Botnet detection techniques: review, future trends, and issues

In recent years, the Internet has enabled access to widespread remote services in the distributed computing environment; however, integrity of data transmission in the distributed computing platform is hindered by a number of security issues. For instance, the botnet phenomenon is a prominent threat to Internet security, including the threat of malicious codes. The botnet phenomenon supports a wide range of criminal activities, including distributed denial of service (DDoS) attacks, click fraud, phishing, malware distribution, spam emails, and building machines for illegitimate exchange of information/materials. Therefore, it is imperative to design and develop a robust mechanism for improving the botnet detection, analysis, and removal process. Currently, botnet detection techniques have been reviewed in different ways; however, such studies are limited in scope and lack discussions on the latest botnet detection techniques. This paper presents a comprehensive review of the latest state-of-the-art techniques for botnet detection and figures out the trends of previous and current research. It provides a thematic taxonomy for the classification of botnet detection techniques and highlights the implications and critical aspects by qualitatively analyzing such techniques. Related to our comprehensive review, we highlight future directions for improving the schemes that broadly span the entire botnet detection research field and identify the persistent and prominent research challenges that remain open.

[1]  Raj K. Puri Bots & Botnet: An Overview , 2003 .

[2]  Michele C. Weigle,et al.  Tmix: a tool for generating realistic TCP application workloads in ns-2 , 2006, CCRV.

[3]  Ricardo J. Rodríguez,et al.  Detection of Intrusions and Malware, and Vulnerability Assessment , 2016, Lecture Notes in Computer Science.

[4]  Marc Dacier,et al.  A strategic analysis of spam botnets operations , 2011, CEAS '11.

[5]  Michalis Faloutsos,et al.  BLINC: multilevel traffic classification in the dark , 2005, SIGCOMM '05.

[6]  Hossein Rouhani Zeidanloo,et al.  Botnet Command and Control Mechanisms , 2009, 2009 Second International Conference on Computer and Electrical Engineering.

[7]  Yixian Yang,et al.  An Evaluation Model of Botnet Based on Peer to Peer , 2012, 2012 Fourth International Conference on Computational Intelligence and Communication Networks.

[8]  Bo Liu,et al.  Detecting Parasite P2P Botnet in eMule-like Networks through Quasi-periodicity Recognition , 2011, ICISC.

[9]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[10]  Vinod Yegneswaran,et al.  Active Botnet Probing to Identify Obscure Command and Control Channels , 2009, 2009 Annual Computer Security Applications Conference.

[11]  Wenke Lee,et al.  Modeling Botnet Propagation Using Time Zones , 2006, NDSS.

[12]  Pang-Ning Tan,et al.  Detecting bots via incremental LS-SVM learning with dynamic feature adaptation , 2011, KDD.

[13]  Andreas Terzis,et al.  A multifaceted approach to understanding the botnet phenomenon , 2006, IMC '06.

[14]  Paul V. Mockapetris,et al.  Domain names: Concepts and facilities , 1983, RFC.

[15]  Vincent H. Berk,et al.  NETWORK CHARACTERIZATION FOR BOTNET DETECTION USING STATISTICAL-BEHAVIORAL METHODS , 2009 .

[16]  Ge Yu,et al.  Online Botnet Detection by Continuous Similarity Monitoring , 2009, 2009 International Symposium on Information Engineering and Electronic Commerce.

[17]  Qiang Ma,et al.  Detecting infection onset with behavior-based policies , 2011, 2011 5th International Conference on Network and System Security.

[18]  Mary K. Vernon,et al.  Mapping Internet Sensors with Probe Response Attacks , 2005, USENIX Security Symposium.

[19]  Michalis Faloutsos,et al.  File-sharing in the Internet: A characterization of P2P traffic in the backbone , 2003 .

[20]  Hahn-Ming Lee,et al.  Fast-flux service network detection based on spatial snapshot mechanism for delay-free detection , 2010, ASIACCS '10.

[21]  Amin Vahdat,et al.  Swing: Realistic and Responsive Network Traffic Generation , 2009, IEEE/ACM Transactions on Networking.

[22]  Carey L. Williamson,et al.  Identifying and discriminating between web and peer-to-peer traffic in the network core , 2007, WWW '07.

