{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T21:39:50Z","timestamp":1743111590526,"version":"3.40.3"},"publisher-location":"Cham","reference-count":31,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030913557"},{"type":"electronic","value":"9783030913564"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-91356-4_15","type":"book-chapter","created":{"date-parts":[[2021,11,26]],"date-time":"2021-11-26T06:01:25Z","timestamp":1637906485000},"page":"279-295","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["A Novel Behavioural Screenlogger Detection System"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-6411-1864","authenticated-orcid":false,"given":"Hugo","family":"Sbai","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0860-5130","authenticated-orcid":false,"given":"Jassim","family":"Happa","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7808-0600","authenticated-orcid":false,"given":"Michael","family":"Goldsmith","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,11,27]]},"reference":[{"key":"15_CR1","unstructured":"Albert, B.: Weka 3: Machine learning software in Java. https:\/\/www.cs.waikato.ac.nz\/ml\/weka\/"},{"key":"15_CR2","unstructured":"Argus, O.: Argus. https:\/\/openargus.org"},{"key":"15_CR3","doi-asserted-by":"publisher","unstructured":"Bahtiyar, S.: Anatomy of targeted attacks with smart malware. Secur. Commun. Netw. 9 (2017). https:\/\/doi.org\/10.1002\/sec.1767","DOI":"10.1002\/sec.1767"},{"key":"15_CR4","doi-asserted-by":"publisher","unstructured":"Beigi, E., Jazi, H., Stakhanova, N., Ghorbani, A.: Towards effective feature selection in machine learning-based botnet detection approaches. In: 2014 IEEE Conference on Communications and Network Security, CNS 2014, pp. 247\u2013255, December 2014. https:\/\/doi.org\/10.1109\/CNS.2014.6997492","DOI":"10.1109\/CNS.2014.6997492"},{"key":"15_CR5","unstructured":"Bogdan, B.: Six years and counting: inside the complex Zacinlo ad fraud operation, bitdefender. https:\/\/labs.bitdefender.com\/2018\/06\/six-years-and-counting-inside-the-complex-zacinlo-ad-fraud-operation\/"},{"key":"15_CR6","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s11416-015-0247-x","volume":"11","author":"A Boukhtouta","year":"2015","unstructured":"Boukhtouta, A., Mokhov, S., Lakhdari, N.E., Debbabi, M., Paquet, J.: Network malware classification comparison using DPI and flow packet headers. J. Comput. Virol. Hacking Tech. 11, 1\u201332 (2015). https:\/\/doi.org\/10.1007\/s11416-015-0247-x","journal-title":"J. Comput. Virol. Hacking Tech."},{"issue":"1","key":"15_CR7","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1023\/A:1010933404324","volume":"45","author":"L Breiman","year":"2001","unstructured":"Breiman, L.: Random forests. Mach. Learn. 45(1), 5\u201332 (2001). https:\/\/doi.org\/10.1023\/A:1010933404324","journal-title":"Mach. Learn."},{"key":"15_CR8","unstructured":"Charline, Z.: Viruses and malware: research strikes back. https:\/\/news.cnrs.fr\/articles\/viruses-and-malware-research-strikes-back"},{"key":"15_CR9","unstructured":"The New Jersey Cybersecurity and Communications Integration Cell: Zbot\/zeus. https:\/\/www.cyber.nj.gov\/threat-center\/threat-profiles\/trojan-variants\/zbot-zues"},{"key":"15_CR10","unstructured":"Sanger, D.E., Perlroth, N.: Bank hackers steal millions via malware. https:\/\/www.nytimes.com\/2015\/02\/15\/world\/bank-hackers-steal-millions-via-malware.html"},{"key":"15_CR11","unstructured":"Ecular, X., Grey, G.: Cyberespionage campaign sphinx goes mobile with anubisspy. https:\/\/www.trendmicro.com\/enus\/research\/17\/l\/cyberespionage-campaign-sphinx-goes-mobile-anubisspy.html"},{"key":"15_CR12","doi-asserted-by":"publisher","first-page":"208","DOI":"10.1016\/j.cose.2019.02.007","volume":"83","author":"W Han","year":"2019","unstructured":"Han, W., Xue, J., Wang, Y., Huang, L., Kong, Z., Mao, L.: MalDAE: detecting and explaining malware based on correlation and fusion of static and dynamic characteristics. Comput. Secur. 