[1] H. R. Zeidanloo, A. B. Manaf, P. Vahdani, F. Tabatabaei, and M. Zamani, “Botnet detection based on traffic monitoring,” In Proceedings of the 2010 International Conference on Networking and Information Technology, pp. 97-101, 2010.##
[2] C. Li, W. Jiang, and X. Zou, “Botnet: Survey and Case Study,” In Proceedings of the 4th International Conference on Innovative Computing, Information and Control, 2009.##
[3] P. Bacher, T. Holz, M. Kotter, and G. Wicherski, “Know Your Enemy: Tracking Botnets (using honeynets to learn more about bots),” Technical Report, The Honeynet Project, 2008.##
[4] Z. Zhu, G. Lu, Y. Chen, Z. J. Fu, P. Roberts, and K. Han, “Botnet research survey,” In Proceedings of the 32nd Annual IEEE International Computer Software and Applications Conference (COMPSAC’08), pp. 967–972, 2008.##
[5] R. Jalaei and M. R. Hasani Ahangar, “An Analytical Survey on Botnet and Detection Methods,” Journal of Electronical & Cyber Defence, vol. 4, no. 4, 2017. (In Persian)##
[6] B. W. Lampson, “A note on the confinement problem,” Communication of the ACM, vol. 16, no. 10, pp. 613–615, 1973.##
[7] L. Qiu, Y. Zhang, F. Wang, M. Kyung, and H. R. Mahajan, “Trusted computer system evaluation criteria,” In Proceedings of the National Computer Security Center, 1985.##
[8] C. Serdar, “Network covert channels: design, analysis, Detection and elimination,” Ph.D. dissertation, Purdue University, 2006.##
[9] C. E. Shannon, “A note on the concept of entropy,” Bell system technical journal, vol. 27, pp. 379–423, 1948.##
[10] A. Porta, G. Baselli, D. Liberati, N. Montano, C. Cogliati, T. Gnecchi-Ruscone, A. Malliani, and S. Cerutti, “Measuring regularity by means of a corrected conditional entropy in sympathetic outflow,” Biological Cybernetics, vol. 78, no. 1, pp. 71–78, 1998.##
[11] R. Moddemeijer, “On estimation of entropy and mutual information of continuous distributions,” Signal Processing, vol. 16, no. 3, pp. 233–248, 1989.##
[12] S. Gianvecchio and H. Wang, “An entropy-based approach to detecting covert timing Channels,” IEEE Transactions on Dependable and Secure Computing, vol. 8, no. 6, pp. 785–797, 2011.##
[13] S. S. C. Silva, R. M. P. Silva, R. C. G. Pinto, and R. M.Salles, “Botnets: A Survey,” Computer networks, Elsevier, vol. 57, no. 2, pp. 378-403, 2012.##
[14] G. Gu, R. Perdisci, J. Zhang, and W. Lee, “BotMiner: clustering analysis of network traffic for protocol-and structure-independent botnet detection,” In Proceedings of the 17th Conference on Security Symposium, USENIX Association, pp. 139– 154, 2008.##
[15] G. Gu, J. Zhang, and W. Lee, “BotSniffer: detecting botnet command and control channels in network traffic,” In Proceedings of the 15th Annual Network & Distributed System Security Symposium, The Internet Society (ISOC), 2008.##
[16] E. Middelesch, “Anonymous and hidden communication channels: A perspective on future developments,” Master Thesis, University of Twente, 2015.##
[17] “Channels: a perspective on future developments,” M.S. thesis, University of Twente, 2015.##
[18] J. Nazario and T. Holz, “As the net churns: fast-flux botnet observations,” In Proceedings of the 3rd International Conference on Malicious and Unwanted Software (MALWARE), pp. 24–31, 2008.##
[19] A. Caglayan, M. Toothaker, D. Drapaeau, D. Burke, and G. Eaton, “Behavioral analysis of fast flux service networks,” In Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies, CSIIRW’09, ACM, vol. 48, pp. 1-4, 2009.##
[20] R. Sharifnya and M. Abadi, “A novel reputation system to detect DGA-based botnets,” In Proceedings of the ICCKE 2013, Mashhad, pp. 417-423, 2013. (In Persian)##
[21] I. Ghafir, V. Prenosil, M. Hammoudeh, T. Baker, S. Jabbar, S. Khalid, and S. Jaf, “BotDet: A system for real time botnet command and control traffic detection,” IEEE Access, vol. 4, pp. 2169-3536, 2018.##
[22] C. j. Dietrich, C. Rossow, F. C. Freiling, H. Bos, M. V. Steen, and N. Pohlmann, “On Botnets That Use DNS for Command and Control,” In Proceedings of the 7th European Conference on Computer Network Defense, pp. 9-16, IEEE Computer Society, 2011.##
[24] S. Nagaraja, A. Houmansadr, P. Piyawongwisal, V. Singh, P. Agarwal, and N. Borisov, “Stegobot: A covert social network botnet,” In Proceedings of the 13th International Conference on Information Hiding, pp. 299 –313, 2011.##
[25] A. Sanatinia and G. Noubir, “Onionbots: Subverting privacy infrastructure for cyber attacks,” in Proceedings of the 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 69-80, 2015.##
[26] T. J. Richer, “Entropy-based detection of botnet command and control,” In Proceedings of the ##Australasian Computer Science Week Multiconference,
ACSW '17, ACM, p. 75, 2017.
[27] S. Cabuk, C. E. Brodley, and C. Shields, “IP Covert Timing Channels : Design and Detection,” In ##Proceedings of the 11th ACM conference on Computer and communications security, pp. 178–187, 2004.
[28] S. Cabuk, “Network covert channels: Design, analysis, detection, and elimination,” Ph.D dissertation, Purdue University, West Lafayette, USA, 2006.##
[29] S. Gianvecchio, H. Wang, D. Wijesekera, and S. Jajodia, “Model-Based Covert Timing Channels: Automated Modeling and Evasion,” In Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection, pp. 211–230, 2008.
[30] K. Kothari and M. Wright, “Mimic: An active covert channel that evades regularity-based detection,” Computer Networks, vol. 57, no. 3, pp. 647–657, Feb. 2013.##
[31] G. Shah, A. Molina, and M. Blaze, “Keyboards and covert channels,” In Proceedings of the 2006 USENIX Security Symposium, July–August 2006.##
)