{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T18:12:05Z","timestamp":1772043125093,"version":"3.50.1"},"publisher-location":"Cham","reference-count":20,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030780852","type":"print"},{"value":"9783030780869","type":"electronic"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-78086-9_29","type":"book-chapter","created":{"date-parts":[[2021,7,1]],"date-time":"2021-07-01T00:45:53Z","timestamp":1625100353000},"page":"397-404","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Early Detection of In-Memory Malicious Activity Based on Run-Time Environmental Features"],"prefix":"10.1007","author":[{"given":"Dorel","family":"Yaffe","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Danny","family":"Hendler","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2021,7,1]]},"reference":[{"key":"29_CR1","unstructured":"Meeting the challenges of endpoint security. https:\/\/www.cstl.com\/utils\/downloads\/Symantec-Hosted-Endpoint-Whitepaper.pdf. Accessed Oct 2020"},{"key":"29_CR2","unstructured":"Understanding MDR, EDR, EPP and XDR. https:\/\/www.netsurion.com\/articles\/understanding-mdr-edr-epp-and-xdr. Accessed Oct 20202"},{"key":"29_CR3","doi-asserted-by":"publisher","first-page":"6249","DOI":"10.1109\/ACCESS.2019.2963724","volume":"8","author":"\u00d6A Aslan","year":"2020","unstructured":"Aslan, \u00d6.A., Samet, R.: A comprehensive review on malware detection approaches. IEEE Access 8, 6249\u20136271 (2020)","journal-title":"IEEE Access"},{"key":"29_CR4","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.cosrev.2019.01.002","volume":"32","author":"SS Chakkaravarthy","year":"2019","unstructured":"Chakkaravarthy, S.S., Sangeetha, D., Vaidehi, V.: A survey on malware analysis and mitigation techniques. Comput. Sci. Rev. 32, 1\u201323 (2019)","journal-title":"Comput. Sci. Rev."},{"key":"29_CR5","doi-asserted-by":"crossref","unstructured":"Erd\u0151di, L., J\u00f8sang, A.: Exploitation vs. prevention: the ongoing saga of software vulnerabilities. Acta Polytechnica Hungarica 17(7) (2020)","DOI":"10.12700\/APH.17.7.2020.7.11"},{"key":"29_CR6","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"370","DOI":"10.1007\/978-3-319-99828-2_26","volume-title":"ICT Systems Security and Privacy Protection","author":"G H\u0103jm\u0103\u015fan","year":"2018","unstructured":"H\u0103jm\u0103\u015fan, G., Mondoc, A., Portase, R., Cre\u0163, O.: Performance improvements in behavior based malware detection solutions. In: Janczewski, L.J., Kuty\u0142owski, M. (eds.) SEC 2018. IAICT, vol. 529, pp. 370\u2013384. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-99828-2_26"},{"issue":"2","key":"29_CR7","doi-asserted-by":"publisher","first-page":"138","DOI":"10.1504\/IJESDF.2018.090948","volume":"10","author":"M Irshad","year":"2018","unstructured":"Irshad, M., Al-Khateeb, H.M., Mansour, A., Ashawa, M., Hamisu, M.: Effective methods to detect metamorphic malware: a systematic review. Int. J. Electron. Secur. Digit. Forensics 10(2), 138\u2013154 (2018)","journal-title":"Int. J. Electron. Secur. Digit. Forensics"},{"key":"29_CR8","doi-asserted-by":"crossref","unstructured":"Jamalpur, S., Navya, Y.S., Raja, P., Tagore, G., Rao, G.R.K.: Dynamic malware analysis using cuckoo sandbox. In: 2018 Second International Conference on Inventive Communication and Computational Technologies (ICICCT), pp. 1056\u20131060. IEEE (2018)","DOI":"10.1109\/ICICCT.2018.8473346"},{"issue":"1","key":"29_CR9","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s42400-019-0043-x","volume":"3","author":"S Kumar","year":"2020","unstructured":"Kumar, S., et al.: An emerging threat fileless malware: a survey and research challenges. Cybersecurity 3(1), 1\u201312 (2020)","journal-title":"Cybersecurity"},{"key":"29_CR10","doi-asserted-by":"crossref","unstructured":"Marculet, D.G., Benchea, R., Gavrilut, D.T.: Methods for training neural networks with zero false positives for malware detection. In: 2019 21st International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC), pp. 230\u2013236. IEEE (2019)","DOI":"10.1109\/SYNASC49474.2019.00039"},{"key":"29_CR11","doi-asserted-by":"crossref","unstructured":"Naz, S., Singh, D.K.: Review of machine learning methods for windows malware detection. In: 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT), pp. 1\u20136. IEEE (2019)","DOI":"10.1109\/ICCCNT45670.2019.8944796"},{"issue":"5","key":"29_CR12","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3329786","volume":"52","author":"O