{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,10]],"date-time":"2024-09-10T18:20:42Z","timestamp":1725992442594},"publisher-location":"Cham","reference-count":28,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030016883"},{"type":"electronic","value":"9783030016890"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-030-01689-0_3","type":"book-chapter","created":{"date-parts":[[2018,9,22]],"date-time":"2018-09-22T11:22:22Z","timestamp":1537615342000},"page":"33-48","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Classification of Malware Families Based on Runtime Behaviour"],"prefix":"10.1007","author":[{"given":"Munir","family":"Geden","sequence":"first","affiliation":[]},{"given":"Jassim","family":"Happa","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,9,23]]},"reference":[{"key":"3_CR1","unstructured":"11 of the worst ransomware - we name the internet nastiest extortion malware - Gallery - Computerworld UK. https:\/\/goo.gl\/wNDoL4"},{"key":"3_CR2","unstructured":"Cuckoo Sandbox: Automated Malware Analysis. https:\/\/cuckoosandbox.org\/"},{"key":"3_CR3","unstructured":"Hunting the Mutex - Palo Alto Networks Blog. https:\/\/researchcenter.paloaltonetworks.com\/2014\/08\/hunting-mutex\/"},{"key":"3_CR4","unstructured":"TrendLabs Security Intelligence BlogPOWELIKS: Malware Hides In Windows Registry - TrendLabs Security Intelligence Blog. https:\/\/goo.gl\/3nrgo7"},{"key":"3_CR5","doi-asserted-by":"publisher","unstructured":"Abou-Assaleh, T., Cercone, N., Keselj, V., Sweidan, R.: N-gram-based detection of new malicious code. In: Proceedings of the 28th Annual International Computer Software and Applications Conference, 2004, COMPSAC 2004. vol. 2, pp. 41\u201342. IEEE (2004). https:\/\/doi.org\/10.1109\/CMPSAC.2004.1342667","DOI":"10.1109\/CMPSAC.2004.1342667"},{"key":"3_CR6","unstructured":"Bayer, U., Kruegel, C., Kirda, E.: TTAnalyze: A tool for analyzing malware. In: 15th Annual Conference on European Institute for Computer Antivirus Research, pp. 180\u2013192 (2006)"},{"key":"3_CR7","doi-asserted-by":"publisher","unstructured":"Canali, D., Lanzi, A., Balzarotti, D., Kruegel, C., Christodorescu, M., Kirda, E.: A quantitative study of accuracy in system call-based malware detection. In: Proceedings of the 2012 International Symposium on Software Testing and Analysis - ISSTA 2012, p. 122 (2012). https:\/\/doi.org\/10.1145\/2338965.2336768","DOI":"10.1145\/2338965.2336768"},{"key":"3_CR8","doi-asserted-by":"crossref","unstructured":"Fukushima, Y., Sakai, A., Hori, Y., Sakurai, K.: A behavior based malware detection scheme for avoiding false positive. 2010 6th IEEE Workshop on Secure Network Protocols (NPSec), pp. 79\u201384 (2010)","DOI":"10.1109\/NPSEC.2010.5634444"},{"key":"3_CR9","unstructured":"Geden, M.: Ngram and signature based malware detection in android platform. Msc dissertation, University College London (2015). https:\/\/goo.gl\/uKJsHv"},{"issue":"1","key":"3_CR10","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1145\/1656274.1656278","volume":"11","author":"M Hall","year":"2009","unstructured":"Hall, M., Frank, E., Holmes, G., Pfahringer, B., Reutemann, P., Witten, I.H.: The WEKA data mining software. ACM SIGKDD Explor. 11(1), 10\u201318 (2009). https:\/\/doi.org\/10.1145\/1656274.1656278","journal-title":"ACM SIGKDD Explor."