[23]  Van-Hau Pham,et al.  Honeypot trace forensics: The observation viewpoint matters , 2011, Future Gener. Comput. Syst..

[24]  Fang Binxing,et al.  Andbot: towards advanced mobile botnets , 2011 .

[25]  Suresh Singh,et al.  An Algorithm for Anomaly-based Botnet Detection , 2006, SRUTI.

[26]  Vinod Yegneswaran,et al.  BotHunter: Detecting Malware Infection Through IDS-Driven Dialog Correlation , 2007, USENIX Security Symposium.

[27]  Jing Tao,et al.  Cloud-based push-styled mobile botnets: a case study of exploiting the cloud to device messaging service , 2012, ACSAC '12.

[28]  Susan M. Drake A Novel Approach. , 1996 .

[29]  Wen-Hwa Liao,et al.  Peer to Peer Botnet Detection Using Data Mining Scheme , 2010, 2010 International Conference on Internet Technology and Applications.

[30]  Yan Chen,et al.  Botnet Research Survey , 2008, 2008 32nd Annual IEEE International Computer Software and Applications Conference.

[31]  A. F. Adams,et al.  The Survey , 2021, Dyslexia in Higher Education.

[32]  Ali A. Ghorbani,et al.  BotCop: An Online Botnet Traffic Classifier , 2009, 2009 Seventh Annual Communication Networks and Services Research Conference.

[33]  Wang Jinsong,et al.  The Detection of IRC Botnet Based on Abnormal Behavior , 2010, 2010 Second International Conference on Multimedia and Information Technology.

[34]  Zhaoxin Zhang,et al.  A Novel Approach to Detect IRC-Based Botnets , 2009, 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing.

[35]  Nick Feamster,et al.  Boosting the scalability of botnet detection using adaptive traffic sampling , 2011, ASIACCS '11.

[36]  Yan Zhang,et al.  The Design and Implementation of Host-Based Intrusion Detection System , 2010, 2010 Third International Symposium on Intelligent Information Technology and Security Informatics.

[37]  Michael K. Reiter,et al.  Are Your Hosts Trading or Plotting? Telling P2P File-Sharing and Bots Apart , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems.

[38]  Ali A. Ghorbani,et al.  Botnets Detection Based on IRC-Community , 2008, IEEE GLOBECOM 2008 - 2008 IEEE Global Telecommunications Conference.

[39]  W. Timothy Strayer,et al.  Botnet Detection Based on Network Behavior , 2008, Botnet Detection.

[40]  Márk Jelasity,et al.  Modeling Network-Level Impacts of P2P Flows , 2011, 2011 19th International Euromicro Conference on Parallel, Distributed and Network-Based Processing.

[41]  Craig E. Wills,et al.  Inferring relative popularity of internet applications by actively querying DNS caches , 2003, IMC '03.

[42]  K. Kuppusamy,et al.  System and methodology for unknown Malware attack , 2011 .

[43]  Christopher Olston,et al.  Search result diversity for informational queries , 2011, WWW.

[44]  Jin Cao,et al.  Identifying suspicious activities through DNS failure graph analysis , 2010, The 18th IEEE International Conference on Network Protocols.

[45]  Sureswaran Ramadass,et al.  Architecture for Applying Data Mining and Visualization on Network Flow for Botnet Traffic Detection , 2009, 2009 International Conference on Computer Technology and Development.

[46]  Nasir D. Memon,et al.  Friends of an enemy: identifying local members of peer-to-peer botnets using mutual contacts , 2010, ACSAC '10.

[47]  Kouichi Sakurai,et al.  Bot Detection Based on Traffic Analysis , 2007, The 2007 International Conference on Intelligent Pervasive Computing (IPC 2007).

[48]  Peter Druschel,et al.  Peer-to-peer systems , 2010, Commun. ACM.

[49]  Jiankun Hu,et al.  A Semantic Approach to Host-Based Intrusion Detection Systems Using Contiguousand Discontiguous System Call Patterns , 2014, IEEE Transactions on Computers.

[50]  Ram Dantu,et al.  Behavior analysis of spam botnets , 2008, 2008 3rd International Conference on Communication Systems Software and Middleware and Workshops (COMSWARE '08).

