A Bibliometric Analysis of Botnet Detection Techniques

  • Shehu Amina
  • Raul Vera
  • Tooska Dargahi
  • Ali DehghantanhaEmail author


Botnets are rising as a platform for many unlawful cyber activities such as Distributed Denial of Service (DDoS) attacks, malware dissemination, phishing, click fraud, and so on. As of late, detecting botnet has been an intriguing research topic in relation to cybercrime analysis and cyber-threat prevention. This paper is an analysis of publications related to botnet detection techniques. We analyse 194 botnet related papers published between 2009 and 2018 in the ISI Web of Science database. Seven (7) criteria have been used for this analysis to detect highly-cited articles, most impactful journals, current research areas, most active researchers and institutions in the field. It was noted that the average number of publications related to botnet detection have been reduced recently, which could be because of overwhelming existing literature in the field. Asia is the most active and most productive continent in botnet research and computer science is the research area with most publications related to botnet detection as expected.


Bibliometric analysis Botnet detection Distributed Denial of Service DDoS Malware 


  1. 1.
    S. Homayoun, M. Ahmadzadeh, S. Hashemi, A. Dehghantanha, and R. Khayami, “BoTShark: A Deep Learning Approach for Botnet Traffic Detection,” 2018, pp. 137–153.Google Scholar
  2. 2.
    M. Hopkins and A. Dehghantanha, “Exploit Kits: The production line of the Cybercrime economy?,” in 2015 2nd International Conference on Information Security and Cyber Forensics, InfoSec 2015, 2016.Google Scholar
  3. 3.
    M. Damshenas, A. Dehghantanha, K.-K. R. Choo, and R. Mahmud, “M0Droid: An Android Behavioral-Based Malware Detection Model,” J. Inf. Priv. Secur., Sep. 2015.Google Scholar
  4. 4.
    A. Azmoodeh, A. Dehghantanha, M. Conti, and K.-K. R. Choo, “Detecting crypto-ransomware in {IoT} networks based on energy consumption footprint,” J. Ambient Intell. Humaniz. Comput., Aug. 2017.Google Scholar
  5. 5.
    A. Shalaginov, S. Banin, A. Dehghantanha, and K. Franke, Machine learning aided static malware analysis: A survey and tutorial, vol. 70. 2018.Google Scholar
  6. 6.
    O. Osanaiye, H. Cai, K.-K. R. Choo, A. Dehghantanha, Z. Xu, and M. Dlodlo, “Ensemble-based multi-filter feature selection method for DDoS detection in cloud computing,” Eurasip J. Wirel. Commun. Netw., vol. 2016, no. 1, 2016.Google Scholar
  7. 7.
    J. Baldwin and A. Dehghantanha, Leveraging support vector machine for opcode density based detection of crypto-ransomware, vol. 70. 2018.Google Scholar
  8. 8.
    D. Kiwia, A. Dehghantanha, K. K. R. Choo, and J. Slaughter, “A cyber kill chain based taxonomy of banking Trojans for evolutionary computational intelligence,” J. Comput. Sci., 2017.Google Scholar
  9. 9.
    D. Zhao et al., “Botnet detection based on traffic behavior analysis and flow intervals,” Comput. Secur., vol. 39, no. PARTA, pp. 2–16, 2013.Google Scholar
  10. 10.
    H. HaddadPajouh, A. Dehghantanha, R. Khayami, and K.-K. R. Choo, “A deep Recurrent Neural Network based approach for Internet of Things malware threat hunting,” Futur. Gener. Comput. Syst., 2018.Google Scholar
  11. 11.
    K. Singh, S. C. Guntuku, A. Thakur, and C. Hota, “Big Data Analytics framework for Peer-to-Peer Botnet detection using Random Forests,” Inf. Sci. (Ny)., vol. 278, pp. 488–497, 2014.Google Scholar
