{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T07:22:57Z","timestamp":1726039377386},"publisher-location":"Cham","reference-count":23,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030268336"},{"type":"electronic","value":"9783030268343"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-26834-3_9","type":"book-chapter","created":{"date-parts":[[2019,8,6]],"date-time":"2019-08-06T19:05:29Z","timestamp":1565118329000},"page":"149-167","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Correlating High- and Low-Level Features:"],"prefix":"10.1007","author":[{"given":"Sergii","family":"Banin","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Geir Olav","family":"Dyrkolbotn","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,7,24]]},"reference":[{"key":"9_CR1","unstructured":"Types of malware. \n                      https:\/\/usa.kaspersky.com\/resource-center\/threats\/types-of-malware\n                      \n                    . Accessed 17 Mar 2019"},{"key":"9_CR2","unstructured":"Virusshare.com. \n                      https:\/\/virusshare.com\/\n                      \n                    . Accessed 12 Mar 2019"},{"key":"9_CR3","unstructured":"Weka: Data mining software in Java (2019). \n                      http:\/\/www.cs.waikato.ac.nz\/ml\/weka\/\n                      \n                    . Accessed 12 Mar 2019"},{"key":"9_CR4","unstructured":"Alazab, M., Layton, R., Venkataraman, S., Watters, P.: Malware detection based on structural and behavioural features of api calls (2010)"},{"key":"9_CR5","doi-asserted-by":"publisher","unstructured":"Bahador, M.B., Abadi, M., Tajoddin, A.: HPCMalHunter: behavioral malware detection using hardware performance counters and singular value decomposition. In: 2014 4th International eConference on Computer and Knowledge Engineering (ICCKE), pp. 703\u2013708. IEEE (2014). \n                      https:\/\/doi.org\/10.1109\/iccke.2014.6993402","DOI":"10.1109\/iccke.2014.6993402"},{"key":"9_CR6","doi-asserted-by":"publisher","first-page":"S107","DOI":"10.1016\/j.diin.2018.04.019","volume":"26","author":"S Banin","year":"2018","unstructured":"Banin, S., Dyrkolbotn, G.O.: Multinomial malware classification via low-level features. Digit. Invest. 26, S107\u2013S117 (2018). \n                      https:\/\/doi.org\/10.1016\/j.diin.2018.04.019","journal-title":"Digit. Invest."},{"key":"9_CR7","unstructured":"Banin, S., Shalaginov, A., Franke, K.: Memory access patterns for malware detection. (NISK) 96\u2013107 (2016). Norsk informasjonssikkerhetskonferanse"},{"key":"9_CR8","volume-title":"Advanced Persistent Threat: Understanding the Danger and How to Protect Your Organization","author":"E Cole","year":"2012","unstructured":"Cole, E.: Advanced Persistent Threat: Understanding the Danger and How to Protect Your Organization. Newnes, Amsterdam (2012)"},{"key":"9_CR9","unstructured":"Hoglund, G.: What APT Means To Your Enterprise (2011). \n                      https:\/\/pdfs.semanticscholar.org\/d0a0\/47c6b19fc3645973f8f300b507886b54196a.pdf"},{"key":"9_CR10","unstructured":"Group, T.R.: Testimon research group (2017). \n                      https:\/\/testimon.ccis.no\/"},{"key":"9_CR11","unstructured":"Hall, M.A.: Correlation-based feature subset selection for machine learning. Ph.D. thesis, University of Waikato, Hamilton, New Zealand (1998)"},{"key":"9_CR12","unstructured":"IntelPin: A dynamic binary instrumentation tool (2019)"},{"issue":"2","key":"9_CR13","doi-asserted-by":"publisher","first-page":"646","DOI":"10.1016\/j.jnca.2012.10.004","volume":"36","author":"R Islam","year":"2013","unstructured":"Islam, R., Tian, R., Batten, L.M., Versteeg, S.: Classification of malware based on integrated static and dynamic features. J. Netw. Comput. Appl. 36(2), 646\u2013656 (2013). \n                      https:\/\/doi.org\/10.1016\/j.jnca.2012.10.004","journal-title":"J. Netw. Comput. Appl."},{"key":"9_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-319-26362-5_1","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"KN Khasawneh","year":"2015","unstructured":"Khasawneh, K.N., Ozsoy, M., Donovick, C., Abu-Ghazaleh, N., Ponomarev, D.: Ensemble learning for low-level hardware-supported malware detection. In: Bos, H., Monrose, F., Blanc, G. (eds.) RAID 2015. LNCS, vol. 9404, pp. 3\u201325. Springer, Cham (2015). \n                      https:\/\/doi.org\/10.1007\/978-3-319-26362-5_1"},{"key":"9_CR15","doi-asserted-by":"publisher","DOI":"10.1533\/9780857099440","volume-title":"Machine Learning and Data Mining: Introduction to Principles and Algorithms","author":"I Kononenko","year":"2007","unstructured":"Kononenko, I., Kukar, M.: Machine Learning and Data Mining: Introduction to Principles and Algorithms. Horwood