{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T10:46:44Z","timestamp":1743072404913,"version":"3.40.3"},"publisher-location":"Cham","reference-count":28,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030891367"},{"type":"electronic","value":"9783030891374"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-89137-4_4","type":"book-chapter","created":{"date-parts":[[2021,10,10]],"date-time":"2021-10-10T22:42:46Z","timestamp":1633905766000},"page":"51-65","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Mining Trojan Detection Based on Multi-dimensional Static Features"],"prefix":"10.1007","author":[{"given":"Zixian","family":"Tang","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Qiang","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wenhao","family":"Li","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Huaifeng","family":"Bao","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Feng","family":"Liu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wen","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2021,10,10]]},"reference":[{"key":"4_CR1","unstructured":"https:\/\/www.virustotal.com\/gui\/"},{"issue":"4","key":"4_CR2","doi-asserted-by":"publisher","first-page":"247","DOI":"10.1007\/s11416-011-0152-x","volume":"7","author":"B Anderson","year":"2011","unstructured":"Anderson, B., Quist, D., Neil, J., Storlie, C., Lane, T.: Graph-based malware detection using dynamic analysis. J. Comput. Virol. 7(4), 247\u2013258 (2011)","journal-title":"J. Comput. Virol."},{"key":"4_CR3","doi-asserted-by":"crossref","unstructured":"Anderson, B., Storlie, C., Lane, T.: Improving malware classification: bridging the static\/dynamic gap. In: Proceedings of the 5th ACM Workshop on Security and Artificial Intelligence, pp. 3\u201314 (2012)","DOI":"10.1145\/2381896.2381900"},{"key":"4_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"178","DOI":"10.1007\/978-3-540-74320-0_10","volume-title":"Recent Advances in Intrusion Detection","author":"M Bailey","year":"2007","unstructured":"Bailey, M., Oberheide, J., Andersen, J., Mao, Z.M., Jahanian, F., Nazario, J.: Automated classification and analysis of internet malware. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol. 4637, pp. 178\u2013197. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-74320-0_10"},{"issue":"2","key":"4_CR5","doi-asserted-by":"publisher","first-page":"213","DOI":"10.1257\/jep.29.2.213","volume":"29","author":"R B\u00f6hme","year":"2015","unstructured":"B\u00f6hme, R., Christin, N., Edelman, B., Moore, T.: Bitcoin: economics, technology, and governance. J. Econ. Perspect. 29(2), 213\u201338 (2015)","journal-title":"J. Econ. Perspect."},{"issue":"2","key":"4_CR6","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1109\/MSEC.2019.2920585","volume":"18","author":"D Carlin","year":"2019","unstructured":"Carlin, D., Burgess, J., O\u2019Kane, P., Sezer, S.: You could be mine (d): the rise of cryptojacking. IEEE Secur. Priv. 18(2), 16\u201322 (2019)","journal-title":"IEEE Secur. Priv."},{"issue":"4","key":"4_CR7","doi-asserted-by":"publisher","first-page":"307","DOI":"10.1109\/TDSC.2013.40","volume":"11","author":"S Cesare","year":"2013","unstructured":"Cesare, S., Xiang, Y., Zhou, W.: Control flow-based malware variantdetection. IEEE Trans. Dependable Secure Comput. 11(4), 307\u2013317 (2013)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"issue":"2","key":"4_CR8","doi-asserted-by":"publisher","first-page":"87","DOI":"10.1007\/s11416-016-0274-2","volume":"13","author":"B David","year":"2016","unstructured":"David, B., Filiol, E., Gallienne, K.: Structural analysis of binary executable headers for malware detection optimization. J. Comput. Virol. Hacking Tech. 13(2), 87\u201393 (2016). https:\/\/doi.org\/10.1007\/s11416-016-0274-2","journal-title":"J. Comput. Virol. Hacking Tech."},{"key":"4_CR9","doi-asserted-by":"crossref","unstructured":"Eskandari, S., Leoutsarakos, A., Mursch, T., Clark, J.: A first look at browser-based cryptojacking. In: 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pp. 58\u201366. IEEE (2018)","DOI":"10.1109\/EuroSPW.2018.00014"},{"key":"4_CR10","first-page":"159","volume":"4","author":"R Grinberg","year":"2012","unstructured":"Grinberg, R.: Bitcoin: an innovative alternative digital currency. Hastings Sci. Tech. LJ 4, 159 (2012)","journal-title":"Hastings Sci. Tech. LJ"},{"key":"4_CR11","doi-asserted-by":"crossref","unstructured":"Hong, G., et al.: How you get shot in the back: a systematical study about cryptojacking in the real world. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 1701\u20131713 (2018)","DOI":"10.1145\/3243734.3243840"},{"key":"4_CR12","first-page":"2007","volume":"48","author":"N Idika","year":"2007","unstructured":"Idika, N., Mathur, A.P.: A survey of malware detection techniques. Purdue University 48, 2007\u20132 (2007)","journal-title":"Purdue University"},{"key":"4_CR13","unstructured":"Jordaney, R., et al.: Transcend: detecting concept drift in malware classification models. In: 26th $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 2017), pp. 625\u2013642 (2017)"},{"key":"4_CR14","series-title":"Lecture Notes in Computer Science (Lecture Notes in Artificial Intelligence)","doi-asserted-by":"publisher","first-page":"137","DOI":"10.1007\/978-3-319-50127-7_11","volume-title":"AI 2016: Advances in Artificial Intelligence","author":"B Kolosnjaji","year":"2016","unstructured":"Kolosnjaji, B., Zarras, A., Webster, G., Eckert, C.: Deep learning for classification of malware system call sequences. In: Kang, B.H., Bai, Q. (eds.) AI 2016. LNCS (LNAI), vol. 9992, pp. 137\u2013149. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-50127-7_11"},{"key":"4_CR15","unstructured":"Kolter, J.Z., Maloof, M.A.: Learning to detect and classify malicious executables in the wild. J. Mach. Learn. Res. 7(Dec), 2721\u20132744 (2006)"},{"issue":"6","key":"4_CR16","doi-asserted-by":"publisher","first-page":"541","DOI":"10.1016\/0167-4048(95)00012-W","volume":"14","author":"RW Lo","year":"1995","unstructured":"Lo, R.W., Levitt, K.N., Olsson, R.A.: MCF: a malicious code filter. Comput. Secur. 14(6), 541\u2013566 (1995)","journal-title":"Comput. Secur."},{"key":"4_CR17","doi-asserted-by":"crossref","unstructured":"Mariconti, E., Onwuzurike, L., Andriotis, P., De Cristofaro, E., Ross, G., Stringhini, G.: Mamadroid: detecting android malware by building Markov chains of behavioral models. arXiv preprint arXiv:1612.04433 (2016)","DOI":"10.14722\/ndss.2017.23353"},{"key":"4_CR18","unstructured":"Microsoft 365 Defender Threat Intelligence Team: Threat actor leverages coin miner techniques to stay under the radar - here\u2019s how to spot them (2020). https:\/\/www.microsoft.com\/security\/blog\/2020\/11\/30\/"},{"key":"4_CR19","unstructured":"QiAnXin Technology Research Institute: Datacon 2020-malware (2020). https:\/\/datacon.qianxin.com\/opendata\/maliciouscode"},{"key":"4_CR20","unstructured":"Raff, E., Barker, J., Sylvester, J., Brandon, R., Catanzaro, B., Nicholas, C.K.: Malware detection by eating a whole EXE. In: The Workshops of the Thirty-Second AAAI Conference on Artificial Intelligence, New Orleans, Louisiana, USA, 2\u20137 February 2018. AAAI Workshops, vol. WS-18, pp. 268\u2013276. AAAI Press (2018)"},{"key":"4_CR21","doi-asserted-by":"crossref","unstructured":"Raff, E., Nicholas, C.: An alternative to NCD for large sequences, Lempel-Ziv Jaccard distance. In: Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1007\u20131015 (2017)","DOI":"10.1145\/3097983.3098111"},{"issue":"4","key":"4_CR22","doi-asserted-by":"publisher","first-page":"639","DOI":"10.3233\/JCS-2010-0410","volume":"19","author":"K Rieck","year":"2011","unstructured":"Rieck, K., Trinius, P., Willems, C., Holz, T.: Automatic analysis of malware behavior using machine learning. J. Comput. Secur. 19(4), 639\u2013668 (2011)","journal-title":"J. Comput. Secur."},{"key":"4_CR23","doi-asserted-by":"crossref","unstructured":"Rodriguez, J.D.P., Posegga, J.: Rapid: resource and API-based detection against in-browser miners. In: Proceedings of the 34th Annual Computer Security Applications Conference, pp. 313\u2013326 (2018)","DOI":"10.1145\/3274694.3274735"},{"key":"4_CR24","doi-asserted-by":"publisher","first-page":"271","DOI":"10.1007\/978-3-642-33018-6_28","volume-title":"International Joint Conference CISIS\u201912-ICEUTE 12-SOCO 12 Special Sessions","author":"I Santos","year":"2013","unstructured":"Santos, I., Devesa, J., Brezo, F., Nieves, J., Bringas, P.G.: OPEM: a static-dynamic approach for machine-learning-based malware detection. In: Herrero, A., et al. (eds.) International Joint Conference CISIS\u201912-ICEUTE 12-SOCO 12 Special Sessions, pp. 271\u2013280. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-33018-6_28"},{"key":"4_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"121","DOI":"10.1007\/978-3-642-04342-0_7","volume-title":"Recent Advances in Intrusion Detection","author":"MZ Shafiq","year":"2009","unstructured":"Shafiq, M.Z., Tabish, S.M., Mirza, F., Farooq, M.: PE-miner: mining structural information to detect malicious executables in realtime. In: Kirda, E., Jha, S., Balzarotti, D. (eds.) RAID 2009. LNCS, vol. 5758, pp. 121\u2013141. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-04342-0_7"},{"key":"4_CR26","unstructured":"Tencent Security Threat Intelligence Center: 2019 annual mining trojan report (2020). https:\/\/s.tencent.com\/research\/report\/887.html"},{"key":"4_CR27","doi-asserted-by":"crossref","unstructured":"Zareh, A., Shahriari, H.R.: Botcointrap: detection of bitcoin miner botnet using host based approach. In: 2018 15th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC), pp. 1\u20136. IEEE (2018)","DOI":"10.1109\/ISCISC.2018.8546867"},{"key":"4_CR28","doi-asserted-by":"crossref","unstructured":"Zhang, J., Qin, Z., Yin, H., Ou, L., Xiao, S., Hu, Y.: Malware variant detection using opcode image recognition with small training sets. In: 2016 25th International Conference on Computer Communication and Networks (ICCCN), pp. 1\u20139. IEEE (2016)","DOI":"10.1109\/ICCCN.2016.7568542"}],"container-title":["Lecture Notes in Computer Science","Science of Cyber Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-89137-4_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,12,1]],"date-time":"2021-12-01T21:31:01Z","timestamp":1638394261000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-89137-4_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030891367","9783030891374"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-89137-4_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"10 October 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SciSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Science of Cyber Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Shanghai","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 August 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15 August 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"scisec2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/scisec.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}