{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T19:00:22Z","timestamp":1772046022523,"version":"3.50.1"},"publisher-location":"Cham","reference-count":45,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030846138","type":"print"},{"value":"9783030846145","type":"electronic"}],"license":[{"start":{"date-parts":[[2021,8,9]],"date-time":"2021-08-09T00:00:00Z","timestamp":1628467200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,8,9]],"date-time":"2021-08-09T00:00:00Z","timestamp":1628467200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-030-84614-5_9","type":"book-chapter","created":{"date-parts":[[2021,8,8]],"date-time":"2021-08-08T20:02:23Z","timestamp":1628452943000},"page":"110-123","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Testing Detection of K-Ary Code Obfuscated by Metamorphic and Polymorphic Techniques"],"prefix":"10.1007","author":[{"given":"George T.","family":"Harter","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Neil C.","family":"Rowe","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2021,8,9]]},"reference":[{"key":"9_CR1","unstructured":"Ingram, M.: \u201cLove-bug\u201d virus damage estimated at $10 billion. World Socialist website (2000). https:\/\/www.wsws.org\/en\/articles\/2000\/05\/bug-m10.html"},{"key":"9_CR2","unstructured":"Palmer, D.: MyDoom: the 15-year-old malware that\u2019s still being used in phishing attacks in 2019. ZDNet (2019). https:\/\/www.zdnet.com\/article\/mydoom-the-15-year-old-malware-thats-still-being-used-in-phishing-attacks-in-2019. Accessed 26 June 2019"},{"key":"9_CR3","unstructured":"Giles, M.: Triton is the world\u2019s most murderous malware, and it\u2019s spreading. Technology Review (2019). https:\/\/www.technologyreview.com\/2019\/03\/05\/103328\/cybersecurity-critical-infrastructure-triton-malware. Accessed 9 Mar 2019"},{"key":"9_CR4","unstructured":"Zeter, K.: An unprecedented look at Stuxnet, the world\u2019s first digital weapon. Wired (2014). https:\/\/www.wired.com\/2014\/11\/countdown-to-zero-day-stuxnet. Accessed Nov 2014"},{"key":"9_CR5","unstructured":"Liu, S.: Security software \u2013 statistics & facts (2020). https:\/\/www.statista.com\/topics\/2208\/security-software. Accessed 9 Jan 2020"},{"issue":"1","key":"9_CR6","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1016\/0167-4048(87)90122-2","volume":"6","author":"F Cohen","year":"1987","unstructured":"Cohen, F.: Computer viruses: theory and experiments. Comput. Secur. 6(1), 22\u201335 (1987)","journal-title":"Comput. Secur."},{"key":"9_CR7","unstructured":"Chess, D., White, S.: An undetectable computer virus. In: Proceedings of the Virus Bulletin Conference, vol. 5, pp. 1\u20134 (2000)"},{"key":"9_CR8","doi-asserted-by":"crossref","unstructured":"Moubarak, J., Chamoun, M., Filiol, E.: Developing a \u039a-ary malware using blockchain. In: Proceedings of NOMS 2018\u20132018 IEEE\/IFIP Network Operations and Management Symposium, pp. 1\u20134 (2018)","DOI":"10.1109\/NOMS.2018.8406331"},{"issue":"2","key":"9_CR9","doi-asserted-by":"publisher","first-page":"75","DOI":"10.1007\/s11416-007-0044-2","volume":"3","author":"E Filiol","year":"2007","unstructured":"Filiol, E.: Formalisation and implementation aspects of k-ary (malicious) codes. J. Comput. Virol. 3(2), 75\u201386 (2007)","journal-title":"J. Comput. Virol."},{"key":"9_CR10","unstructured":"Young, A., Yung, M.: Cryptovirology: extortion-based security threats and countermeasures. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 129\u2013140 (1996)"},{"issue":"5","key":"9_CR11","doi-asserted-by":"publisher","first-page":"321","DOI":"10.1049\/iet-net.2017.0207","volume":"7","author":"P O\u2019Kane","year":"2018","unstructured":"O\u2019Kane, P., Sezer, S., Carlin, D.: Evolution of ransomware. IET Netw. 7(5), 321\u2013327 (2018)","journal-title":"Evolution of ransomware. IET Netw."},{"key":"9_CR12","unstructured":"Harter, G.: Metamorphic and polymorphic techniques for obfuscation of k-ary malicious codes. M.S. thesis, U.S. Naval Postgraduate School (2020). http:\/\/calhoun.nps.edu"},{"issue":"4","key":"9_CR13","first-page":"402","volume":"1","author":"P Desai","year":"2010","unstructured":"Desai, P., Stamp, M.: A highly metamorphic virus generator. Int. J. Multimed. Intell. Secur. 1(4), 402\u2013427 (2010)","journal-title":"Int. J. Multimed. Intell. Secur."},{"key":"9_CR14","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"102","DOI":"10.1007\/978-3-642-22953-4_9","volume-title":"Fundamentals of Computation Theory","author":"MD Preda","year":"2011","unstructured":"Preda, M.D., Di Giusto, C.: Hunting distributed malware with the \u03ba-calculus. In: Owe, O., Steffen, M., Telle, J.A. (eds.) Fundamentals of Computation Theory . LNCS, pp. 102\u2013113. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-22953-4_9"},{"issue":"16","key":"9_CR15","first-page":"25","volume":"67","author":"I Saeed","year":"2013","unstructured":"Saeed, I., Selamat, A., Abuagoub, A.: A survey on malware and malware detection systems. Int. J. Comput. Appl. 67(16), 25\u201331 (2013)","journal-title":"Int. J. Comput. Appl."},{"key":"9_CR16","doi-asserted-by":"crossref","unstructured":"You, I., Yim, K.: Malware obfuscation techniques: a brief survey. In: Proceedings of the 2010 IEEE International Conference on Broadband, Wireless Computing, Communication, and Applications, pp. 297\u2013300 (2010)","DOI":"10.1109\/BWCCA.2010.85"},{"issue":"7","key":"9_CR17","first-page":"1","volume":"21","author":"P Gaikwad","year":"2015","unstructured":"Gaikwad, P., Motwani, D., Shinde, V.: Survey on malware detection techniques. Int. J. Mod. Trends Eng. Res. 21(7), 1\u201325 (2015)","journal-title":"Int. J. Mod. Trends Eng. Res."},{"key":"9_CR18","doi-asserted-by":"crossref","unstructured":"Bazrafshan, Z., Hashemi, H., Fard, S.M.H., Hamzeh, A.: A survey on heuristic malware detection techniques. In: Proceedings of the 5th IEEE Conference on Information and Knowledge Technology, pp. 113\u2013120 (2013)","DOI":"10.1109\/IKT.2013.6620049"},{"issue":"3","key":"9_CR19","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1007\/s11416-006-0028-7","volume":"2","author":"W Wong","year":"2006","unstructured":"Wong, W., Stamp, M.: Hunting for metamorphic engines. J. Comput. Virol. 2(3), 211\u2013229 (2006)","journal-title":"J. Comput. Virol."},{"key":"9_CR20","unstructured":"Schmall, M.: Heuristic techniques in AV solutions: an overview (2002). https:\/\/www.symantec.com\/connect\/articles\/heuristic-techniques-av-solutions-overview"},{"key":"9_CR21","volume-title":"The Antivirus Hacker\u2019s Handbook","author":"E Bachaalany","year":"2015","unstructured":"Bachaalany, E., Koret, J.: The Antivirus Hacker\u2019s Handbook. Wiley, New York (2015)"},{"issue":"12","key":"9_CR22","first-page":"1","volume":"11","author":"M Eskandari","year":"2011","unstructured":"Eskandari, M., Hashemi, S.: Metamorphic malware detection using control flow graph mining. Int. J. Comput. Sci. Netw. Secur. 11(12), 1\u20136 (2011)","journal-title":"Int. J. Comput. Sci. Netw. Secur."