S. Khattak, N. R. Ramay, K. R. Khan, A. A. Syed, and S. A. Khayam, A Taxonomy of Botnet Behavior, Detection, and Defense, IEEE Communications Surveys & Tutorials, vol.16, issue.2, pp.898-924, 2014.
DOI : 10.1109/SURV.2013.091213.00134

S. García, A. Zunino, and M. Campo, Survey on network-based botnet detection methods, Security and Communication Networks, vol.24, issue.3, pp.878-903, 2014.
DOI : 10.1109/MIS.2009.42

K. Wang, C. Huang, L. Tsai, and Y. Lin, Behavior-based botnet detection in parallel, Security and Communication Networks, vol.48, issue.12, pp.1849-1859, 2014.
DOI : 10.1109/MCOM.2010.5673077

C. Yukonhiatou, S. Kittitornkun, H. Kikuchi, K. Sisaat, M. Terada et al., Temporal behavior analysis of malware/bot downloads using top-10 processing, 2013 International Computer Science and Engineering Conference (ICSEC), pp.343-347, 2013.
DOI : 10.1109/ICSEC.2013.6694806

S. Li, Y. Kao, Z. Zhang, Y. Chuang, and D. C. Yen, A network behavior-based botnet detection mechanism using pso and kmeans, ACM Trans. Manage. Inf. Syst, vol.3, pp.1-330, 2015.
DOI : 10.1145/2676869

W. Liu, K. Zheng, B. Wu, C. Wu, and X. Niu, Flow-based anomaly detection using access behavior profiling and time-sequenced relation mining, TIIS, pp.2781-2800, 2016.

A. J. Alzahrani and A. A. Ghorbani, Real-time signature-based detection approach for SMS botnet, 2015 13th Annual Conference on Privacy, Security and Trust (PST), pp.157-164, 2015.
DOI : 10.1109/PST.2015.7232968

J. François, S. Wang, R. State, and T. Engel, BotTrack: Tracking Botnets Using NetFlow and PageRank, NETWORKING 2011 -10th International IFIP TC 6 Networking Conference Proceedings, Part I, pp.1-14, 2011.
DOI : 10.1007/978-3-642-20757-0_1

R. Hofstede, P. Eleda, B. Trammell, I. Drago, R. Sadre et al., Flow monitoring explained: From packet capture to data analysis with netflow and ipfix Botnet detection based on traffic behavior analysis and flow intervals, IEEE Communications Surveys Tutorials Comput. Secur, vol.39, pp.2-16, 2013.
DOI : 10.1109/comst.2014.2321898

S. García, M. Grill, J. Stiborek, and A. Zunino, An empirical comparison of botnet detection methods, Computers & Security, vol.45, pp.100-123, 2014.
DOI : 10.1016/j.cose.2014.05.011

H. Choi, H. Lee, and H. Kim, BotGAD, Proceedings of the Fourth International ICST Conference on COMmunication System softWAre and middlewaRE, COMSWARE '09, 2009.
DOI : 10.1145/1621890.1621893

L. Bilge, S. Sen, D. Balzarotti, E. Kirda, and C. Kruegel, Exposure, ACM Transactions on Information and System Security, vol.16, issue.4, pp.1-1428, 2014.
DOI : 10.1109/ICPR.2008.4761472

J. Kwon, J. Lee, H. Lee, and A. Perrig, PsyBoG: A scalable botnet detection method for large-scale DNS traffic, Computer Networks, vol.97, pp.48-73, 2016.
DOI : 10.1016/j.comnet.2015.12.008

G. Gu, P. Porras, V. Yegneswaran, M. Fong, and W. Lee, Bothunter: Detecting malware infection through ids-driven dialog correlation, Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, ser. SS'07, pp.1-1216, 2007.

S. Nagaraja, P. Mittal, C. Hong, M. Caesar, and N. Borisov, Botgrep: Finding p2p bots with structured graph analysis, USENIX Conference on Security, 2010.

S. Wang, R. State, M. Ourdane, and T. Engel, FlowRank, Proceedings of the 6th International Wireless Communications and Mobile Computing Conference on ZZZ, IWCMC '10, 2010.
DOI : 10.1145/1815396.1815508

H. Jiang and X. Shao, Detecting p2p botnets by discovering flow dependency in c&c traffic Peer-to-Peer Networking and Applications, pp.320-331, 2014.
DOI : 10.1007/s12083-012-0150-x

L. Sofiane and F. Jrome, Knowledge discovery of port scans from darknet, IFIP/IEEE International Workshop on Analytics for Network and Service Management, 2017.

S. Kandula, R. Chandra, and D. Katabi, What's going on?: Learning communication rules in edge networks, SIGCOMM Conference on Data Communication, pp.87-98, 2008.

Y. Park, D. Reeves, V. Mulukutla, and B. Sundaravel, Fast malware classification by automated behavioral graph matching, Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research, CSIIRW '10, pp.451-496, 2010.
DOI : 10.1145/1852666.1852716

K. Pei, Z. Gu, B. Saltaformaggio, S. Ma, F. Wang et al., HERCULE, Proceedings of the 32nd Annual Conference on Computer Security Applications, ACSAC '16, 2016.
DOI : 10.1145/2590296.2590309

K. Satoru, F. Kensuke, and E. Hiroshi, Mining causes of network events in log data with causal inference, IFIP/IEEE International Symposium on Integrated Network Management, 2017.

C. Chen and H. Lin, Detecting botnet by anomalous traffic, Journal of Information Security and Applications, vol.21, pp.42-51, 2015.
DOI : 10.1016/j.jisa.2014.05.002

G. Pellegrino, Q. Lin, C. Hammerschmidt, and S. Verwer, Learning behavioral fingerprints from Netflows using Timed Automata, 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), 2017.
DOI : 10.23919/INM.2017.7987293

C. Hammerschmidt, S. Marchal, R. State, G. Pellegrino, and S. Verwer, Efficient Learning of Communication Profiles from IP Flow Records, 2016 IEEE 41st Conference on Local Computer Networks (LCN), pp.559-562, 2016.
DOI : 10.1109/LCN.2016.92

H. Bunke and G. Allerman, Inexact graph matching for structural pattern recognition, Pattern Recognition Letters, vol.1, issue.4, pp.245-253, 1983.
DOI : 10.1016/0167-8655(83)90033-8

A. Sanfeliu and K. Fu, A distance measure between attributed relational graphs for pattern recognition, IEEE Transactions on Systems, Man, and Cybernetics, vol.13, issue.3, pp.353-363, 1983.
DOI : 10.1109/TSMC.1983.6313167

V. Chandola, A. Banerjee, and V. Kumar, Anomaly detection, ACM Computing Surveys, vol.41, issue.3, pp.1-15, 2009.
DOI : 10.1145/1541880.1541882

E. B. Beigi, H. H. Jazi, N. Stakhanova, and A. A. Ghorbani, Towards effective feature selection in machine learning-based botnet detection approaches, Conference on Communications and Network Security (CNS, 2014.