Publishing, Cambridge (2007)"},{"issue":"3","key":"9_CR16","doi-asserted-by":"publisher","first-page":"85","DOI":"10.13189\/csit.2016.040301","volume":"4","author":"Hyun-il Lim","year":"2016","unstructured":"Lim, H.I.: Detecting malicious behaviors of software through analysis of api sequence k-grams i (2016). \n                      https:\/\/doi.org\/10.13189\/csit.2016.040301","journal-title":"Computer Science and Information Technology"},{"key":"9_CR17","doi-asserted-by":"publisher","unstructured":"Ozsoy, M., Donovick, C., Gorelik, I., Abu-Ghazaleh, N., Ponomarev, D.: Malware-aware processors: a framework for efficient online malware detection. In: 2015 IEEE 21st International Symposium on High Performance Computer Architecture (HPCA), pp. 651\u2013661. IEEE (2015). \n                      https:\/\/doi.org\/10.1109\/hpca.2015.7056070","DOI":"10.1109\/hpca.2015.7056070"},{"issue":"11","key":"9_CR18","doi-asserted-by":"publisher","first-page":"3332","DOI":"10.1109\/tc.2016.2540634","volume":"65","author":"M Ozsoy","year":"2016","unstructured":"Ozsoy, M., Khasawneh, K.N., Donovick, C., Gorelik, I., Abu-Ghazaleh, N., Ponomarev, D.: Hardware-based malware detection using low-level architectural features. IEEE Trans. Comput. 65(11), 3332\u20133344 (2016). \n                      https:\/\/doi.org\/10.1109\/tc.2016.2540634","journal-title":"IEEE Trans. Comput."},{"key":"9_CR19","unstructured":"Reuters: Ukraine\u2019s power outage was a cyber attack: Ukrenergo (2017). \n                      https:\/\/www.reuters.com\/article\/us-ukraine-cyber-attack-energy\/ukraines-power-outage-was-a-cyber-attack-ukrenergo-idUSKBN1521BA"},{"key":"9_CR20","doi-asserted-by":"publisher","unstructured":"Shalaginov, A., Grini, L.S., Franke, K.: Understanding neuro-fuzzy on a class of multinomial malware detection problems. In: 2016 International Joint Conference on Neural Networks (IJCNN), pp. 684\u2013691. IEEE (2016). \n                      https:\/\/doi.org\/10.1109\/ijcnn.2016.7727266","DOI":"10.1109\/ijcnn.2016.7727266"},{"key":"9_CR21","doi-asserted-by":"publisher","first-page":"804","DOI":"10.1016\/j.procs.2015.02.149","volume":"46","author":"P Shijo","year":"2015","unstructured":"Shijo, P., Salim, A.: Integrated static and dynamic analysis for malware detection. Procedia Comput. Sci. 46, 804\u2013811 (2015). \n                      https:\/\/doi.org\/10.1016\/j.procs.2015.02.149","journal-title":"Procedia Comput. Sci."},{"key":"9_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"109","DOI":"10.1007\/978-3-319-11379-1_6","volume-title":"Research in Attacks, Intrusions and Defenses","author":"A Tang","year":"2014","unstructured":"Tang, A., Sethumadhavan, S., Stolfo, S.J.: Unsupervised anomaly-based malware detection using hardware features. In: Stavrou, A., Bos, H., Portokalidis, G. (eds.) RAID 2014. LNCS, vol. 8688, pp. 109\u2013129. Springer, Cham (2014). \n                      https:\/\/doi.org\/10.1007\/978-3-319-11379-1_6"},{"key":"9_CR23","unstructured":"The Verge: the petya ransomware is starting to look like a cyberattack in disguise (2017). \n                      https:\/\/www.theverge.com\/2017\/6\/28\/15888632\/petya-goldeneye-ransomware-cyberattack-ukraine-russia"}],"container-title":["Lecture Notes in Computer Science","Advances in Information and Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-26834-3_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,6]],"date-time":"2019-08-06T19:06:57Z","timestamp":1565118417000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-26834-3_9"}},"subtitle":["Increased Understanding of Malware Classification"],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030268336","9783030268343"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-26834-3_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"24 July 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"IWSEC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Workshop on Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Tokyo","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Japan","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 August 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 August 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iwsec2019a","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.iwsec.org\/2019\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"61","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"18","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"30% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.9","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5.6","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"https:\/\/www.iwsec.org\/2019\/","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}