and Applications","raw_type":"book-chapter"},{"id":"mag:2990235422","is_oa":false,"landing_page_url":"https://dblp.uni-trier.de/db/conf/somet/somet2019.html#IbrahimSAK19","pdf_url":null,"source":{"id":"https://openalex.org/S4306420615","display_name":"New Trends in Software Methodologies, Tools and Techniques","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":"New Trends in Software Methodologies, Tools and Techniques","raw_type":null}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2294483539","https://openalex.org/W2378449000","https://openalex.org/W3187581118","https://openalex.org/W2938399969","https://openalex.org/W2616994865","https://openalex.org/W3143747655","https://openalex.org/W2002178493"],"abstract_inverted_index":{"Botnets":[0],"are":[1,59,160],"the":[2,7,11,42,52,77,129,134,147,162,189,194,204,233],"most":[3],"deadly":[4],"threat":[5],"in":[6,46,55,108,192],"network":[8,18,47,89,132,240],"due":[9],"to":[10,22,105,141,145],"capability":[12],"of":[13,44,80,131,149,156,197,235],"exploiting":[14],"resources":[15,119],"within":[16],"a":[17,153],"as":[19,27,51,76],"an":[20],"army":[21],"launch":[23],"huge":[24,154],"attacks":[25],"such":[26],"Denial-Distributed-of-Service":[28],"(DDOS)":[29],"or":[30,65],"spam":[31],"emails.":[32],"Network":[33],"Intrusion":[34],"Detection":[35],"System":[36],"(NIDS)":[37],"that":[38,58,85,100,186,203],"designed":[39],"based":[40],"on":[41,72],"behavior":[43,151],"botnets":[45,57,150],"traffic":[48,168],"is":[49,99,225],"seen":[50],"promising":[53],"technique":[54,64],"detecting":[56],"hiding":[60,67],"by":[61,127,188],"using":[62,161,179],"encryption":[63],"any":[66],"techniques.":[68],"This":[69],"paper":[70],"proposes":[71],"K-means":[73,180,205],"clustering":[74,193],"algorithm":[75,181,185,206,224],"first":[78],"phase":[79],"botnet's":[81],"behaviour":[82,96],"detection":[83,97,135],"model":[84,98,136],"extracts":[86],"data":[87,237],"from":[88,169,238],"traffic.":[90,158,241],"The":[91,200],"criterion":[92],"highlighted":[93],"for":[94,221],"our":[95,176],"it":[101],"should":[102],"be":[103,139],"able":[104,144],"detect":[106],"botnet":[107,163,198],"encrypted":[109],"packets(hiding":[110],"techniques),":[111],"structure-independent":[112],"(centralized":[113],"and":[114,120,143,166,174,212,227],"peer-to-peer),":[115],"requiring":[116],"minimal":[117,121],"computing":[118],"time":[122],"processing.":[123],"Other":[124],"than":[125],"that,":[126],"representing":[128],"real-time":[130],"traffics,":[133],"also":[137],"must":[138],"resistant":[140],"noise":[142],"identify":[146],"anomaly":[148],"among":[152],"number":[155],"normal":[157,167],"We":[159],"benchmark":[164],"dataset":[165],"Malware":[170],"Capture":[171],"Facility":[172],"Project":[173],"comparing":[175],"proposed":[177,187],"method":[178],"with":[182,232],"Expectation":[183,222],"Maximization":[184,223],"previous":[190],"researcher":[191],"similar":[195],"pattern":[196],"behavior.":[199],"result":[201],"shows":[202],"producing":[207],"much":[208],"higher":[209],"accuracy,":[210],"94%":[211],"lower":[213],"false":[214],"negative":[215],"rate,":[216],"0.1413.":[217],"While,":[218],"average":[219],"accuracy":[220],"88%":[226],"False":[228],"Negative":[229],"Rate,":[230],"0.2245":[231],"insertion":[234],"uncertain":[236],"real":[239]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2022,"cited_by_count":1}],"updated_date":"2026-05-05T08:41:31.759640","created_date":"2019-12-05T00:00:00"}