[51]  Matthew Smith,et al.  Evaluating the threat of epidemic mobile malware , 2012, 2012 IEEE 8th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[52]  Yongdae Kim,et al.  Towards complete node enumeration in a peer-to-peer botnet , 2009, ASIACCS '09.

[53]  Feng Liu,et al.  Modeling Connections Behavior for Web-Based Bots Detection , 2010, 2010 2nd International Conference on E-business and Information System Security.

[54]  Kang G. Shin,et al.  Measuring the effectiveness of infrastructure-level detection of large-scale botnets , 2011, 2011 IEEE Nineteenth IEEE International Workshop on Quality of Service.

[55]  Felix C. Freiling,et al.  Measurements and Mitigation of Peer-to-Peer-based Botnets: A Case Study on Storm Worm , 2008, LEET.

[56]  Victor A. Skormin,et al.  Non-Stationary Markov Models and Anomaly Propagation Analysis in IDS , 2007 .

[57]  R. Villamarin-Salomon,et al.  Identifying Botnets Using Anomaly Detection Techniques Applied to DNS Traffic , 2008, 2008 5th IEEE Consumer Communications and Networking Conference.

[58]  Etienne Stalmans,et al.  A framework for DNS based detection and mitigation of malware infections on a network , 2011, 2011 Information Security for South Africa.

[59]  A. N. Zincir-Heywood,et al.  Intrusion Detection Systems , 2008 .

[60]  Ting Li,et al.  Botnet Detection Based on Analysis of Mail Flow , 2009, 2009 2nd International Conference on Biomedical Engineering and Informatics.

[61]  Nick Feamster,et al.  Revealing Botnet Membership Using DNSBL Counter-Intelligence , 2006, SRUTI.

[62]  Gail-Joon Ahn,et al.  Towards Practical Framework for Collecting and Analyzing Network-Centric Attacks , 2007, 2007 IEEE International Conference on Information Reuse and Integration.

[63]  Farnam Jahanian,et al.  The Zombie Roundup: Understanding, Detecting, and Disrupting Botnets , 2005, SRUTI.

[64]  Kenneth Geers,et al.  The Virtual Battlefield: Perspectives on Cyber Warfare , 2009 .

[65]  Heejo Lee,et al.  BotGAD: detecting botnets by capturing group activities in network traffic , 2009, COMSWARE '09.

[66]  Nicolas Ianelli,et al.  Botnets as a Vehicle for Online Crime , 2007 .

[67]  Guofei Gu,et al.  BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection , 2008, USENIX Security Symposium.

[68]  Christopher Krügel,et al.  PeerPress: utilizing enemies' P2P strength against them , 2012, CCS.

[69]  Xiapu Luo,et al.  Detecting stealthy P2P botnets using statistical traffic fingerprints , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN).

[70]  Arvind Krishnamurthy,et al.  Studying Spamming Botnets Using Botlab , 2009, NSDI.

[71]  Nick Feamster,et al.  Understanding the network-level behavior of spammers , 2006, SIGCOMM.

[72]  Prateek Mittal,et al.  BotGrep: Finding P2P Bots with Structured Graph Analysis , 2010, USENIX Security Symposium.

[73]  Vern Paxson,et al.  Automating analysis of large-scale botnet probing events , 2009, ASIACCS '09.

[74]  Sureswaran Ramadass,et al.  A Survey of Botnet and Botnet Detection , 2009, 2009 Third International Conference on Emerging Security Information, Systems and Technologies.

[75]  Jean-Pierre Seifert,et al.  Rise of the iBots: Owning a telco network , 2010, 2010 5th International Conference on Malicious and Unwanted Software.

[76]  Hui Liu,et al.  On effective sampling techniques for host-based intrusion detection in MANET , 2012, MILCOM 2012 - 2012 IEEE Military Communications Conference.

[77]  Ryan Cunningham,et al.  Honeypot-Aware Advanced Botnet Construction and Maintenance , 2006, International Conference on Dependable Systems and Networks (DSN'06).

[78]  Thorsten Holz,et al.  Rishi: Identify Bot Contaminated Hosts by IRC Nickname Evaluation , 2007, HotBots.

