!. Null and . Cwa, WaitForSingleObject)(hStopEvent, 0) != WAIT_TIMEOUT)breakMemory allocaTon. 178 DWORD dwReaded = WININET_BUFFER_SIZE; 179 if(!Mem::reallocEx(&pDownloaded, dwDownloaded + dwReaded))break InternetReadFile)(hRequest, pDownloaded + dwDownloaded, dwReaded, &dwReaded))break, for, vol.32, issue.184, pp.174-175

H. Guerid, A. Serhrouchni, M. Achemlal, and K. Mittig, A Novel Traceback Approach for Direct and Reflected ICMP Attacks, 2011 Conference on Network and Information Systems Security, pp.1-5, 2011.
DOI : 10.1109/SAR-SSI.2011.5931380

H. Guerid, K. Mittig, and A. Serhrouchni, Privacy-preserving domain-flux botnet detection in a large scale network, 2013 Fifth International Conference on Communication Systems and Networks (COMSNETS), pp.7-10, 2013.
DOI : 10.1109/COMSNETS.2013.6465572

H. Guerid, K. Mittig, and A. Serhrouchni, Collaborative Approach for Interdomain Botnet Detection in Large-scale Networks, Collaborative Computing : Networking, Applications and Worksharing (Collaboratecom), 2013 9th International Conference Conference on, pp.279-288

[. Bibliographie, D. Alyias, J. Batchelder, and . Blackbird, Microsoft security intelligence report july-december 2012, 2013.

]. H. Alj03 and . Aljifri, Ip traceback : a new denial-of-service deterrent ? Security Privacy, IEEE, vol.1, issue.3, pp.24-31, 2003.

A. Jart, J. Mcquaid, and M. Jonkman, Atrivo?cyber crime usa, 2008.

A. Manos, P. Roberto, D. David, L. Wenke, and F. Nick, Building a dynamic reputation system for dns, USE- NIX Security Symposium, pp.273-290, 2010.

A. Manos, P. Roberto, N. Yacin, V. Nikolaos, A. Saeed et al., From throw-away traffic to bots : detecting the rise of dga-based malware, Proceedings of the 21st USENIX conference on Security symposium, pp.24-24, 2012.

A. Dennis, R. Christian, S. Brett, P. Daniel, and B. Herbert, Highly resilient peer-to-peer botnets are here : An analysis of gameover zeus The Americas, Malicious and Unwanted SoftwareMALWARE), 2013 8th International Conference on, pp.116-123, 2013.

]. A. Ba03a and . Belenky, ANSARI : On ip traceback, Communications Magazine IEEE, issue.7, pp.41142-153, 2003.

B. Andrey and A. Nirwan, Ip traceback with deterministic packet marking, Communications Letters IEEE, vol.7, issue.4, pp.162-164, 2003.

[. Barros, A proposal for icmp traceback messages, ICMP Traceback Working Group, 2000.

B. David, Botnets-the silent threat, European Network and Information Security Agency (ENISA), p.171, 2007.

B. Leyla, K. Engin, K. Christopher, and B. Marco, Exposure : Finding malicious domains using passive dns analysis, NDSS, 2011.

]. B. Blo70, BLOOM : Space/time trade-offs in hash coding with allowable errors, Communications of the ACM, vol.13, issue.7, pp.422-426, 1970.

M. [. Broder and . Mitzenmacher, Network Applications of Bloom Filters: A Survey, Internet Mathematics, vol.1, issue.4, pp.485-509, 2004.
DOI : 10.1080/15427951.2004.10129096

B. Hamad, O. Thomas, B. Amine, S. Prosenjit, Y. Amr et al., On the analysis of the zeus botnet crimeware toolkit, Privacy Security and Trust (PST), 2010 Eighth Annual International Conference on, pp.31-38, 2010.

B. Danny, Fighting botnets with sinkholes, Network Security, issue.8, pp.201212-201227, 2012.

[. Advisory and C. , 01 smurf ip denial-of-service attacks, 1998.

[. Alves, C. Ruy, J. , Q. , E. Ramalho et al., A proposal to prevent click-fraud using clickable captchas, Proceedings of the 2012 IEEE Sixth International Conference on Software Security and Reliability Companion, pp.62-67, 2012.

C. Juan, G. Chris, K. Christian, and P. Vern, Measuring pay-per-install : The commoditization of malware distribution, USE- NIX Security Symposium, 2011.

