, A multifaceted approach to understanding the botnet phenomenon, Proceedings of the 6th ACM SIGCOMM on Internet measurement , IMC '06, pp.41-52, 2006.
DOI : 10.1145/1177080.1177086
, Performance debugging for distributed systems of black boxes, Proceedings of the nineteenth ACM symposium on Operating systems principles pp, pp.74-89, 2003.
, An analysis of the slapper worm, IEEE Security & Privacy Magazine, vol.1, issue.1, pp.82-87, 2003.
DOI : 10.1109/MSECP.2003.1177002
, A Survey of Clustering Data Mining Techniques, Grouping Multidimensional Data, pp.25-71, 2006.
DOI : 10.1007/3-540-28349-8_2
, The fog of cyberwar ? to defend... and attack? (accessed on 08
, Automating network application dependency discovery: Experiences, limitations, and new solutions, Proceedings of OSDI, 2008.
, Cisco Systems NetFlow Services Export Version 9, RFCInformational ), vol.3954, 2004.
DOI : 10.17487/rfc3954
, Hit-List Worm Detection and Bot Identification in Large Networks Using Protocol Graphs, Recent Advances in Intrusion Detection (RAID), 2007.
DOI : 10.1007/978-3-540-74320-0_15
, An introduction to ROC analysis, Pattern Recognition Letters, vol.27, issue.8, pp.861-874, 2006.
DOI : 10.1016/j.patrec.2005.10.010
, Towards malware inspired management frameworks, NOMS 2008, 2008 IEEE Network Operations and Management Symposium, pp.105-112, 2008.
DOI : 10.1109/NOMS.2008.4575123
, Botminer: clustering analysis of network traffic for protocol-and structure-independent botnet detection, USENIX Security Symposium (SS), pp.139-154, 2008.
, Bothunter: detecting malware infection through ids-driven dialog correlation, USENIX Security Symposium (SS), 2007.
, Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm, Workshop on Large-Scale Exploits and Emergent Threats (LEET). USENIX, 2008.
, Towards Next-Generation Botnets, 2008 European Conference on Computer Network Defense, pp.33-40, 2008.
DOI : 10.1109/EC2ND.2008.11
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.210.3
, Exploiting dynamicity in graphbased traffic analysis: techniques and applications, ACM International conference on Emerging networking experiments and technologies (CoNEXT), 2009.
, Mining dependency in distributed systems through unstructured logs analysis. research.microsoft.com http
, Koorde: A Simple Degree-Optimal Distributed Hash Table, International workshop on Peer-To-Peer Systems (IPTPS), 2003.
DOI : 10.1007/978-3-540-45172-3_9
, What's going on?: learning communication rules in edge networks, Proceedings of the ACM SIGCOMM 2008 conference on Data communication pp, pp.87-98, 2008.
, BLINC: multilevel traffic classification in the dark, ACM Conference on Applications, technologies, architectures , and protocols for computer communications (SIGCOMM), 2005.
, Wide-scale botnet detection and characterization, First Workshop on Hot Topics in Understanding Botnets (HotBots). USENIX, 2007.
, Internet traffic classification demystified, Proceedings of the 2008 ACM CoNEXT Conference on, CONEXT '08, 2008.
DOI : 10.1145/1544012.1544023
, Faster clustering with dbscan. Intelligent Information Processing and Web Mining pp, pp.605-614, 2005.
, Kademlia: A Peer-to-Peer Information System Based on the XOR Metric, IPTPS '01: International Workshop on Peer-to-Peer Systems, pp.53-65, 2002.
DOI : 10.1007/3-540-45748-8_5
, Bot software spreads, causes new worries, IEEE Distributed Systems Online, vol.5, issue.6, 2004.
DOI : 10.1109/MDSO.2004.7
, BotGrep: Finding p2p bots with structured graph analysis, Security Symposium. USENIX, 2010.
, The pagerank citation ranking: Bringing order to the web, 1998.
, A Multi-perspective Analysis of the Storm (Peacomm) Worm, http://www.cyber-ta
, WAP5, Proceedings of the 15th international conference on World Wide Web , WWW '06, pp.347-356, 2006.
DOI : 10.1145/1135777.1135830
, Hidden markov model modeling of ssh brute-force attacks. Integrated Management of Systems, Services, Processes and People in IT pp, pp.164-176
, Anomaly Characterization in Flow-Based Traffic Time Series, pp.15-27
DOI : 10.1007/978-3-540-87357-0_2
, Chord: A scalable Peer-To-Peer lookup service for internet applications, Proceedings of the 2001 ACM SIGCOMM Conference, pp.149-160, 2001.
, Actively Measuring Bots in Peer-to-Peer Networks, 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing, 2009.
DOI : 10.1109/NSWCTC.2009.288
, FlowRank, Proceedings of the 6th International Wireless Communications and Mobile Computing Conference on ZZZ, IWCMC '10, 2010.
DOI : 10.1145/1815396.1815508
, Mining NetFlow Records for Critical Network Activities, International Conference on Autonomous Infrastructure, Management and Security (AIMS), 2010.
DOI : 10.1007/978-3-642-13986-4_20
URL : https://hal.archives-ouvertes.fr/hal-01056635
, RiskRank: Security risk ranking for IP flow records, 2010 International Conference on Network and Service Management, 2010.
DOI : 10.1109/CNSM.2010.5691334
, Spamming botnets, ACM SIGCOMM Computer Communication Review, vol.38, issue.4, pp.171-182, 2008.
DOI : 10.1145/1402946.1402979
, A Fast Parallel Clustering Algorithm for Large Spatial Databases, Data Min. Knowl. Discov, vol.3, issue.3, pp.263-290, 1999.
DOI : 10.1007/0-306-47011-X_3