{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T03:53:16Z","timestamp":1743133996588,"version":"3.40.3"},"publisher-location":"Cham","reference-count":23,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030638320"},{"type":"electronic","value":"9783030638337"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-63833-7_15","type":"book-chapter","created":{"date-parts":[[2020,11,19]],"date-time":"2020-11-19T06:03:35Z","timestamp":1605765815000},"page":"177-188","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["API Based Discrimination of Ransomware and Benign Cryptographic Programs"],"prefix":"10.1007","author":[{"given":"Paul","family":"Black","sequence":"first","affiliation":[]},{"given":"Ammar","family":"Sohail","sequence":"additional","affiliation":[]},{"given":"Iqbal","family":"Gondal","sequence":"additional","affiliation":[]},{"given":"Joarder","family":"Kamruzzaman","sequence":"additional","affiliation":[]},{"given":"Peter","family":"Vamplew","sequence":"additional","affiliation":[]},{"given":"Paul","family":"Watters","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,11,20]]},"reference":[{"key":"15_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-319-20550-2_1","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment. DIMVA 2015","author":"A Kharraz","year":"2015","unstructured":"Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L., Kirda, E.: Cutting the gordian knot: a look under the hood of ransomware attacks. In: Almgren, M., Gulisano, V., Maggi, F. (eds.) Detection of Intrusions and Malware, and Vulnerability Assessment. DIMVA 2015. Lecture Notes in Computer Science, vol. 9148, pp. 3\u201324. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-20550-2_1"},{"key":"15_CR2","first-page":"2017","volume":"31","author":"A Morse","year":"2017","unstructured":"Morse, A.: Investigation: Wannacry Cyber Attack and the NHS. National Audit Office, London 31, 2017 (2017)","journal-title":"National Audit Office, London"},{"issue":"6","key":"15_CR3","first-page":"321","volume":"19","author":"R Layton","year":"2014","unstructured":"Layton, R., Watters, P.A.: A methodology for estimating the tangible cost of data breaches. J. Inf. Secur. Appl. 19(6), 321\u2013330 (2014)","journal-title":"J. Inf. Secur. Appl."},{"key":"15_CR4","unstructured":"Sgandurra, D., Mu\u00f1oz-Gonz\u00e1lez, L., Mohsen, R., Lupu, E.C.: Automated dynamic analysis of ransomware: benefits, limitations and use for detection. arXiv preprint arXiv:1609.03020 (2016)"},{"key":"15_CR5","series-title":"Lecture Notes on Data Engineering and Communications Technologies","doi-asserted-by":"publisher","first-page":"758","DOI":"10.1007\/978-3-319-59427-9_78","volume-title":"Recent Trends in Information and Communication Technology. IRICT 2017","author":"BAS Al-rimy","year":"2017","unstructured":"Al-rimy, B.A.S., Maarof, M.A., Shaid, S.Z.M.: A 0-day aware crypto-ransomware early behavioral detection framework. In: Saeed, F., Gazem, N., Patnaik, S., Saed Balaid, A., Mohammed, F. (eds.) Recent Trends in Information and Communication Technology. IRICT 2017. Lecture Notes on Data Engineering and Communications Technologies, vol. 5, pp. 758\u2013766. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-59427-9_78"},{"key":"15_CR6","first-page":"44","volume":"40","author":"N Hampton","year":"2018","unstructured":"Hampton, N., Baig, Z., Zeadally, S.: Ransomware behavioural analysis on windows platforms. J. Inf. Secur. Appl. 40, 44\u201351 (2018)","journal-title":"J. Inf. Secur. Appl."},{"key":"15_CR7","doi-asserted-by":"crossref","unstructured":"Takeuchi, Y., Sakai, K., Fukumoto, S.: Detecting ransomware using support vector machines. In: Proceedings of the 47th International Conference on Parallel Processing Companion, p. 1. ACM (2018)","DOI":"10.1145\/3229710.3229726"},{"key":"15_CR8","doi-asserted-by":"crossref","unstructured":"Harikrishnan, N., Soman, K.: Detecting ransomware using gurls. In: 2018 Second International Conference on Advances in Electronics, Computers and Communications (ICAECC), pp. 1\u20136. IEEE (2018)","DOI":"10.1109\/ICAECC.2018.8479444"},{"key":"15_CR9","doi-asserted-by":"crossref","unstructured":"Christodorescu, M., Jha, S., Seshia, S.A., Song, D., Bryant, R.E.: Semantics-aware malware detection. In: 2005 IEEE Symposium on Security and Privacy (S&P\u201905), pp. 32\u201346. IEEE (2005)","DOI":"10.1109\/SP.2005.20"},{"key":"15_CR10","doi-asserted-by":"publisher","first-page":"756","DOI":"10.1016\/j.cose.2017.09.013","volume":"77","author":"P Black","year":"2018","unstructured":"Black, P., Gondal, I., Layton, R.: A survey of similarities in banking malware behaviours. Comput. Secur. 77, 756\u2013772 (2018)","journal-title":"Comput. Secur."