C. Evan, J. Farnam, and M. Danny, The zombie roundup : Understanding, detecting, and disrupting botnets, Proceedings of the USENIX SRUTI Workshop, p.44, 2005.

C. Hyunsang, L. Hanwoo, L. Heejo, and K. Hyogon, Botnet detection by monitoring group activities in dns traffic, Computer and Information Technology 7th IEEE International Conference on, pp.715-720, 2007.

C. Peter, Spyeye bot versus zeus bot [cry] Cryptolocker creeps lure victims with fake adobe, microsoft activation codes, 2010.

C. Alper, T. Mike, D. Dan, B. Dustin, and E. Gerry, Behavioral patterns of fast flux service networks, System Sciences (HICSS), 2010 43rd Hawaii International Conference on, pp.1-9, 2010.

D. Drew, F. Matt, and S. Adam, An algebraic approach to ip traceback, ACM Transactions on Information and System Security (TISSEC), vol.5, issue.2, pp.119-137, 2002.

D. David, So you want to take over a botnet, Proceedings of the 5th USENIX conference on Large-Scale Exploits and Emergent Threats, pp.6-6, 2012.

D. Alberto, K. Alistair, P. Ferdinando, and P. Antonio, Analysis of a/0 stealth scan from a botnet, Proceedings of the 2012 ACM conference on Internet measurement conference, pp.1-14, 2012.

D. Steve, M. Daniel, C. Papadopoulos, J. Patrick, and . Walsh, Analyzing the aftermath of the mccolo shutdown, Applications and the Internet, 2009. SAINT'09. Ninth Annual International Symposium on, pp.157-160, 2009.

[. Ferguson and D. Senie, Rfc2827 (bcp38) : Network ingress filtering : Defeating denial of service attacks which employ ip source address spoofing. ietf, 2000.

F. Ahmad and S. Ahmed, Denial of service attack and defense schemes analysis and taxonomy, 3rd International Conference : Sciences of Electronics Technologies of Information and Telecomm, 2005.

G. Working, Conficker working group : Lessons learned, 2011.

G. Chris, B. Lucas, C. Juan, C. Neha, J. Christian et al., Manufacturing compromise : the emergence of exploit-as-a-service, Proceedings of the 2012 ACM conference on Computer and communications security, pp.821-832, 2012.

G. Jan and H. Thorsten, Rishi : Identify bot contaminated hosts by irc nickname evaluation, Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets, pp.8-8, 2007.

G. Hachem, M. Karel, and S. Ahmed, Collaborative approach for inter-domain botnet detection in large-scale networks, Collaborative Computing : Networking, Applications and Worksharing (Collaboratecom ), 2013 9th International Conference Conference on, pp.279-288, 2013.

G. Hachem, M. Karel, and S. Ahmed, Privacypreserving domain-flux botnet detection in a large scale network, Communication Systems and Networks (COMSNETS), 2013 Fifth International Conference on, pp.1-9, 2013.

G. Maria and N. Yury, Ddos attacks in h2 2011, Kaspersky Securelist, 2012.

G. Steve, Taking down botnets, Network Security, vol.2011, issue.5, pp.13-15, 2011.

G. Guofei, P. Phillip, Y. Vinod, F. Martin, and L. Wenke, Bothunter : Detecting malware infection through ids-driven dialog correlation, Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, p.12, 2007.

G. Guofei, P. Roberto, Z. Junjie, and L. Wenke, Botminer : Clustering analysis of network traffic for protocol-and structure-independent botnet detection, USENIX Security Symposium, pp.139-154, 2008.

G. Hachem, S. Ahmed, A. Mohammed, and M. Karel, A novel traceback approach for direct and reflected icmp attacks, Network and Information Systems Security (SAR-SSI), 2011 Conference on, pp.1-5, 2011.

G. Hachem, S. Ahmed, A. Mohammed, and M. Karel, Détection de botnets domain-flux dans un réseau à large échelle, Network and Information Systems Security (SAR-SSI), 2012 Conference on, 2012.

B. Julian, . Grizzard, S. Vikram, N. Chris, B. Byunghoon et al., Peer-to-peer botnets : Overview and case study, Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets, pp.1-1, 2007.

[. Gu, J. Zhang, and W. Lee, Botsniffer : Detecting botnet command and control channels in network traffic, Proceedings of the 15th Annual Network and Distributed System Security Symposium, NDSS, 2008.