},{"key":"3_CR11","doi-asserted-by":"publisher","unstructured":"Hansen, S.S., Larsen, T.M.T., Stevanovic, M., Pedersen, J.M.: An approach for detection and family classification of malware based on behavioral analysis. In: 2016 International Conference on Computing, Networking and Communications, ICNC 2016, pp. 1\u20135. IEEE (2016). https:\/\/doi.org\/10.1109\/ICCNC.2016.7440587","DOI":"10.1109\/ICCNC.2016.7440587"},{"key":"3_CR12","doi-asserted-by":"publisher","first-page":"2721","DOI":"10.1002\/asi.20427","volume":"7","author":"JZ Kolter","year":"2006","unstructured":"Kolter, J.Z., Maloof, M.A.: Learning to detect and classify malicious executables in the wild. J. Mach. Learn. Res. 7, 2721\u20132744 (2006). https:\/\/doi.org\/10.1002\/asi.20427","journal-title":"J. Mach. Learn. Res."},{"key":"3_CR13","unstructured":"McAfee: McAfee Labs Threats Report March (2018). https:\/\/goo.gl\/ZeugSV"},{"key":"3_CR14","doi-asserted-by":"publisher","unstructured":"Nair, V.P., Jain, H., Golecha, Y.K., Gaur, M.S., Laxmi, V.: MEDUSA: MEtamorphic malware dynamic analysis using signature from API. In: Proceedings of the 3rd International Conference on Security of Information and Networks - SIN 2010 (January), p. 263 (2010). https:\/\/doi.org\/10.1145\/1854099.1854152","DOI":"10.1145\/1854099.1854152"},{"key":"3_CR15","doi-asserted-by":"publisher","unstructured":"Pirscoveanu, R., Hansen, S.S., Larsen, T., Stevanovic, M. Pedersen, J., Czech, A.: Analysis of malware behavior: type classification using machine learning. In: International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), pp. 1\u20137 (2015). https:\/\/doi.org\/10.1109\/CyberSA.2015.7166128","DOI":"10.1109\/CyberSA.2015.7166128"},{"issue":"3","key":"3_CR16","doi-asserted-by":"publisher","first-page":"231","DOI":"10.1007\/s11416-006-0027-8","volume":"2","author":"DKS Reddy","year":"2006","unstructured":"Reddy, D.K.S., Pujari, A.K.: N-gram analysis for computer virus detection. J. Comput. Virol. 2(3), 231\u2013239 (2006)","journal-title":"J. Comput. Virol."},{"key":"3_CR17","doi-asserted-by":"publisher","unstructured":"Salehi, Z., Ghiasi, M., Sami, A.: A miner for malware detection based on API function calls and their arguments. In: The 16th CSI International Symposium on Artificial Intelligence and Signal Processing (AISP 2012), pp. 563\u2013568. IEEE, May 2012. https:\/\/doi.org\/10.1109\/AISP.2012.6313810","DOI":"10.1109\/AISP.2012.6313810"},{"key":"3_CR18","doi-asserted-by":"publisher","unstructured":"Sami, A., Yadegari, B., Peiravian, N., Hashemi, S., Hamze, A.: Malware detection based on mining API calls. In: Proceedings of the 2010 ACM Symposium on Applied Computing - SAC 2010, p. 1020 (2010). https:\/\/doi.org\/10.1145\/1774088.1774303","DOI":"10.1145\/1774088.1774303"},{"key":"3_CR19","doi-asserted-by":"publisher","unstructured":"Schultz, M., Eskin, E., Zadok, F., Stolfo, S.: Data mining methods for detection of new malicious executables. In: Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001, pp. 38\u201349. IEEE Computer Society (2001). https:\/\/doi.org\/10.1109\/SECPRI.2001.924286","DOI":"10.1109\/SECPRI.2001.924286"},{"key":"3_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"230","DOI":"10.1007\/978-3-319-45719-2_11","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"M Sebasti\u00e1n","year":"2016","unstructured":"Sebasti\u00e1n, M., Rivera, R., Kotzias, P., Caballero, J.: AVclass: A tool for massive malware labeling. In: Monrose, F., Dacier, M., Blanc, G., Garcia-Alfaro, J. (eds.) RAID 2016. LNCS, vol. 9854, pp. 230\u2013253. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-45719-2_11"},{"key":"3_CR21","doi-asserted-by":"publisher","unstructured":"Shabtai, A., Fledel, Y., Elovici, Y.: Automated static code analysis for classifying android applications using machine learning. In: Proceedings - 2010 International Conference on Computational Intelligence and Security, CIS 2010, pp. 329\u2013333 (2010). https:\/\/doi.org\/10.1109\/CIS.2010.77","DOI":"10.1109\/CIS.2010.77"},{"key":"3_CR22","doi-asserted-by":"publisher","unstructured":"Tsyganok, K., Tumoyan, E., Babenko, L., Anikeev, M.: Classification of polymorphic and metamorphic malware samples based on their behavior. In: Proceedings of the Fifth International Conference on Security of Information and Networks - SIN 2012, pp. 111\u2013116 (2012). https:\/\/doi.org\/10.1145\/2388576.2388591","DOI":"10.1145\/2388576.2388591"},{"key":"3_CR23","doi-asserted-by":"publisher","unstructured":"Uppal, D., Sinha, R., Mehra, V., Jain, V.: Malware detection and classification based on extraction of API sequences. In: 2014 International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 2337\u20132342. IEEE, September 2014. https:\/\/doi.org\/10.1109\/ICACCI.2014.6968547","DOI":"10.1109\/ICACCI.2014.6968547"},{"issue":"2","key":"3_CR24","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1109\/MSP.2007.45","volume":"5","author":"C Willems","year":"2007","unstructured":"Willems, C., Holz, T., Freiling, F.: Toward automated dynamic malware analysis using CWSandbox. IEEE Secur. Priv. Mag. 5(2), 32\u201339 (2007). https:\/\/doi.org\/10.1109\/MSP.2007.45","journal-title":"IEEE Secur. Priv. Mag."},{"issue":"15","key":"3_CR25","doi-asserted-by":"publisher","first-page":"2429","DOI":"10.1093\/bioinformatics\/bth267","volume":"20","author":"T. Li","year":"2004","unstructured":"Yang, Y., Pedersen, J.O.: A comparative study on feature selection in text categorization. In: Machine Learning-International Workshop Then Conference, pp. 412\u2013420 (1997). https:\/\/doi.org\/10.1093\/bioinformatics\/bth267","journal-title":"Bioinformatics"},{"issue":"4","key":"3_CR26","doi-asserted-by":"publisher","first-page":"323","DOI":"10.1007\/s11416-008-0082-4","volume":"4","author":"Y Ye","year":"2008","unstructured":"Ye, Y., Wang, D., Li, T., Ye, D., Jiang, Q.: An intelligent PE-malware detection system based on association mining. J. Comput. Virol. 4(4), 323\u2013334 (2008). https:\/\/doi.org\/10.1007\/s11416-008-0082-4","journal-title":"J. Comput. Virol."},{"issue":"1","key":"3_CR27","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1049\/iet-ifs.2013.0095","volume":"8","author":"SY Yerima","year":"2014","unstructured":"Yerima, S.Y., Sezer, S., McWilliams, G.: Analysis of Bayesian classification-based approaches for android malware detection. IET Inf. Secur. 8(1), 25\u201336 (2014). https:\/\/doi.org\/10.1049\/iet-ifs.2013.0095","journal-title":"IET Inf. Secur."},{"key":"3_CR28","doi-asserted-by":"publisher","unstructured":"Zhang, P., Tan, Y.: Class-wise information gain. In: 2013 IEEE Third International Conference on Information Science and Technology (ICIST), pp. 972\u2013978. IEEE, March 2013. https:\/\/doi.org\/10.1109\/ICIST.2013.6747700","DOI":"10.1109\/ICIST.2013.6747700"}],"container-title":["Lecture Notes in Computer Science","Cyberspace Safety and Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-01689-0_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,24]],"date-time":"2019-10-24T17:05:29Z","timestamp":1571936729000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-01689-0_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783030016883","9783030016890"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-01689-0_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"CSS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Cyberspace Safety and Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Amalfi","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Italy","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 October 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"31 October 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"css2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/css2018.di.unisa.it\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}