83, 208\u2013233 (2019). https:\/\/doi.org\/10.1016\/j.cose.2019.02.007","journal-title":"Comput. Secur."},{"key":"15_CR13","doi-asserted-by":"publisher","first-page":"236","DOI":"10.1016\/j.jnca.2018.10.022","volume":"125","author":"W Han","year":"2018","unstructured":"Han, W., Xue, J., Wang, Y., Liu, Z., Kong, Z.: Malinsight: a systematic profiling based malware detection framework. J. Netw. Comput. Appl. 125, 236\u2013250 (2018). https:\/\/doi.org\/10.1016\/j.jnca.2018.10.022","journal-title":"J. Netw. Comput. Appl."},{"key":"15_CR14","unstructured":"Jason, B.: Recursive feature elimination (RFE) for feature selection in Python. https:\/\/machinelearningmastery.com\/rfe-feature-selection-in-python\/"},{"key":"15_CR15","doi-asserted-by":"publisher","first-page":"78321","DOI":"10.1109\/ACCESS.2018.2884964","volume":"6","author":"D Javaheri","year":"2018","unstructured":"Javaheri, D., Hosseinzadeh, M., Rahmani, A.: Detection and elimination of spyware and ransomware by intercepting kernel-level system routines. IEEE Access 6, 78321\u201378332 (2018). https:\/\/doi.org\/10.1109\/ACCESS.2018.2884964","journal-title":"IEEE Access"},{"key":"15_CR16","unstructured":"Josh, G., Brandon, L., Kyle, W., Pat, L.: SquirtDanger: the swiss army knife malware from veteran malware author thebottle. https:\/\/unit42.paloaltonetworks.com\/unit42-squirtdanger-swiss-army-knife-malware-veteran-malware-author-thebottle\/"},{"key":"15_CR17","unstructured":"Stratosphere Labs: The CTU-13 dataset. A labeled dataset with botnet, normal and background traffic. https:\/\/www.stratosphereips.org\/datasets-ctu13"},{"key":"15_CR18","doi-asserted-by":"publisher","unstructured":"Lashkari, A.H., Kadir, A.F.A., Gonzalez, H., Mbah, K.F., Ghorbani, A.A.: Towards a network-based framework for Android malware detection and characterization. In: 2017 15th Annual Conference on Privacy, Security and Trust (PST), p. 233-23309 (2017). https:\/\/doi.org\/10.1109\/PST.2017.00035","DOI":"10.1109\/PST.2017.00035"},{"key":"15_CR19","unstructured":"Lukas, S.: New telegram-abusing android rat discovered in the wild, welivesecurity by eset. https:\/\/www.welivesecurity.com\/2018\/06\/18\/new-telegram-abusing-android-rat\/"},{"key":"15_CR20","unstructured":"Mikey, C.: Xagent malware arrives on Mac, steals passwords, screenshots, iPhone backups. https:\/\/appleinsider.com\/articles\/17\/02\/14\/xagent-malware-arrives-on-mac-steals-passwords-screenshots-iphone-backups"},{"key":"15_CR21","unstructured":"Mitre: Screen capture. https:\/\/attack.mitre.org\/techniques\/T1113\/"},{"key":"15_CR22","doi-asserted-by":"publisher","first-page":"251","DOI":"10.1016\/j.cose.2015.04.001","volume":"52","author":"D Mohaisen","year":"2015","unstructured":"Mohaisen, D., Alrawi, O., Mohaisen, M.: AMAL: high-fidelity, behavior-based automated malware analysis and classification. Comput. Secur. 52, 251\u2013266 (2015). https:\/\/doi.org\/10.1016\/j.cose.2015.04.001","journal-title":"Comput. Secur."},{"key":"15_CR23","doi-asserted-by":"publisher","unstructured":"Nari, S., Ghorbani, A.: Automated malware classification based on network behavior, pp. 642\u2013647, January 2013. https:\/\/doi.org\/10.1109\/ICCNC.2013.6504162","DOI":"10.1109\/ICCNC.2013.6504162"},{"key":"15_CR24","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1515\/popets-2018-0030","volume":"2018","author":"E Pan","year":"2018","unstructured":"Pan, E., Ren, J., Lindorfer, M., Wilson, C., Choffnes, D.: Panoptispy: characterizing audio and video exfiltration from android applications. Proc. Priv. Enhanc. Technol. 