{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,9]],"date-time":"2026-01-09T21:44:54Z","timestamp":1767995094063,"version":"3.49.0"},"publisher-location":"Boston, MA","reference-count":23,"publisher":"Springer US","isbn-type":[{"value":"9780387327204","type":"print"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-0-387-44599-1_11","type":"book-chapter","created":{"date-parts":[[2007,3,4]],"date-time":"2007-03-04T10:35:08Z","timestamp":1173004508000},"page":"231-249","source":"Crossref","is-referenced-by-count":43,"title":["Towards Stealthy Malware Detection"],"prefix":"10.1007","author":[{"given":"Salvatore J.","family":"Stolfo","sequence":"first","affiliation":[]},{"given":"Ke","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Wei-Jen","family":"Li","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"11_CR1","unstructured":"K. G. Anagnostakis, S. Sidiroglou, P. Akritidis, K. Xinidis, E. Markatos, and A. D. Keromytis. \u201cDetecting Targeted Attacks Using Shadow Honeypots\u201d, Proceedings of the 14th USENIX Security Symposium, 2005."},{"key":"11_CR2","unstructured":"R. Balzer and N. Goldman, \u201cMediating Connectors\u201d, Proceedings of the 19 IEEE International Conference on Distributed Computing Systems Workshop, 1994."},{"key":"11_CR3","unstructured":"M. Christodorescu and S. Jha, \u201cStatic Analysis of Executables to Detect Malicious Patterns\u201d, In Proceedings of the 12th USENIX Security Symposium, August 2003"},{"issue":"5 199","key":"11_CR4","doi-asserted-by":"publisher","first-page":"843","DOI":"10.1126\/science.267.5199.843","volume":"267","author":"M. Damashek","year":"1995","unstructured":"M. Damashek. \u201cGauging similarity with n-grams: language independent categorization of text.\u201d Science, 267(5 199):843\u2013848, 1995","journal-title":"Science"},{"key":"11_CR5","doi-asserted-by":"crossref","unstructured":"E. Eskin, W. Lee and S. J. Stolfo. \u201cModeling System Calls for Intrusion Detection with Dynamic Window Sizes.\u201d Proceedings of DISCEX 11. June 2001.","DOI":"10.1109\/DISCEX.2001.932213"},{"key":"11_CR6","unstructured":"J. Giffin, S. Jha, and B. Miller. \u201cDetecting Manipulated Remote Call Streams\u201d. In the 11th USENIX Security Symposium, 2002"},{"key":"11_CR7","unstructured":"C. KO, M. Ruschitzka, and K. Levitt. \u201cExecution monitoring of security-critical programs in distributed systems: A specification-based approach\u201d. In Proceedings of the IEEE Symposium on Security and Privacy, 1997."},{"key":"11_CR8","doi-asserted-by":"crossref","unstructured":"J. Kolter and M. Maloof. \u201cLearning to Detect Malicious Executables in the Wild.\u201d In the Proceedings of ACM SIGKDD, 2004","DOI":"10.1145\/1014052.1014105"},{"key":"11_CR9","unstructured":"C. Krugel, W. Robertson, F. Valeur, G. Vigna. \u201cStatic Disassembly of Obfuscated Binaries\u201d. In Proceedings of USENIX Security Symposium, 2004."},{"key":"11_CR10","doi-asserted-by":"crossref","unstructured":"A. Kurchuk and A. Keromytis. \u201cRecursive Sandboxes: Extending Systrace to Empower Applications\u201d. In Proceeding of the 19th IFIP International Information Security Conference (SEC), Aug. 2004","DOI":"10.1007\/1-4020-8143-X_31"},{"key":"11_CR11","unstructured":"W. Li, K. Wang, S. Stolfo and B. Herzog. \u201cFileprints: identifying file types by n-gram analysis\u201d. 6th IEEE Information Assurance Workshop, West Point, NY, June, 2005."},{"key":"11_CR12","unstructured":"M. McDaniel, M. Heydari. \u201cContent Based File Type Detection Algorithms\u201d. 36th Annual Hawaii International Conference on System Sciences (HICSS\u201903)."},{"key":"11_CR13","doi-asserted-by":"crossref","unstructured":"G. Necula, P. Lee. \u201cProof-Canying Code\u201d In Proceedings of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), 1997","DOI":"10.1145\/263699.263712"},{"key":"11_CR14","unstructured":"F. B. Schneider. \u201cEnforceable security politics\u201d. Technical Report 98-1664, Cornell University, 1998"},{"key":"11_CR15","unstructured":"M. Schultz, E. Eskin, and S. Stolfo. \u201cMalicious Email Filter-A UNIX Mail Filter that Detects Malicious Windows Executables.\u201d In Proceedings of USENIX Annual Technical Conference-FREENIX Track. Boston, MA: June 2001."},{"key":"11_CR16","doi-asserted-by":"crossref","unstructured":"R. Sekar, A. Gupta, J. Frullo, T. Shanbhag, A. Tiwari, H. Yang and S. Zhou. \u201cSpecification-Based Anomaly Detection: a new approach for detecting network intrusions\u201d, RAID 2002","DOI":"10.1145\/586110.586146"},{"key":"11_CR17","doi-asserted-by":"crossref","unstructured":"A. Shamir and N. van Someren. \u201cPlaying Hide and Seek with stored keys\u201d, Financial Cryptography 1999.","DOI":"10.1007\/3-540-48390-X_9"},{"key":"11_CR18","doi-asserted-by":"crossref","unstructured":"D. Wagner and D. Dean. \u201cIntrusion Detection via Static Analysis\u201d. In IEEE Symposium in Security and Privacy, Oakland, CA, 2001","DOI":"10.1109\/SECPRI.2001.924296"},{"key":"11_CR19","doi-asserted-by":"crossref","unstructured":"K. Wang, G. Cretu and S. Stolfo. \u201cAnomalous Payload-based Worm Detection and Signature Generation\u201d. To appear in Proceedings of the Eighth International Symposium on Recent Advances in Intrusion Detection, Sept. 2005.","DOI":"10.1007\/11663812_12"},{"key":"11_CR20","doi-asserted-by":"crossref","unstructured":"K. Wang and S. Stolfo. \u201cAnomalous Payload-based Network Intrusion Detection\u201d. In Proceedings of the Seventh International Symposium on Recent Advance in Intrusion Detection (RAID), Sept. 2004.","DOI":"10.1007\/978-3-540-30143-1_11"},{"key":"11_CR21","doi-asserted-by":"crossref","unstructured":"C. Warrender, S. Forrest, and B. Pearlmutter. \u201cDetecting intrusions using System calls: alternative data models, Proc. of 1999 IEEE Symposium on Security and Privacy, 1999.","DOI":"10.1109\/SECPRI.1999.766910"},{"key":"11_CR22","unstructured":"VX Heavens http:\/\/vx.netlux.org\/"},{"key":"11_CR23","unstructured":"Net Alliance http:\/\/www.shellcode.com.ar\/docz\/bof\/pe.pdf"}],"container-title":["Advances in Information Security","Malware Detection"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-0-387-44599-1_11.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,27]],"date-time":"2021-04-27T22:00:34Z","timestamp":1619560834000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-0-387-44599-1_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9780387327204"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-0-387-44599-1_11","relation":{},"subject":[]}}