{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,3]],"date-time":"2025-07-03T18:41:22Z","timestamp":1751568082246},"publisher-location":"Cham","reference-count":35,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030252823"},{"type":"electronic","value":"9783030252830"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-25283-0_20","type":"book-chapter","created":{"date-parts":[[2019,7,19]],"date-time":"2019-07-19T14:02:57Z","timestamp":1563544977000},"page":"381-400","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Environmental Authentication in Malware"],"prefix":"10.1007","author":[{"given":"Jeremy","family":"Blackthorne","sequence":"first","affiliation":[]},{"given":"Benjamin","family":"Kaiser","sequence":"additional","affiliation":[]},{"given":"Benjamin","family":"Fuller","sequence":"additional","affiliation":[]},{"given":"B\u00fclent","family":"Yener","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,7,20]]},"reference":[{"key":"20_CR1","unstructured":"Bauer, C.: ReMASTering Applications by Obfuscating during Compilation. blog post, August 2014"},{"key":"20_CR2","unstructured":"Balzarotti, D., Cova, M., Karlberger, C., Kirda, E., Kruegel, C., Vigna, G.: Efficient detection of split personalities in malware. In: NDSS, Citeseer (2010)"},{"key":"20_CR3","unstructured":"Balzarotti, D., Cova, M., Karlberger, C., Kruegel, C., Kirda, E., Vigna, G.: Efficient detection of split personalities in Malware. In: Proceedings of the Symposium on Network and Distributed System Security (NDSS) (2010)"},{"key":"20_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-44647-8_1","volume-title":"Advances in Cryptology\u2014CRYPTO 2001","author":"B Barak","year":"2001","unstructured":"Barak, B., et al.: On the (im)possibility of obfuscating programs. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 1\u201318. Springer, Heidelberg (2001). \n                      https:\/\/doi.org\/10.1007\/3-540-44647-8_1"},{"key":"20_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1007\/978-3-319-45719-2_10","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"J Blackthorne","year":"2016","unstructured":"Blackthorne, J., Kaiser, B., Yener, B.: A formal framework for environmentally sensitive malware. In: Monrose, F., Dacier, M., Blanc, G., Garcia-Alfaro, J. (eds.) RAID 2016. LNCS, vol. 9854, pp. 211\u2013229. Springer, Cham (2016). \n                      https:\/\/doi.org\/10.1007\/978-3-319-45719-2_10"},{"key":"20_CR6","doi-asserted-by":"crossref","unstructured":"Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 62\u201373. ACM (1993)","DOI":"10.1145\/168588.168596"},{"key":"20_CR7","unstructured":"Chen, X., Andersen, J., Mao, Z.M., Bailey, M., Nazario, J.: Towards an understanding of anti-virtualization and anti-debugging behavior in modern malware. In: IEEE International Conference on Dependable Systems and Networks With FTCS and DCC, 2008. DSN 2008, pp. 177\u2013186, June 2008"},{"key":"20_CR8","doi-asserted-by":"crossref","unstructured":"Cichonski, P., Millar, T., Grance, T., Scarfone, K.: Computer Security Incident Handling Guide: Recommendations of the National Institute of Standards and Technology, 800\u201361. Revision 2. NIST Special Publication, 800\u201361:79 (2012)","DOI":"10.6028\/NIST.SP.800-61r2"},{"key":"20_CR9","unstructured":"Collberg, C., Thomborson, C., Low, D.: A Taxonomy of Obfuscating Transformations (1997)"},{"key":"20_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"523","DOI":"10.1007\/978-3-540-24676-3_31","volume-title":"Advances in Cryptology - EUROCRYPT 2004","author":"Y Dodis","year":"2004","unstructured":"Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523\u2013540. Springer, Heidelberg (2004). \n                      https:\/\/doi.org\/10.1007\/978-3-540-24676-3_31"},{"key":"20_CR11","doi-asserted-by":"crossref","unstructured":"Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors-a brief survey of results from 2004 to 2006. In: Security with Noisy Data. Citeseer (2008)","DOI":"10.1007\/978-1-84628-984-2_5"},{"key":"20_CR12","doi-asserted-by":"crossref","unstructured":"Dinaburg, A., Royal, P., Sharif, M., Lee, W.: Ether: malware analysis via hardware virtualization extensions. In: CCS 2008 Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 51\u201362 (2008)","DOI":"10.1145\/1455770.1455779"},{"key":"20_CR13","unstructured":"Ferrie, P.: Attacks on More Virtual Machine Emulators. Technical report, Symantec Advanced Threat Research (2007)"},{"key":"20_CR14","unstructured":"Ferrie, P.: The Ultimate Anti-Debugging Reference, May 2011. \n                      http:\/\/pferrie.host22.com\/papers\/antidebug.pdf\n                      \n                    . Accessed 6 Apr 2015"},{"key":"20_CR15","doi-asserted-by":"crossref","unstructured":"Futoransky, A., Kargieman, E., Sarraute, C., Waissbein, A.: Foundations and applications for secure triggers. In: ACM Transactions of Information Systems Security, p. 2006 (2006)","DOI":"10.1145\/1127345.1127349"},{"key":"20_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"277","DOI":"10.1007\/978-3-662-53887-6_10","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2016","author":"B Fuller","year":"2016","unstructured":"Fuller, B., Reyzin, L., Smith, A.: When are fuzzy extractors possible? In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 277\u2013306. Springer, Heidelberg (2016). \n                      https:\/\/doi.org\/10.1007\/978-3-662-53887-6_10"},{"key":"20_CR17","doi-asserted-by":"crossref","unstructured":"Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: FOCS, pp. 40\u201349. IEEE Computer Society (2013)","DOI":"10.1109\/FOCS.2013.13"},{"issue":"5","key":"20_CR18","doi-asserted-by":"publisher","first-page":"42","DOI":"10.1109\/MSP.2015.2439717","volume":"32","author":"G Itkis","year":"2015","unstructured":"Itkis, G., Chandar, V., Fuller, B.W., Campbell, J.P., Cunningham, R.K.: Iris biometric security challenges and possible solutions: for your eyes only? Using the iris as a key. IEEE Signal Process. Mag. 32(5), 42\u201353 (2015)","journal-title":"IEEE Signal Process. Mag."},{"key":"20_CR19","unstructured":"Jsteube. oclGaussCrack (2016)"},{"key":"20_CR20","doi-asserted-by":"crossref","unstructured":"Kolbitsch, C., Livshits, B., Zorn, B., Seifert, C.: Rozzle: de-cloaking internet malware. In: Proceedings of the 2012 IEEE Symposium on Security and Privacy. SP 2012, pp. 443\u2013457. IEEE Computer Society, Washington (2012)","DOI":"10.1109\/SP.2012.48"},{"key":"20_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"631","DOI":"10.1007\/978-3-642-14623-7_34","volume-title":"Advances in Cryptology \u2013 CRYPTO 2010","author":"H Krawczyk","year":"2010","unstructured":"Krawczyk, H.: Cryptographic extraction and key derivation: the HKDF scheme. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 631\u2013648. Springer, Heidelberg (2010). \n                      https:\/\/doi.org\/10.1007\/978-3-642-14623-7_34"},{"key":"20_CR22","doi-asserted-by":"crossref","unstructured":"Kang, M.G., Yin, H., Hanna, S., McCamant, S., Song, D.: Emulating emulation-resistant malware. In: Proceedings of the 1st ACM Workshop on Virtual Machine Security, VMSec 2009, pp. 11\u201322. ACM, New York (2009)","DOI":"10.1145\/1655148.1655151"},{"key":"20_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"338","DOI":"10.1007\/978-3-642-23644-0_18","volume-title":"Recent Advances in Intrusion Detection","author":"M Lindorfer","year":"2011","unstructured":"Lindorfer, M., Kolbitsch, C., Milani Comparetti, P.: Detecting environment-sensitive malware. In: Sommer, R., Balzarotti, D., Maier, G. (eds.) RAID 2011. LNCS, vol. 6961, pp. 338\u2013357. Springer, Heidelberg (2011). \n                      https:\/\/doi.org\/10.1007\/978-3-642-23644-0_18"},{"key":"20_CR24","unstructured":"Moon, P.: The Use of Packers, Obfuscators and Encryptors in Modern Malware. Technical report, Information Security Group, Royal Holloway University of London (2015)"},{"issue":"1","key":"20_CR25","doi-asserted-by":"publisher","first-page":"148","DOI":"10.1006\/jcss.1997.1546","volume":"58","author":"N Nisan","year":"1999","unstructured":"Nisan, N., Ta-Shma, A.: Extracting randomness: a survey and new constructions. J. Comput. Syst. Sci. 58(1), 148\u2013173 (1999)","journal-title":"J. Comput. Syst. Sci."},{"issue":"1","key":"20_CR26","doi-asserted-by":"publisher","first-page":"43","DOI":"10.1006\/jcss.1996.0004","volume":"52","author":"N Nisan","year":"1996","unstructured":"Nisan, N., Zuckerman, D.: Randomness is linear in space. J. Comput. Syst. Sci. 52(1), 43\u201352 (1996)","journal-title":"J. Comput. Syst. Sci."