[79]  Kevin W. Hamlen,et al.  Flow-based identification of botnet traffic by mining multiple log files , 2008, 2008 First International Conference on Distributed Framework and Applications.

[80]  R. Kashyap,et al.  The New Era of Botnets , 2012 .

[81]  John A. Copeland,et al.  Framework for botnet emulation and analysis , 2009 .

[82]  Heejo Lee,et al.  Botnet Detection by Monitoring Group Activities in DNS Traffic , 2007, 7th IEEE International Conference on Computer and Information Technology (CIT 2007).

[83]  R. Vaarandi Detecting anomalous network traffic in organizational private networks , 2013, 2013 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA).

[84]  Dan Liu,et al.  A P2P-Botnet detection model and algorithms based on network streams analysis , 2010, 2010 International Conference on Future Information Technology and Management Engineering.

[85]  Brent Byunghoon Kang,et al.  Peer-to-Peer Botnets: Overview and Case Study , 2007, HotBots.

[86]  Guofei Gu,et al.  A Taxonomy of Botnet Structures , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).

[87]  John C. Mitchell,et al.  Characterizing Bots' Remote Control Behavior , 2007, DIMVA.

[88]  Dr. Vilas M. Thakare,et al.  Efficient Generalized Forensics Framework for extraction and documentation of evidence from mobile devices , 2013 .

[89]  W. Timothy Strayer,et al.  Detecting Botnets with Tight Command and Control , 2006, Proceedings. 2006 31st IEEE Conference on Local Computer Networks.

[90]  Jose Nazario,et al.  Politically Motivated Denial of Service Attacks , 2009 .

[91]  Balachander Krishnamurthy,et al.  Characterizing large DNS traces using graphs , 2001, IMW '01.

[92]  Wenke Lee,et al.  Detecting Malicious Flux Service Networks through Passive Analysis of Recursive DNS Traces , 2009, 2009 Annual Computer Security Applications Conference.

[93]  Rui Sousa,et al.  Analyzing the behavior of top spam botnets , 2012, 2012 IEEE International Conference on Communications (ICC).

[94]  Elisa Bertino,et al.  Computer Security — ESORICS 96 , 1996, Lecture Notes in Computer Science.

[95]  Andreas Haeberlen,et al.  Challenges in Experimenting with Botnet Detection Systems , 2011, CSET.

[96]  Ching-Nung Yang,et al.  Advances in Intelligent Systems and Applications - Volume 2 , 2013 .

[97]  William H. Sanders,et al.  Modeling Peer-to-Peer Botnets , 2008, 2008 Fifth International Conference on Quantitative Evaluation of Systems.

[98]  Zhuoqing Morley Mao,et al.  Characterizing Dark DNS Behavior , 2007, DIMVA.

[99]  P. Marko,et al.  Efficient detection of malicious nodes based on DNS and statistical methods , 2012, 2012 IEEE 10th International Symposium on Applied Machine Intelligence and Informatics (SAMI).

[100]  Su Chang,et al.  P2P botnet detection using behavior clustering & statistical tests , 2009, AISec '09.

[101]  Helen J. Wang,et al.  Characterizing Botnets from Email Spam Records , 2008, LEET.

[102]  Vinod Yegneswaran,et al.  An Inside Look at Botnets , 2007, Malware Detection.

[103]  Daniel A. Keim,et al.  On Knowledge Discovery and Data Mining , 1997 .

[104]  Leyla Bilge,et al.  Automatically Generating Models for Botnet Detection , 2009, ESORICS.

[105]  Carl K. Chang,et al.  Computer software and applications , 2010, J. Syst. Softw..

[106]  Jugal K. Kalita,et al.  Network Anomaly Detection: Methods, Systems and Tools , 2014, IEEE Communications Surveys & Tutorials.

[107]  Tushar Ranka Taxonomy of Botnet Threats , 2006 .

[108]  Hossein Rouhani Zeidanloo,et al.  A taxonomy of Botnet detection techniques , 2010, 2010 3rd International Conference on Computer Science and Information Technology.

[109]  Ali A. Ghorbani,et al.  Automatic discovery of botnet communities on large-scale communication networks , 2009, ASIACCS '09.