},{"key":"15_CR11","doi-asserted-by":"crossref","unstructured":"Hasan, M.M., Rahman, M.M.: RansHunt: a support vector machines based ransomware analysis framework with integrated feature set. In: 2017 20th International Conference of Computer and Information Technology (ICCIT), pp. 1\u20137. IEEE (2017)","DOI":"10.1109\/ICCITECHN.2017.8281835"},{"key":"15_CR12","unstructured":"Russinovich, M.E., Solomon, D.A., Ionescu, A.: Windows internals. Pearson Education (2012)"},{"key":"15_CR13","series-title":"Advances in Intelligent Systems and Computing","doi-asserted-by":"publisher","first-page":"225","DOI":"10.1007\/978-3-642-37832-4_21","volume-title":"Knowledge Engineering and Management","author":"Y Qiao","year":"2014","unstructured":"Qiao, Y., Yang, Y., He, J., Tang, C., Liu, Z.: CBM: free, automatic malware analysis framework using api call sequences. In: Sun, F., Li, T., Li, H. (eds.) Knowledge Engineering and Management. Advances in Intelligent Systems and Computing, vol. 214, pp. 225\u2013236. Springer, Berlin, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-642-37832-4_21"},{"issue":"2","key":"15_CR14","doi-asserted-by":"publisher","first-page":"646","DOI":"10.1016\/j.jnca.2012.10.004","volume":"36","author":"R Islam","year":"2013","unstructured":"Islam, R., Tian, R., Batten, L.M., Versteeg, S.: Classification of malware based on integrated static and dynamic features. J. Netw. Comput. Appl. 36(2), 646\u2013656 (2013)","journal-title":"J. Netw. Comput. Appl."},{"key":"15_CR15","first-page":"2721","volume":"7","author":"JZ Kolter","year":"2006","unstructured":"Kolter, J.Z., Maloof, M.A.: Learning to detect and classify malicious executables in the wild. J. Mach. Learn. Res. 7, 2721\u20132744 (2006)","journal-title":"J. Mach. Learn. Res."},{"key":"15_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"121","DOI":"10.1007\/978-3-642-04342-0_7","volume-title":"Recent Advances in Intrusion Detection. RAID 2009","author":"mz Shafiq","year":"2009","unstructured":"Shafiq, mz., Tabish, S.M., Mirza, F., Farooq, M.: PE-miner: mining structural information to detect malicious executables in realtime. In: Kirda, E., Jha, S., Balzarotti, D. (eds.) Recent Advances in Intrusion Detection. RAID 2009. Lecture Notes in Computer Science, vol. 5758, pp. 121\u2013141. Springer, Berlin, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-04342-0_7"},{"key":"15_CR17","unstructured":"Apatedns:control your responses. https:\/\/www.fireeye.com\/services\/freeware\/apatedns.html"},{"key":"15_CR18","volume-title":"Elements of Information Theory","author":"TM Cover","year":"2012","unstructured":"Cover, T.M., Thomas, J.A.: Elements of Information Theory. Wiley, New York (2012)"},{"key":"15_CR19","unstructured":"Weka 3 data mining with open source machine learning software in java. https:\/\/www.cs.waikato.ac.nz\/ml\/weka\/"},{"key":"15_CR20","unstructured":"Feature selection using random forest. https:\/\/towardsdatascience.com\/feature-selection-using-random-forest-26d7b747597f"},{"issue":"4","key":"15_CR21","doi-asserted-by":"publisher","first-page":"639","DOI":"10.3233\/JCS-2010-0410","volume":"19","author":"K Rieck","year":"2011","unstructured":"Rieck, K., Trinius, P., Willems, C., Holz, T.: Automatic analysis of malware behavior using machine learning. J. Comput. Secur. 19(4), 639\u2013668 (2011)","journal-title":"J. Comput. Secur."},{"key":"15_CR22","unstructured":"Plohmann, D., Clauss, M., Enders, S., Padilla, E.: Malpedia: a collaborative effort to inventorize the malware landscape. J. Cybercrime Digit. Invest. 3(1) (2018). https:\/\/journal.cecyf.fr\/ojs\/index.php\/cybin\/article\/view\/17"},{"key":"15_CR23","unstructured":"Cuckoo foundation: Cuckoo sandbox - automated malware analysis. https:\/\/cuckoosandbox.org\/"}],"container-title":["Lecture Notes in Computer Science","Neural Information Processing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-63833-7_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,13]],"date-time":"2024-03-13T10:58:38Z","timestamp":1710327518000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-63833-7_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030638320","9783030638337"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-63833-7_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"20 November 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICONIP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Neural Information Processing","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Bangkok","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Thailand","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 November 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 November 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iconip2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.apnns.org\/ICONIP2020","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"CMT","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"618","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"187","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"189","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"30% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.18","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.68","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Due to COVID-19 pandemic the conference was held virtually.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}