A multifaceted approach to understanding the botnet phenomenon, Proceedings of the 6th ACM SIGCOMM on Internet measurement , IMC '06, pp.41-52, 2006. ,
DOI : 10.1145/1177080.1177086
Performance debugging for distributed systems of black boxes, Proceedings of the nineteenth ACM symposium on Operating systems principles pp, pp.74-89, 2003. ,
An analysis of the slapper worm, IEEE Security & Privacy Magazine, vol.1, issue.1, pp.82-87, 2003. ,
DOI : 10.1109/MSECP.2003.1177002
A Survey of Clustering Data Mining Techniques, Grouping Multidimensional Data, pp.25-71, 2006. ,
DOI : 10.1007/3-540-28349-8_2
The fog of cyberwar ? to defend... and attack? (accessed on 08 ,
Automating network application dependency discovery: Experiences, limitations, and new solutions, Proceedings of OSDI, 2008. ,
Cisco Systems NetFlow Services Export Version 9, RFCInformational ), vol.3954, 2004. ,
DOI : 10.17487/rfc3954
Hit-List Worm Detection and Bot Identification in Large Networks Using Protocol Graphs, Recent Advances in Intrusion Detection (RAID), 2007. ,
DOI : 10.1007/978-3-540-74320-0_15
An introduction to ROC analysis, Pattern Recognition Letters, vol.27, issue.8, pp.861-874, 2006. ,
DOI : 10.1016/j.patrec.2005.10.010
Towards malware inspired management frameworks, NOMS 2008, 2008 IEEE Network Operations and Management Symposium, pp.105-112, 2008. ,
DOI : 10.1109/NOMS.2008.4575123
Botminer: clustering analysis of network traffic for protocol-and structure-independent botnet detection, USENIX Security Symposium (SS), pp.139-154, 2008. ,
Bothunter: detecting malware infection through ids-driven dialog correlation, USENIX Security Symposium (SS), 2007. ,
Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm, Workshop on Large-Scale Exploits and Emergent Threats (LEET). USENIX, 2008. ,
Towards Next-Generation Botnets, 2008 European Conference on Computer Network Defense, pp.33-40, 2008. ,
DOI : 10.1109/EC2ND.2008.11
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.210.3
Exploiting dynamicity in graphbased traffic analysis: techniques and applications, ACM International conference on Emerging networking experiments and technologies (CoNEXT), 2009. ,
Mining dependency in distributed systems through unstructured logs analysis. research.microsoft.com http ,
Koorde: A Simple Degree-Optimal Distributed Hash Table, International workshop on Peer-To-Peer Systems (IPTPS), 2003. ,
DOI : 10.1007/978-3-540-45172-3_9
What's going on?: learning communication rules in edge networks, Proceedings of the ACM SIGCOMM 2008 conference on Data communication pp, pp.87-98, 2008. ,
BLINC: multilevel traffic classification in the dark, ACM Conference on Applications, technologies, architectures , and protocols for computer communications (SIGCOMM), 2005. ,
Wide-scale botnet detection and characterization, First Workshop on Hot Topics in Understanding Botnets (HotBots). USENIX, 2007. ,
Internet traffic classification demystified, Proceedings of the 2008 ACM CoNEXT Conference on, CONEXT '08, 2008. ,
DOI : 10.1145/1544012.1544023
Faster clustering with dbscan. Intelligent Information Processing and Web Mining pp, pp.605-614, 2005. ,
Kademlia: A Peer-to-Peer Information System Based on the XOR Metric, IPTPS '01: International Workshop on Peer-to-Peer Systems, pp.53-65, 2002. ,
DOI : 10.1007/3-540-45748-8_5
Bot software spreads, causes new worries, IEEE Distributed Systems Online, vol.5, issue.6, 2004. ,
DOI : 10.1109/MDSO.2004.7
BotGrep: Finding p2p bots with structured graph analysis, Security Symposium. USENIX, 2010. ,
The pagerank citation ranking: Bringing order to the web, 1998. ,
A Multi-perspective Analysis of the Storm (Peacomm) Worm, http://www.cyber-ta ,
WAP5, Proceedings of the 15th international conference on World Wide Web , WWW '06, pp.347-356, 2006. ,
DOI : 10.1145/1135777.1135830
Hidden markov model modeling of ssh brute-force attacks. Integrated Management of Systems, Services, Processes and People in IT pp, pp.164-176 ,
Anomaly Characterization in Flow-Based Traffic Time Series, pp.15-27 ,
DOI : 10.1007/978-3-540-87357-0_2
Chord: A scalable Peer-To-Peer lookup service for internet applications, Proceedings of the 2001 ACM SIGCOMM Conference, pp.149-160, 2001. ,
Actively Measuring Bots in Peer-to-Peer Networks, 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing, 2009. ,
DOI : 10.1109/NSWCTC.2009.288
FlowRank, Proceedings of the 6th International Wireless Communications and Mobile Computing Conference on ZZZ, IWCMC '10, 2010. ,
DOI : 10.1145/1815396.1815508
Mining NetFlow Records for Critical Network Activities, International Conference on Autonomous Infrastructure, Management and Security (AIMS), 2010. ,
DOI : 10.1007/978-3-642-13986-4_20
URL : https://hal.archives-ouvertes.fr/hal-01056635
RiskRank: Security risk ranking for IP flow records, 2010 International Conference on Network and Service Management, 2010. ,
DOI : 10.1109/CNSM.2010.5691334
Spamming botnets, ACM SIGCOMM Computer Communication Review, vol.38, issue.4, pp.171-182, 2008. ,
DOI : 10.1145/1402946.1402979
A Fast Parallel Clustering Algorithm for Large Spatial Databases, Data Min. Knowl. Discov, vol.3, issue.3, pp.263-290, 1999. ,
DOI : 10.1007/0-306-47011-X_3