[110]  N. S. Raghava,et al.  Classification of Botnet Detection Based on Botnet Architechture , 2012, 2012 International Conference on Communication Systems and Network Technologies.

[111]  Shouhuai Xu,et al.  A First Step towards Characterizing Stealthy Botnets , 2009, 2009 International Conference on Availability, Reliability and Security.

[112]  Zhitang Li,et al.  A New Method of P2P Traffic Identification Based on Support Vector Machine at the Host Level , 2009, 2009 International Conference on Information Technology and Computer Science.

[113]  John McHugh,et al.  Sybil attacks as a mitigation strategy against the Storm botnet , 2008, 2008 3rd International Conference on Malicious and Unwanted Software (MALWARE).

[114]  George Kesidis,et al.  Worm virulence estimation for the containment of local worm outbreak , 2010, Comput. Secur..

[115]  Bin Liu,et al.  P2P traffic identification by TCP flow analysis , 2006, 2006 International Workshop on Networking, Architecture, and Storages (IWNAS'06).

[116]  Radu State,et al.  BotTrack: Tracking Botnets Using NetFlow and PageRank , 2011, Networking.

[117]  Guanhua Yan,et al.  On the effectiveness of structural detection and defense against P2P-based botnets , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[118]  Gabriel Maciá-Fernández,et al.  Survey and taxonomy of botnet research through life-cycle , 2013, CSUR.

[119]  Qifa Ke,et al.  SBotMiner: large scale search bot detection , 2010, WSDM '10.

[120]  Serge Gutwirth,et al.  Computers, Privacy and Data Protection: an Element of Choice , 2011 .

[121]  Jian Kang,et al.  Application Entropy Theory to Detect New Peer-to-Peer Botnet with Multi-chart CUSUM , 2009, 2009 Second International Symposium on Electronic Commerce and Security.

[122]  Alexander G. Tartakovsky,et al.  Efficient Computer Network Anomaly Detection by Changepoint Detection Methods , 2012, IEEE Journal of Selected Topics in Signal Processing.

[123]  C. Peota Novel approach. , 2011, Minnesota medicine.

[124]  Yao Zhao,et al.  BotGraph: Large Scale Spamming Botnet Detection , 2009, NSDI.

[125]  Ronaldo M. Salles,et al.  Botnets: A survey , 2013, Comput. Networks.

[126]  Ping Wang,et al.  An Advanced Hybrid Peer-to-Peer Botnet , 2007, IEEE Transactions on Dependable and Secure Computing.

[127]  Martijn Warnier,et al.  Privacy Regulations for Cloud Computing: Compliance and Implementation in Theory and Practice , 2011, Computers, Privacy and Data Protection.

[128]  Christophe Kalt Internet Relay Chat: Architecture , 2000, RFC.

[129]  Carey L. Williamson,et al.  A Longitudinal Study of P2P Traffic Classification , 2006, 14th IEEE International Symposium on Modeling, Analysis, and Simulation.

[130]  Yang Xiao,et al.  Botnet: Classification, Attacks, Detection, Tracing, and Preventive Measures , 2009, EURASIP J. Wirel. Commun. Netw..

[131]  Pavel Laskov,et al.  Detection of Intrusions and Malware, and Vulnerability Assessment: 19th International Conference, DIMVA 2022, Cagliari, Italy, June 29 –July 1, 2022, Proceedings , 2022, International Conference on Detection of intrusions and malware, and vulnerability assessment.

[132]  Ali A. Ghorbani,et al.  A statistical approach to botnet virulence estimation , 2011, ASIACCS '11.

[133]  Chao Lan,et al.  Anomaly Detection , 2018, Encyclopedia of GIS.

[134]  Hideki Koike,et al.  Integrated visualization system for monitoring security in large-scale local area network , 2007, 2007 6th International Asia-Pacific Symposium on Visualization.

[135]  Wanlei Zhou,et al.  Network and system security , 2009, J. Netw. Comput. Appl..

[136]  Kamol Kaemarungsi,et al.  Botnet Statistical Analysis Tool for Limited Resource Computer Emergency Response Team , 2009, 2009 Fifth International Conference on IT Security Incident Management and IT Forensics.