2018, 33\u201350 (2018). https:\/\/doi.org\/10.1515\/popets-2018-0030","journal-title":"Proc. Priv. Enhanc. Technol."},{"key":"15_CR25","unstructured":"Kaspersky Lab\u2019s Global Research and Analysis Team: The great bank robbery: Carbanak cybergang steals $$\\$$$1bn from 100 financial institutions worldwide. https:\/\/www.kaspersky.com\/about\/press-releases\/2015-the-great-bank-robbery-carbanak-cybergang-steals-1bn-from-100-financial-institutions-worldwide"},{"key":"15_CR26","unstructured":"Symantec Security Response: Regin: top-tier espionage tool enables stealthy surveillance. https:\/\/www.databreaches.net\/regin-top-tier-espionage-tool-enables-stealthy-surveillance\/"},{"key":"15_CR27","doi-asserted-by":"publisher","unstructured":"Sba\u00ef, H., Happa, J., Goldsmith, M., Meftali, S.: Dataset construction and analysis of screenshot malware. In: 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 646\u2013655 (2020). https:\/\/doi.org\/10.1109\/TrustCom50675.2020.00091","DOI":"10.1109\/TrustCom50675.2020.00091"},{"key":"15_CR28","doi-asserted-by":"publisher","unstructured":"Shahzad, R., Haider, S., Lavesson, N.: Detection of spyware by mining executable files, pp. 295\u2013302, February 2010. https:\/\/doi.org\/10.1109\/ARES.2010.105","DOI":"10.1109\/ARES.2010.105"},{"key":"15_CR29","doi-asserted-by":"publisher","first-page":"804","DOI":"10.1016\/j.procs.2015.02.149","volume":"46","author":"P Shijo","year":"2015","unstructured":"Shijo, P., Salim, A.: Integrated static and dynamic analysis for malware detection. Procedia Comput. Sci. 46, 804\u2013811 (2015). https:\/\/doi.org\/10.1016\/j.procs.2015.02.149","journal-title":"Procedia Comput. Sci."},{"key":"15_CR30","unstructured":"Stefan, O.: The missing piece - sophisticated OS X backdoor discovered, securelist by Kaspersky lab. https:\/\/securelist.com\/the-missing-piece-sophisticated-os-x-backdoor-discovered\/75990\/"},{"key":"15_CR31","doi-asserted-by":"publisher","unstructured":"You, I., Yim, K.: Malware obfuscation techniques: a brief survey. In: 2010 International Conference on Broadband, Wireless Computing, Communication and Applications, pp. 297\u2013300 (2010). https:\/\/doi.org\/10.1109\/BWCCA.2010.85","DOI":"10.1109\/BWCCA.2010.85"}],"container-title":["Lecture Notes in Computer Science","Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-91356-4_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,11,26]],"date-time":"2021-11-26T06:03:04Z","timestamp":1637906584000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-91356-4_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030913557","9783030913564"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-91356-4_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"27 November 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ISC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 November 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 November 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"isw2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/isc2021.petra.ac.id\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"87","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"21","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"24% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held virtually due to the COVID-19 pandemic.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}