H. Guerid, Analyse et traçabilité des attaques smurf, 2010.

H. Thorsten, G. Christian, R. Konrad, C. Felix, and . Freiling, Measuring and detecting fast-flux service networks, NDSS, 2008.

H. Fariba, K. Gunes, Z. Nur, I. Malcolm, and . Heywood, Malicious automatically generated domain name detection using stateful-sbb, Applications of Evolutionary Computation, pp.529-539, 2013.

H. Thorsten, A short visit to the bot zoo [malicious bots software]. Security & Privacy, IEEE, vol.3, issue.3, pp.76-79, 2005.

H. Thorsten, S. Moritz, D. Frederic, B. Ernst, C. Felix et al., Measurements and mitigation of peer-to-peer-based botnets : A case study on storm worm, pp.1-9, 2008.

I. Nicholas and H. Aaron, Botnets as a vehicle for online crime, CERT Coordination Center, vol.1, p.28, 2005.

. Jac and J. Kelly, Srizbi botnet sending over 60 billion spams a day

J. Nan, C. Jin, J. Yu, L. Erran, L. Zhi-li et al., Identifying suspicious activities through dns failure graph analysis, Network Protocols (ICNP) 18th IEEE International Conference on, pp.144-153, 2010.

J. Gregoire, H. Ralf, K. Christopher, and H. Thorsten, Jackstraws : Picking command and control connections from bot traffic, USENIX Security Symposium, 2011.

. Kdg-+-12b-]-e, J. Kosta, H. Dumortier, R. Graux, and . Tirtea, IKONOMOU : Study on data collection and storage in the eu, 2012.

K. Malachi, Ping of death, Insecure. org, 1996.

K. Turgay, G. Chao, S. Kamil, G. Sandra, and . Dykes, Single packet ip traceback in as-level partial deployment scenario, International Journal of Security and Networks, vol.2, issue.1, pp.95-108, 2007.

J. Erhan, J. Kartaltepe, M. Andre, X. Shouhuai, and S. Ravi, Social network-based botnet command-and-control : emerging threats and countermeasures, Applied Cryptography and Network Security, pp.511-528, 2010.

K. Anestis, R. Brian, and H. David, Wide-scale botnet detection and characterization, Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets, 2007.

]. S. Kum07 and . Kumar, Smurf-based distributed denial of service (ddos) attack amplification in internet, Internet Monitoring and Protection Second International Conference on, pp.25-25, 2007.

S. Hyun, K. Qiu-hong, W. Johannes, and B. Ullrich, A comparative study of cyberattacks, Communications of the ACM, vol.55, issue.3, pp.66-73, 2012.

L. Michael, The new front line : Estonia under cyberassault, IEEE, vol.5, issue.4, pp.76-79, 2007.

]. P. Lin09 and . Lin, Anatomy of the Mega-D takedown, Network Security, vol.2009, issue.12, pp.4-7, 2009.
DOI : 10.1016/S1353-4858(10)70005-2

L. Hui-tang, L. Ying-you, and C. Jui-wei, Genetic-based real-time fast-flux service networks detection, Computer Networks, vol.57, issue.2, pp.501-513, 2013.

L. Victoria, An introduction to Hacking and Crimeware : A Pocket Guide, 2012.

E. Michael, . Locasto, J. Janak, . Parekh, D. Angelos et al., Towards collaborative security and p2p intrusion detection, Information Assurance Workshop, 2005. IAW'05. Proceedings from the Sixth Annual IEEE SMC, pp.333-339, 2005.

L. Wei, R. Goaletsa, A. Ali, and . Ghorbani, Clustering botnet communication traffic based on n-gram feature selection, Computer Communications, vol.34, issue.3, pp.502-514, 2011.

L. Felix, H. Stuart, . Rubin, H. Michael, . Smith et al., Distributed denial of service attacks, Systems, Man, and Cybernetics IEEE International Conference on, pp.2275-2280, 2000.

L. Rainer and S. David, Lessons learned while sinkholing botnets? not as easy as it looks !, Proceedings of the 21st Virus Bulletin International Conference, pp.106-110

L. Jun, S. Minho, X. Jun, and L. Li, Large-scale ip traceback in highspeed internet : Practical techniques and theoretical foundation, Security and Privacy Proceedings. 2004 IEEE Symposium on, pp.115-129, 2004.