},{"key":"9_CR23","volume-title":"The Art of Computer Virus Research and Defense","author":"P Szor","year":"2005","unstructured":"Szor, P.: The Art of Computer Virus Research and Defense. Addison-Wesley , Reading (2005)"},{"key":"9_CR24","doi-asserted-by":"crossref","unstructured":"Lee, J., Jeong, K., Lee, H.: Detecting metamorphic malwares using code graphs. In: Proceedings of the 2010 ACM Symposium on Applied Computing, pp. 1970\u20131977 (2010)","DOI":"10.1145\/1774088.1774505"},{"key":"9_CR25","unstructured":"Schiffman, M.: A brief history of malware obfuscation: part 1 of 2. Cisco (2010). https:\/\/blogs.cisco.com\/security\/a_brief_history_of_malware_obfuscation_part_1_of_2"},{"key":"9_CR26","unstructured":"Webroot: Webroot threat report (2019). https:\/\/www-cdn.webroot.com\/9315\/5113\/6179\/2019_Webroot_Threat_Report_US_Online.pdf"},{"key":"9_CR27","unstructured":"Alvarez, R.: Dissecting a metamorphic file-infecting ransomware (2018). https:\/\/www.youtube.com\/watch?v=vJ08_6CCd6g. Accessed 26 Mar 2018"},{"key":"9_CR28","doi-asserted-by":"crossref","unstructured":"Bulazel, A., Yener, B.: A survey on automated dynamic malware analysis evasion and counter-evasion: PC, mobile, and web. In: Proceedings of the 1st ACM Reversing and Offensive-oriented Trends Symposium, p. 2 (2017)","DOI":"10.1145\/3150376.3150378"},{"key":"9_CR29","doi-asserted-by":"crossref","unstructured":"Gao, Y., Lu, Z., Luo, Y.: Survey on malware anti-analysis. In: Fifth IEEE International Conference on Intelligent Control and Information Processing, pp. 270\u2013275 (2014)","DOI":"10.1109\/ICICIP.2014.7010353"},{"key":"9_CR30","unstructured":"Kulchytskyy, O., Kukoba, A.: Anti debugging protection techniques with examples (2019). https:\/\/www.apriorit.com\/dev-blog\/367-anti-reverse-engineering-protection-techniques-to-use-before-releasing-software. Accessed 23 May 2019"},{"key":"9_CR31","unstructured":"Chen, W.: Encapsulating antivirus (AV) evasion techniques in the Metasploit framework (2018). https:\/\/www.rapid7.com\/globalassets\/_pdfs\/whitepaperguide\/rapid7-whitepaper-metasploit-framework-encapsulating-av-techniques.pdf. Accessed 9 Oct 2018"},{"key":"9_CR32","unstructured":"Popov, I., Debray, S., Andrews, G.: Binary obfuscation using signals. In: Proceedings of the USENIX Security Symposium, pp. 275\u2013290 (2007)"},{"key":"9_CR33","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-41187-3","volume-title":"Introduction to Cyberdeception","author":"NC Rowe","year":"2016","unstructured":"Rowe, N.C., Rrushi, J.: Introduction to Cyberdeception. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-41187-3"},{"key":"9_CR34","unstructured":"SentinelOne: Hiding code inside images: how malware uses steganography (2019). https:\/\/www.sentinelone.com\/blog\/hiding-code-inside-images-malware-steganography. Accessed 4 July 2019"},{"key":"9_CR35","unstructured":"Yoon, S.: Steganography in the modern attack landscape (2019). https:\/\/www.carbonblack.com\/2019\/04\/09\/steganography-in-the-modern-attack-landscape. Accessed 9 Apr 2019"},{"key":"9_CR36","doi-asserted-by":"crossref","unstructured":"Ramilli, M., Bishop, M.: Multi-stage delivery of malware. In: Proceedings of the 5th IEEE International Conference on Malicious and Unwanted Software, pp. 91\u201397 (2010)","DOI":"10.1109\/MALWARE.2010.5665788"},{"key":"9_CR37","unstructured":"Arntz, P.: Explained: packer, cryptor, and protector (2017). https:\/\/blog.malwarebytes.com\/cybercrime\/malware\/2017\/03\/explained-packer-crypter-and-protector"},{"key":"9_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"98","DOI":"10.1007\/978-3-540-87403-4_6","volume-title":"Recent Advances in Intrusion Detection","author":"F Guo","year":"2008","unstructured":"Guo, F., Ferrie, P., Chiueh, T.: A study of the packer problem and its solutions. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol. 5230, pp. 98\u2013115. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-87403-4_6"},{"key":"9_CR39","doi-asserted-by":"crossref","unstructured":"Ramilli, M., Bishop, M., Sun, S.: Multiprocess malware. In: Proceedings of the 6th IEEE International Conference on Malicious and Unwanted Software, pp. 8\u201313 (2011)","DOI":"10.1109\/MALWARE.2011.6112320"},{"key":"9_CR40","doi-asserted-by":"crossref","unstructured":"Solairaj, A., Prabanand, S., Mathalairaj, J., Prathap, C., Vignesh, L.: Keylogger software detection techniques. In: Proceedings of the 10th IEEE International Conference on Intelligent Systems and Control (ISCO), pp. 1\u20136 (2016)","DOI":"10.1109\/ISCO.2016.7726880"},{"key":"9_CR41","unstructured":"Zer0Mem0ry: RunPE (2016). https:\/\/github.com\/Zer0Mem0ry\/RunPE\/blob\/master\/RunPE.cpp"},{"key":"9_CR42","doi-asserted-by":"publisher","first-page":"S2","DOI":"10.1016\/j.diin.2009.06.016","volume":"6","author":"S Garfinkel","year":"2009","unstructured":"Garfinkel, S., Farrell, P., Roussev, V., Dinolt, G.: Bringing science to digital forensics with standardized forensic corpora. Digit. Investig. 6, S2\u2013S11 (2009)","journal-title":"Digit. Investig."},{"key":"9_CR43","doi-asserted-by":"crossref","unstructured":"Rowe, N.: Finding contextual clues to malware using a large corpus. In: Proceedings of the ISCC-SFCS Third International Workshop on Security and Forensics in Communications Systems, Larnaca, Cyprus (2015)","DOI":"10.1109\/ISCC.2015.7405521"},{"key":"9_CR44","doi-asserted-by":"crossref","unstructured":"McInnes, L., Healy, J.: Accelerated hierarchical density clustering. In: Proceedings of Workshop of the IEEE International Conference on Data Mining, pp. 33\u201342 (2017)","DOI":"10.1109\/ICDMW.2017.12"},{"key":"9_CR45","doi-asserted-by":"crossref","unstructured":"Gueguen, G.: Van Wijngaarden grammars and metamorphism. In: Proceedings of the Sixth International Conference on Availability, Reliability, and Security, Vienna, AT, pp. 466\u2013472 (2011)","DOI":"10.1109\/ARES.2011.72"}],"container-title":["Lecture Notes in Networks and Systems","National Cyber Summit (NCS) Research Track 2021"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-84614-5_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,6]],"date-time":"2024-09-06T01:54:01Z","timestamp":1725587641000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-84614-5_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,8,9]]},"ISBN":["9783030846138","9783030846145"],"references-count":45,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-84614-5_9","relation":{},"ISSN":["2367-3370","2367-3389"],"issn-type":[{"value":"2367-3370","type":"print"},{"value":"2367-3389","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,8,9]]},"assertion":[{"value":"9 August 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"NCS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"National Cyber Summit","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Huntsville, AL","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 June 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 June 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ncs2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.nationalcybersummit.com\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}