[1] LIU L, CHEN S, YAN G, et al. Bot Tracer: execution-based bot-like malware detection [M]// ISC'08: Proceedings of the 11th International Conference on Information Security, LNCS 5222. Berlin: Springer, 2008: 97-113. [2] SZYMCZYK M. Detecting botnets in computer networks using multi-Agent technology [C]// DepCos-RELCOMEX'09: Proceedings of the Fourth International Conference on Dependability of Computer Systems. Piscataway: IEEE, 2009: 192-201. [3] STINSON E, MITCHELL J C. Characterizing bots' remote control behavior [C]// DIMVA'07: Proceedings of the 4th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Berlin: Springer, 2007: 89-108. [4] XU K, YAO D, MA Q, et al. Detecting infection onset with behavior-based policies [C]// NSS 2011: Proceedings of the 5th International Conference on Network and System Security. Piscataway: IEEE, 2011: 57-64. [5] GU G, PORRAS P, YEGNESWARAN V, et al. BotHunter: detecting malware infection through IDS-driven dialog correlation [C]// SS'07: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium. Berkeley: Usenix Security. 2007: 1-16. [6] SINGH K, GUNTUKU S C, THAKUR A, et al. Big data analytics framework for peer-to-peer botnet detection using random forests [J]. Information Sciences, 2014, 278: 488-497. [7] JIANG H, SHAO X. Detecting P2P botnets by discovering flow dependency in C&C traffic [J]. Peer-to-Peer Networking and Applications, 2014, 7(4): 320-331. [8] SILVA S S C, SILVA R M P, PINTO R C G, et al. Botnets: a survey [J]. Computer Networks, 2013, 57(2): 378-403. [9] YU X, DONG X, YU G, et al. Online botnet detection based on incremental discrete Fourier transform [J]. Journal of Networks, 2010, 5(5): 568-576. [10] ZHANG J, PERDISCI R, LEE W, et al. Building a scalable system for stealthy P2P-botnet detection [J]. IEEE Transactions on Information Forensics and Security, 2014, 9(1): 27-38. [11] EN T F, REITER M K. Are your hosts trading or plotting? Telling P2P file-sharing and bots apart [C]// ICDCS 2010: Proceedings of the 2010 IEEE 30th International Conference on Distributed Computing Systems. Piscataway: IEEE, 2010: 241-252. [12] RAHBARINIA B, PERDISCI R, LANZI A, et al. PeerRush: mining for unwanted P2P traffic [J]. Journal of Information Security and Applications, 2014, 19(3): 194-208. [13] ZHAO D, TRAORE I, GHORBANI A, et al. Peer to peer botnet detection based on flow intervals [C]// SEC 2012: Proceedings of the 27th IFIP TC 11 Information Security and Privacy Conference on Information Security and Privacy Research. Berlin: Springer, 2012: 87-102. [14] FINSTERBUSCH M, RICHTER C, ROCHA E, et al. A survey of payload-based traffic classification approaches [J]. IEEE Communications Surveys & Tutorials, 2014, 16(2): 1135-1156. [15] LIU C, YANG Y, TANG C. A classification method of unstructured P2P multicast video streaming based on SVM [C]// MINES'09: Proceedings of the 2009 International Conference on Multimedia Information Networking and Security. Piscataway: IEEE, 2009: 68-72. [16] HE J, YANG Y, QIAO Y, et al. Accurate classification of P2P traffic by clustering flows [J]. China Communications, 2013, 10(11): 42-51. [17] HALL M, FRANK E, HOLMES G, et al. The WEKA data mining software: an update [J]. ACM SIGKDD Explorations Newsletter, 2009, 11(1): 10-18. [18] KOHAVI R. A study of cross-validation and bootstrap for accuracy estimation and model selection [C]// IJCAI'95: Proceedings of the 14th International Joint Conference on Artificial Intelligence. San Francisco: Morgan Kaufmann Publishers, 1995: 1137-1145. |