T. [. Leder and . Werner, Know your enemy : Containing conficker. The Honeynet Project, 2009.

L. Carl, W. Robert, L. David, and S. Timothy, Using machine learning technliques to identify botnet traffic, Local Computer Networks, Proceedings 2006 31st IEEE Conference on, pp.967-974, 2006.

L. Felix, W. Tillmann, and M. Peter, Proactive botnet countermeasures?an offensive approach. The Virtual Battlefield : Perspectives on Cyber Warfare, pp.211-225, 2009.

L. Jing, X. Yang, G. Kaveh, D. Hongmei, and Z. Jingyuan, Botnet : Classification, attacks, detection, tracing, and preventive measures, 2009.

M. Karel, D. Nicolas, and G. Hachem, Procédé de ralentissement d'une communication dans un réseau

M. Allison, M. Dan, W. Chien-lung, S. Felix, W. Lixia et al., On design and evaluation of, Computer Communications and Networks Proceedings. Tenth International Conference on, pp.159-165, 2001.

M. Jelena and R. Peter, A taxonomy of ddos attack and ddos defense mechanisms, ACM SIGCOMM Computer Communication Review, vol.34, issue.2, pp.39-53, 2004.

N. Yacin, A. Manos, P. Roberto, D. David, and L. Wenke, Beheading hydras : performing effective botnet takedowns, Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pp.121-132, 2013.

N. Jose, Blackenergy ddos bot analysis, Arbor, 2007.

N. Jose, Georgia ddos attacks-a quick summary of observations. arbor Sert (Security engineering and response team, p.12, 2008.

N. Jose, H. Thorsten, D. Oikarinen, and . Reed, As the net churns : Fast-flux botnet observations, Malicious and Unwanted Software 3rd International Conference on Rfc 1459 : Internet relay chat protocol, pp.24-31, 1993.

O. Jarkko and R. Darren, Internet relay chat protocol, 1993.

P. Roberto, A. Davide, and G. Giorgio, Scalable fine-grained behavioral clustering of http-based malware, Computer Networks, 2012.

P. Vern, An analysis of using reflectors for distributed denial-ofservice attacks, ACM SIGCOMM Computer Communication Review, vol.31, issue.3, pp.38-47, 2001.

E. [. Plohmann and . Gerhards-padilla, Case study of the miner botnet, Cyber Conflict (CYCON), 2012 4th International Conference on, pp.1-16, 2012.

P. Roberto, L. Wenke, and F. Nick, Behavioral clustering of http-based malware and signature generation using malicious network traces, NSDI, pp.391-404, 2010.

P. Jon, Internet control message protocol, 1981.

P. Matthew, The ddos that knocked spamhaus offline (and how we mitigated it), 2013.

P. Aiko, S. Anna, M. Giovane, D. Idilio, B. Rafael et al., Attacks by anonymous wikileaks proponents not anonymous, 2010.

R. Rb-]-editor and . Braden, Rfc 1122 : Requirements for internet hosts ? communication layers

R. Anirudh, F. Nick, and D. David, Revealing botnet membership using dnsbl counter-intelligence, Proc. 2nd USENIX Steps to Reducing Unwanted Traffic on the Internet, pp.49-54, 2006.

]. P. Roy08 and . Royal, Analysis of the kraken botnet, 2008.

R. Ashkan, Z. Raha, P. Stere, and D. Mourad, On the reverse engineering of the citadel botnet, Foundations and Practice of Security, pp.408-425, 2014.

S. Prosenjit, B. Amine, V. Heber, B. Mourad, and D. , Insights from the analysis of the mariposa botnet, Risks and Security of Internet and Systems (CRiSIS), 2010 Fifth International Conference on, pp.1-9, 2010.

R. Steven, . Snapp, B. James, V. Gihan, . Dias et al., Dids (distributed intrusion detection system)-motivation, architecture, and an early prototype, Proceedings of the 14th national computer security conference, pp.167-176, 1991.

K. Aditya, . Sood, J. Richard, . Enbody, and B. Rohit, Dissecting spyeyeunderstanding the design of third generation botnets, Computer Networks, 2012.

]. Sen and . Senie, Rfc 2644 : Changing the default for directed broadcast in routers

. Sgcc-+-09-]-b, M. Stone-gross, L. Cova, B. Cavallaro, M. Gilbert et al., VIGNA : Your botnet is my botnet : analysis of a botnet takeover, Proceedings of the 16th ACM conference on Computer and communications security, pp.635-647, 2009.