  12. 12.
    O. M. K. Alhawi, J. Baldwin, and A. Dehghantanha, Leveraging machine learning techniques for windows ransomware network traffic detection, vol. 70. 2018.Google Scholar
  13. 13.
    H. H. Pajouh, A. Dehghantanha, R. Khayami, and K.-K. R. Choo, “Intelligent OS X malware threat detection with code inspection,” J. Comput. Virol. Hacking Tech., 2017.Google Scholar
  14. 14.
    A. Azmoodeh, A. Dehghantanha, and K.-K. R. Choo, “Robust Malware Detection for Internet Of (Battlefield) Things Devices Using Deep Eigenspace Learning,” IEEE Trans. Sustain. Comput., pp. 1–1, 2018.Google Scholar
  15. 15.
    S. Homayoun, A. Dehghantanha, M. Ahmadzadeh, S. Hashemi, and R. Khayami, “Know Abnormal, Find Evil: Frequent Pattern Mining for Ransomware Threat Hunting and Intelligence,” IEEE Trans. Emerg. Top. Comput., pp. 1–1, 2017.Google Scholar
  16. 16.
    H. Haughey, G. Epiphaniou, H. Al-Khateeb, and A. Dehghantanha, “Adaptive Traffic Fingerprinting for Darknet Threat Intelligence,” 2018, pp. 193–217.Google Scholar
  17. 17.
    M. Conti, A. Dehghantanha, K. Franke, and S. Watson, “Internet of Things security and forensics: Challenges and opportunities,” Futur. Gener. Comput. Syst., vol. 78, pp. 544–546, Jan. 2018.Google Scholar
  18. 18.
    H. Haddad Pajouh, R. Javidan, R. Khayami, D. Ali, and K.-K. R. Choo, “A Two-layer Dimension Reduction and Two-tier Classification Model for Anomaly-Based Intrusion Detection in IoT Backbone Networks,” IEEE Trans. Emerg. Top. Comput., pp. 1–1, 2016.Google Scholar
  19. 19.
    N. Milosevic, A. Dehghantanha, and K.-K. R. Choo, “Machine learning aided Android malware classification,” Comput. Electr. Eng., vol. 61, 2017.Google Scholar
  20. 20.
    S. Ranjan, J. Robinson, and F. Chen, “Machine Learning Based Botnet Detection Using Real-Time Connectivity Graph Based Traffic Features,” 2015.Google Scholar
  21. 21.
    S. Ranjan and F. Chen, “Machine Learning Based Botnet Detection With Dynamic Adaptation,” 2006.Google Scholar
  22. 22.
    J. Baldwin, O. M. K. Alhawi, S. Shaughnessy, A. Akinbi, and A. Dehghantanha, Emerging from the cloud: A bibliometric analysis of cloud forensics studies, vol. 70. 2018.Google Scholar
  23. 23.
    J. Gill, I. Okere, H. HaddadPajouh, and A. Dehghantanha, Mobile forensics: A bibliometric analysis, vol. 70. 2018.Google Scholar
  24. 24.
    I. Ghafir, V. Prenosil, and M. Hammoudeh, “Botnet Command and Control Traffic Detection Challenges : A Correlation-based Solution,” no. April, pp. 1–5, 2017.Google Scholar
  25. 25.
    G. Kirubavathi and R. Anitha, “Botnet detection via mining of traffic flow characteristics,” Comput. Electr. Eng., vol. 50, pp. 91–101, 2016.Google Scholar
  26. 26.
    J. A. Jerkins, “Motivating a market or regulatory solution to IoT insecurity with the Mirai botnet code,” 2017 IEEE 7th Annu. Comput. Commun. Work. Conf. CCWC 2017, 2017.Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Shehu Amina
    • 1
  • Raul Vera
    • 1
  • Tooska Dargahi
    • 2
  • Ali Dehghantanha
    • 3
    Email author
  1. 1.School of Computing, Science and EngineeringUniversity of SalfordManchesterUK
  2. 2.Department of Computer ScienceSchool of Computing, Science and Engineering, University of SalfordManchesterUK
  3. 3.Cyber Science LabSchool of Computer Science, University of GuelphGuelphCanada

Personalised recommendations