J. Liu, et al., “Botnet: Classification, Attacks, Detection, Tracing.and Preventive Measures,” Journal on Wireless Communications and Networking, 2009.
L. Heng-Feng and H. Ru-Xin, “A Survey of botnet Detection,” Computers & Security, 2010.
M. Feily, A. Shahrestani, and S. Ramadass, “A Survey of Botnet and Botnet Detection,” 09 Proceedings of the 2009 Third International Conference on Emerging Security Information, Systems and Technologies, 2009.
M. Feily, A. Shahrestani, and S. Ramadass, “A Survey of Botnet and Botnet Detection, IEEE 3rd Int. Conf. On Emerging Security Information, Systems and Technologies, 2009.
J. Park, “Acquiring Digital Evidence from Botnet Attacks: Procedures and Methods,” M. Sc Thesis, 2011.
F. C. Freiling, T. Holz, and G. Wicherski, “Botnet tracking: exploring a root-cause methodology to prevent distributed denial-of-service attacks,” Springer Berlin Heidelberg, 2005.
C. C. Zou and R. Cunningham, “Honeypot-aware advanced botnet construction and maintenance,” IEEE Int. Conf. on Dependable Systems and Networks, 2006.
J. R. Binkley and S. Singh, “An Algorithm for Anomalybased botnet detection. Proc. USENIX Steps to Reducing Unwanted Traffic on the Internet Workshop, 2006.
S. S. C. Silva, R. M. P. Silva, R. C. G. Pinto, and M. Ronaldo Salles, “Botnets: A survey, Computer Networks,” The International Journal of Computer and Telecommunications Networking, 2013.
A. Sperotto, G. Schaffrath, R. Sadre, C. Morariu, A. Pras, and B. Stiller, “An Overview of IP Flow-based Intrusion Detection,” IEEE Communications Surveys & Tutorial, 2010.
D. Zhao, I. Traore, A. Ghorbani, B. Sayed, S. Saad, and W. Lu, “Peer to Peer Botnet Detection Based on Flow Intervals, Part of the IFIP Advances in Information and Communication Technology Book Series, 2012.
S. Saad, I. Traore, A. Ghorbani, B. Sayed, D. Zhao, W. Lu, J. Felix, and P. Hakimian, “Detecting p2p Botnets Through Network Behavior Analysis and Machine Learning,” In Privacy, Security and Trust (PST), 2011 NinthAnnual International Conference on, july 2011.
Snort IDS [Online] Retrieved on January 2013 from http://www.snort.org
W. Wei, F. Binxing, et al., “A Novel Approach to Detect IRC-Based Botnet,” International Conference on Networks Security, Wireless Communications and Trusted Computing (NSWCTC), 2009.
R. Konrad, S. Guido, et al., “Botzilla: Detecting the "Phoning Home" Of Malicious Software,” Proceedings of the Symposium on Applied Computing, Sierre, Switzerland, ACM, 2010.
E. Stinson and J. C. Mitchell, “Characterizing bots remote control behavior,” In: Detection of Intrusions and Malware, and Vulnerability Assessment, Springer, 2007.
G. Gu, P. Porras, V. Yegneswaran, et al., “Bothunter: Detecting Malware Infection Through IDS-driven Dialog Correlation,” Proc. 16th USENIX Security Symp., pp. 167-182, 2007.
G. Gu, J. Zhang, and W. Lee, “A BotSniffer: detecting Botnet Command and Control Channels in Network Traffic,” Proc. 15th Annual Network and Distributed System Security Symp., pp. 2-19, 2008a.
G. Gu, R. Perdisci, J. Zhang, et al., “BotMiner: Clustering Analysis of Network Traffic for Protocol and Structure-Independent Botnet Detection,” USENIX Security Symp., pp. 139-154, 2008b.
W. T. Strayer, R. Walsh, C. Livadas, et al., “Detecting botnets with tight command and control,” Proc. 31st IEEE Conf. on Local Computer Networks, pp. 195-202, 2006.
A. G. Tokhtabayev and V. A. Skormin, “Non-stationary Markov models and anomaly propagation analysis in IDS,” IEEE 3rd Int. Symp. on Information Assurance and Security, pp. 203-208, 2007. [doi:10.1109/IAS.2007.72]
H. Choi, H. Lee, and H. Kim, “BotGAD: detecting botnets by Capturing Group Activities in Network Traffic,” Proc. 4th Int. ICST Conf. on Communication System Software and Middleware, pp. 1-8, 2009. [doi:10.1145/1621890.1621893]
A. Shahrestani, M. Feily, R. Ahmad, et al., “Architecture for applying data mining and visualization on network flow for botnet traffic detection,” IEEE Int. Conf. on Computer Technology and Development, pp. 33-37, 2009.
M. Masud, T. Al-khateeb, L. Khan, B. Thuraisingham, and K. Hamlen, “Flow-based Identification of Botnet Traffic by Mining Multiple log Files,” In Distributed Framework and Applications, DFmA 2008, First International Conference on, pp. 200 –206, Oct. 2008.
L. Bilge, D. Balzarotti, W. Robertson, E. Kirda, and C. Kruegel, “Disclosure: detecting botnet command and control servers through large-scale netflow analysis,” In Proceedings of the 28th Annual Computer Security Applications Conference, ser. ACSAC ’12, New York, NY, USA: ACM, pp. 129–138, 2012.
R. Azmi, M. Gholinezhad, and M. Saberi, “Botnet Detection for Peer to Peer Networks,” Journal of Electronical & Cyber Defence, vol. 3, n o. 4, Serial No.12, 2016. (In Persian)
M. Fathian, M. Abdollahi Azgomi, and H. Dehghani, “Modeling Browsing Behavior Analysis for Malicious Robot Detection in Distributed Denial of Service Attacks,” Journal of Electronical & Cyber Defence, vol. 4, no. 2, 2016, Serial no. 14 (In Persian)
I. H. Witten and E. Frank, “Data Mining, 3th ed, SanFrancisco: Morgan Kafman, pp. 403-468, 2011.
J. Han and M. Kamber, “Data Mining Concepts and Techniques,” SanFrancisco :Morgan Kafman, pp. 18-21, 2011.