},{"key":"20_CR27","doi-asserted-by":"crossref","unstructured":"Paleari, R., Martignoni, L., Roglia, G.F., Bruschi, D.: A fistful of red-pills: how to automatically generate procedures to detect CPU emulators. In: Proceedings of the 3rd USENIX Conference on Offensive Technologies. WOOT 2009, p. 2. USENIX Association, Berkeley (2009)","DOI":"10.1145\/1572272.1572303"},{"key":"20_CR28","unstructured":"R\u00e9nyi, A.: On measures of entropy and information. In: Proceedings of the fourth Berkeley Symposium on Mathematical Statistics and Probability, vol. 1, pp. 547\u2013561 (1961)"},{"key":"20_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1007\/3-540-68671-1_2","volume-title":"Mobile Agents and Security","author":"J Riordan","year":"1998","unstructured":"Riordan, J., Schneier, B.: Environmental key generation towards clueless agents. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 15\u201324. Springer, Heidelberg (1998). \n                      https:\/\/doi.org\/10.1007\/3-540-68671-1_2"},{"key":"20_CR30","unstructured":"Kaspersky Lab Global Research and Analysis Team: Gauss: Abnormal Distribution. Technical report, Kaspersky Lab (2012)"},{"key":"20_CR31","volume-title":"Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software","author":"M Sikorski","year":"2012","unstructured":"Sikorski, M., Honig, A.: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software, 1st edn. No Starch Press, San Francisco (2012)","edition":"1"},{"key":"20_CR32","unstructured":"Song, C., Royal, P., Lee, W.: Impeding automated malware analysis with environment-sensitive malware. In: Hotsec (2012)"},{"key":"20_CR33","unstructured":"Saxena, A., Wyseur, B., Preneel, B.: White-box cryptography: formal notions and (im) possibility results (2008). IACR Cryptology ePrint Archive, 2008, 2008:273"},{"key":"20_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1007\/978-3-319-11379-1_2","volume-title":"Research in Attacks, Intrusions and Defenses","author":"Z Xu","year":"2014","unstructured":"Xu, Z., Zhang, J., Gu, G., Lin, Z.: GoldenEye: efficiently and effectively unveiling malware\u2019s targeted environment. In: Stavrou, A., Bos, H., Portokalidis, G. (eds.) RAID 2014. LNCS, vol. 8688, pp. 22\u201345. Springer, Cham (2014). \n                      https:\/\/doi.org\/10.1007\/978-3-319-11379-1_2"},{"key":"20_CR35","unstructured":"Yan, L.K.: Transparent and precise malware analysis using virtualization: from theory to practice (2013). \n                      https:\/\/surface.syr.edu\/cgi\/viewcontent.cgi?referer=https:\/\/scholar.google.com\/&httpsredir=1&article=1336&context=eecs_etd"}],"container-title":["Lecture Notes in Computer Science","Progress in Cryptology \u2013 LATINCRYPT 2017"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-25283-0_20","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,7,19]],"date-time":"2019-07-19T14:27:37Z","timestamp":1563546457000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-25283-0_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030252823","9783030252830"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-25283-0_20","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"20 July 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"LATINCRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Cryptology and Information Security in Latin America","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Havana","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Cuba","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2017","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 September 2017","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 September 2017","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"latincrypt2017","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/latincrypt.matcom.uh.cu\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"iChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"64","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"20","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"31% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.2","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4-5","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"contains 1 invited paper","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}