S. Brett, H. Thorsten, S. Gianluca, and V. Giovanni, The underground economy of spam : A botmaster's perspective of coordinating large-scale spam campaigns, USENIX Workshop on Large- Scale Exploits and Emergent Threats (LEET), 2011.

]. A. Shi10 and . Shipp, Lessons in botnets : The after-effects of isp takedowns, 2010.

[. Timothy, S. David, L. Robert, W. Carl, and L. , Botnet detection based on network behavior, Botnet Detection, pp.1-24

S. Hendrik and M. Klaus, Internet study, IPOQUE Report, vol.37, pp.351-362, 2008.

S. Abhishek, N. Ola, L. Chenghuai, L. Andre, and . Dos-san-tos, Malicious icmp tunneling : Defense against the vulnerability, Information Security and Privacy, pp.226-236, 2003.

D. Xiaodong, S. Adrian, and P. , Advanced and authenticated marking schemes for ip traceback, INFOCOM 2001. Twentieth Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings . IEEE, pp.878-886, 2001.

. Spi03 and S. Lance, Honeypots : Definitions and value of honeypots, 2003.

C. Alex, . Snoeren, P. Craig, A. Luis, . Sanchez et al., Hashbased ip traceback, In ACM SIGCOMM Computer Communication Review, vol.31, pp.3-14, 2001.

G. Douglas, . Steigerwald, S. Brett, A. Ryan, K. Richard et al., The underground economy of fake antivirus software, Proceedings of the Workshop on Information Security, 2011.

S. Sérgio, . Silva, M. Rodrigo, . Silva, C. Raquel et al., Botnets : A survey, Computer Networks, 2012.

S. Stefan, W. David, K. Anna, and A. Tom, Practical network support for ip traceback, ACM SIGCOMM Computer Communication Review, vol.30, issue.4, pp.295-306, 2000.

[. Timothy, S. Robert, W. Carl, L. David, and L. , Detecting botnets with tight command and control, Local Computer Networks , Proceedings 2006 31st IEEE Conference on, pp.195-202, 2006.

K. Brian, . Tanner, W. Gary, H. Stern, and S. Olechowski, Koobface : The evolution of the social botnet, In eCrime Researchers Summit, pp.1-10, 2010.

V. Giovanni, A. Richard, and . Kemmerer, Netstat : A network-based intrusion detection system, Journal of Computer Security, vol.7, issue.1, pp.37-71, 1999.

W. Peter, B. Leyla, H. Thorsten, G. Jan, K. Christopher et al., Automatically generating models for botnet detection, Computer Security?ESORICS 2009, pp.232-249, 2009.

W. Hailong and G. Zhenghu, Collaboration-based botnet detection architecture, Intelligent Computation Technology and Automation, 2009.

W. Bao-tung and S. Henning, A denial-of-service-resistant IP traceback approach, Proceedings. ISCC 2004. Ninth International Symposium on Computers And Communications (IEEE Cat. No.04TH8769), pp.351-356, 2004.
DOI : 10.1109/ISCC.2004.1358429

Y. Abraham, P. Adrian, and S. Dawn, Fit : fast internet traceback, INFOCOM 2005. 24th Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings IEEE, pp.1395-1406, 2005.

Y. Sandeep, A. L. Narasimha, and R. , Winning with dns failures : Strategies for faster botnet detection, Security and Privacy in Communication Networks, volume 96 de Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, pp.446-459, 2012.

A. [. Yadav, A. Reddy, S. Reddy, and . Ranjan, Detecting algorithmically generated malicious domain names, Proceedings of the 10th annual conference on Internet measurement, IMC '10, pp.48-61, 2010.
DOI : 10.1145/1879141.1879148

Y. Wei, Z. Zheng, and A. Nirwan, Revealing packed malware, IEEE, vol.6, issue.5, pp.65-69, 2008.

[. Vincent, Z. Christopher, L. Shanika, and K. , A survey of coordinated attacks and collaborative intrusion detection, Computers & Security, vol.29, issue.1, pp.124-140, 2010.

Z. Junjie, L. Xiapu, P. Roberto, G. Guofei, L. Wenke et al., Boosting the scalability of botnet detection using adaptive traffic sampling, Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, pp.124-134, 2011.

Z. Xiaonan, T. Athichart, K. George, J. David, and . Miller, Botnet detection through fine flow classification. unpublished, 2011.