[137]  Felix Naumann,et al.  Data fusion , 2009, CSUR.

[138]  Chia-Mei Chen,et al.  Detecting Web-Based Botnets with Fast-Flux Domains , 2013 .

[139]  Konrad Rieck,et al.  Botzilla: detecting the "phoning home" of malicious software , 2010, SAC '10.

[140]  Dawn Song,et al.  Malware Detection , 2010, Advances in Information Security.

[141]  Brian Rexroad,et al.  Wide-Scale Botnet Detection and Characterization , 2007, HotBots.

[142]  Kouichi Sakurai,et al.  Bot Detection Based on Traffic Analysis , 2007 .

[143]  Michalis Faloutsos,et al.  Transport layer identification of P2P traffic , 2004, IMC '04.

[144]  Ge Yu,et al.  Online Botnet Detection Based on Incremental Discrete Fourier Transform , 2010, J. Networks.

[145]  Marco Cremonini,et al.  The Dorothy Project: An Open Botnet Analysis Framework for Automatic Tracking and Activity Visualization , 2009, 2009 European Conference on Computer Network Defense.

[146]  Daniel A. Keim,et al.  Visual support for analyzing network traffic and intrusion detection events using TreeMap and graph representations , 2009, CHIMIT.

[147]  Thomas F. La Porta,et al.  On cellular botnets: measuring the impact of malicious devices on a cellular network core , 2009, CCS.

[148]  Wei Jiang,et al.  Botnet: Survey and Case Study , 2009, 2009 Fourth International Conference on Innovative Computing, Information and Control (ICICIC).

[149]  Dong Zhou,et al.  Translation techniques in cross-language information retrieval , 2012, CSUR.

[150]  T.Y. Lin,et al.  Anomaly detection , 1994, Proceedings New Security Paradigms Workshop.

[151]  W. Timothy Strayer,et al.  Using Machine Learning Techniques to Identify Botnet Traffic , 2006 .

[152]  Lei Liu,et al.  BotTracer: Execution-Based Bot-Like Malware Detection , 2008, ISC.

[153]  Zhenhai Duan,et al.  Blocking spam by separating end-user machines from legitimate mail server machines , 2011, CEAS '11.

[154]  Farnam Jahanian,et al.  A Survey of Botnet Technology and Defenses , 2009, 2009 Cybersecurity Applications & Technology Conference for Homeland Security.

[155]  Niels Provos,et al.  A Virtual Honeypot Framework , 2004, USENIX Security Symposium.

[156]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[157]  Victor A. Skormin,et al.  Non-Stationary Markov Models and Anomaly Propagation Analysis in IDS , 2007, Third International Symposium on Information Assurance and Security.

[158]  Panayiotis Mavrommatis,et al.  Identifying Known and Unknown Peer-to-Peer Traffic , 2006, Fifth IEEE International Symposium on Network Computing and Applications (NCA'06).

[159]  George Varghese,et al.  Network monitoring using traffic dispersion graphs (tdgs) , 2007, IMC '07.

[160]  Guofei Gu,et al.  BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic , 2008, NDSS.

[161]  Amin Vahdat,et al.  Swing: realistic and responsive network traffic generation , 2009, TNET.

[162]  Futai Zou,et al.  Detecting HTTP Botnet with Clustering Network Traffic , 2012, 2012 8th International Conference on Wireless Communications, Networking and Mobile Computing.

[163]  Gianluca Stringhini,et al.  BOTMAGNIFIER: Locating Spambots on the Internet , 2011, USENIX Security Symposium.

[164]  Felix C. Freiling,et al.  Botnet Tracking: Exploring a Root-Cause Methodology to Prevent Distributed Denial-of-Service Attacks , 2005, ESORICS.

[165]  Bill McCarty,et al.  Botnets: Big and Bigger , 2003, IEEE Secur. Priv..

[166]  Miroslaw Szymczyk Detecting Botnets in Computer Networks Using Multi-agent Technology , 2009, 2009 Fourth International Conference on Dependability of Computer Systems.

[167]  Vamsi Paruchuri,et al.  Comparative Analysis and Evaluation of Botnet Command and Control Models , 2010, 2010 24th IEEE International Conference on Advanced Information Networking and Applications.