Or-Meir","year":"2019","unstructured":"Or-Meir, O., Nissim, N., Elovici, Y., Rokach, L.: Dynamic malware analysis in the modern era\u2013a state of the art survey. ACM Comput. Surv. (CSUR) 52(5), 1\u201348 (2019)","journal-title":"ACM Comput. Surv. (CSUR)"},{"key":"29_CR13","unstructured":"Patten, D.: The evolution to fileless malware (2017). http:\/\/www.infosecwriters.com\/papers\/dpatten_fileless.pdf. Accessed 2020"},{"issue":"4\u20132","key":"29_CR14","doi-asserted-by":"publisher","first-page":"1662","DOI":"10.18517\/ijaseit.8.4-2.6827","volume":"8","author":"R Sihwail","year":"2018","unstructured":"Sihwail, R., Omar, K., Ariffin, K.Z.: A survey on malware analysis techniques: static, dynamic, hybrid and memory analysis. Int. J. Adv. Sci. Eng. Inf. Technol. 8(4\u20132), 1662 (2018)","journal-title":"Int. J. Adv. Sci. Eng. Inf. Technol."},{"issue":"1","key":"29_CR15","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1186\/s13673-018-0125-x","volume":"8","author":"A Souri","year":"2018","unstructured":"Souri, A., Hosseini, R.: A state-of-the-art survey of malware detection approaches using data mining techniques. Hum.-centric Comput. Inf. Sci. 8(1), 3 (2018)","journal-title":"Hum.-centric Comput. Inf. Sci."},{"key":"29_CR16","doi-asserted-by":"crossref","unstructured":"Tien, C.W., Liao, J.W., Chang, S.C., Kuo, S.Y.: Memory forensics using virtual machine introspection for malware analysis. In: 2017 IEEE Conference on Dependable and Secure Computing, pp. 518\u2013519. IEEE (2017)","DOI":"10.1109\/DESEC.2017.8073871"},{"key":"29_CR17","doi-asserted-by":"crossref","unstructured":"Walker, A., Amjad, M.F., Sengupta, S.: Cuckoo\u2019s malware threat scoring and classification: friend or foe? In: 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC), pp. 0678\u20130684. IEEE (2019)","DOI":"10.1109\/CCWC.2019.8666454"},{"key":"29_CR18","series-title":"Lecture Notes on Data Engineering and Communications Technologies","doi-asserted-by":"publisher","first-page":"427","DOI":"10.1007\/978-3-319-69811-3_39","volume-title":"Advances on Broad-Band Wireless Computing, Communication and Applications","author":"C Wang","year":"2018","unstructured":"Wang, C., Ding, J., Guo, T., Cui, B.: A malware detection method based on sandbox, binary instrumentation and multidimensional feature extraction. In: Barolli, L., Xhafa, F., Conesa, J. (eds.) BWCCA 2017. LNDECT, vol. 12, pp. 427\u2013438. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-69811-3_39"},{"key":"29_CR19","unstructured":"Yaffe, D., Hendler, D.: Early detection of in-memory malicious activity based on run-time environmental features (2021). [https:\/\/arxiv.org\/abs\/2103.16029]"},{"key":"29_CR20","doi-asserted-by":"crossref","unstructured":"Zhang, J., Qin, Z., Yin, H., Ou, L., Hu, Y.: IRMD: malware variant detection using opcode image recognition. In: 2016 IEEE 22nd International Conference on Parallel and Distributed Systems (ICPADS), pp. 1175\u20131180. IEEE (2016)","DOI":"10.1109\/ICPADS.2016.0155"}],"container-title":["Lecture Notes in Computer Science","Cyber Security Cryptography and Machine Learning"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-78086-9_29","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,7,1]],"date-time":"2021-07-01T01:44:44Z","timestamp":1625103884000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-78086-9_29"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030780852","9783030780869"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-78086-9_29","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"1 July 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CSCML","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Cyber Security Cryptography and Machine Learning","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Be'er Sheva","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Israel","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 July 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 July 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"cscml2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.cs.bgu.ac.il\/~fradmin\/cscml21\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Open","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"48","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"22","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"13","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"46% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1 keynote paper is also included.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}