J. P. John, A. Moshchuk, S. D. Gribble, and A. Krishnamurthy, Studying spamming botnets using Botlab, NSDI'09: Proceedings of the 6th USENIX Symposium on Networked Systems Design and Implementation, pp.291-306, 2009.

W. W. De-vries, G. C. Moura, and A. Pras, Fighting Spam on the Sender Side: A Lightweight Approach, Proceeings of 16th EUNICE/IFIP WG 6.6 Workshop, pp.188-197, 2010.
DOI : 10.1007/978-3-642-13971-0_18

J. M. Michel-van-eeten, H. Bauerb, S. Asgharia, D. Tabatabaiea, and . Randc, The Role of Internet Service Providers in Botnet Mitigation: An Empirical Analysis Based on Spam Data, WEIS 2010: Ninth Workshop on the Economics of Information Security, 2010.

A. Sperotto, G. Schaffrath, R. Sadre, C. Morariu, A. Pras et al., An Overview of IP Flow-Based Intrusion Detection, IEEE Communications Surveys & Tutorials, vol.12, issue.3, pp.343-356, 2010.
DOI : 10.1109/SURV.2010.032210.00054

Y. Xie, F. Yu, K. Achan, R. Panigrahy, G. Hulten et al., Spamming botnets, ACM SIGCOMM Computer Communication Review, vol.38, issue.4, pp.171-182, 2008.
DOI : 10.1145/1402946.1402979

G. Gu, R. Perdisci, J. Zhang, and W. Lee, Botminer: clustering analysis of network traffic for protocol-and structure-independent botnet detection, USENIX Security Symposium (SS), pp.139-154, 2008.

A. Sperotto, G. Vliek, R. Sadre, and A. Pras, Detecting Spam at the Network Level, EUNICE '09: Proceedings of the 15th Open European Summer School and IFIP TC6.6 Workshop on The Internet of the Future, 2009.
DOI : 10.1007/978-3-540-74784-0_34

H. William, H. Day, and . Edelsbrunner, Efficient algorithms for agglomerative hierarchical clustering methods, Journal of Classification, vol.1, issue.1, pp.7-24, 1984.

E. Schikuta, Grid-clustering: a fast hierarchical clustering method for very large data sets, Proceedings 15th Int. Conf. on Pattern Recognition, pp.101-105, 1996.

J. François, H. Abdelnur, R. State, and O. Festor, Automated Behavioral Fingerprinting, 12th International Symposium on Recent Advances in Intrusion Detection (RAID), 2009.
DOI : 10.1007/978-3-642-04342-0_10

A. Sperotto, R. Sadre, F. Van-vliet, and A. Pras, A Labeled Data Set for Flow-Based Intrusion Detection, IP Operations and Management, pp.39-50, 2009.
DOI : 10.1007/978-3-642-04968-2_4

P. Porras, H. Sadi, and V. Yegneswaran, A Multi-perspective Analysis of the Storm (Peacomm ) Worm

P. Wang, L. Wu, R. Cunningham, and C. C. Zou, Honeypot detection in advanced botnet attacks, International Journal of Information and Computer Security, vol.4, issue.1, pp.30-51, 2010.
DOI : 10.1504/IJICS.2010.031858

J. Moheeb-abu-rajab, F. Zarfoss, A. Monrose, and . Terzis, A multifaceted approach to understanding the botnet phenomenon, Proceedings of the 6th ACM SIGCOMM on Internet measurement , IMC '06, pp.41-52, 2006.
DOI : 10.1145/1177080.1177086

A. Karasaridis, B. Rexroad, and D. Hoeflin, Wide-scale botnet detection and characterization, First Workshop on Hot Topics in Understanding Botnets (HotBots). USENIX, 2007.

T. Holz, M. Steiner, F. Dahl, E. Biersack, and F. Freiling, Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm, LEET'08: Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats, pp.1-9, 2008.

J. François, W. Shaonan, R. State, and T. Engel, BotTrack: Tracking Botnets Using NetFlow and PageRank, To appear in IFIP/TC6 NETWORKING 2011, 2011.
DOI : 10.1007/978-3-642-20757-0_1

G. Gu, P. Porras, V. Yegneswaran, M. Fong, and W. Lee, Bothunter: detecting malware infection through ids-driven dialog correlation, USENIX Security Symposium (SS), 2007.