{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,16]],"date-time":"2026-04-16T22:50:01Z","timestamp":1776379801970,"version":"3.51.2"},"publisher-location":"Cham","reference-count":145,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030987947","type":"print"},{"value":"9783030987954","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-030-98795-4_10","type":"book-chapter","created":{"date-parts":[[2022,4,7]],"date-time":"2022-04-07T18:03:58Z","timestamp":1649354638000},"page":"217-253","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Intelligent Malware Defenses"],"prefix":"10.1007","author":[{"given":"Azqa","family":"Nadeem","sequence":"first","affiliation":[]},{"given":"Vera","family":"Rimmer","sequence":"additional","affiliation":[]},{"given":"Wouter","family":"Joosen","sequence":"additional","affiliation":[]},{"given":"Sicco","family":"Verwer","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,4,8]]},"reference":[{"key":"10_CR1","series-title":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","doi-asserted-by":"publisher","first-page":"86","DOI":"10.1007\/978-3-319-04283-1_6","volume-title":"Security and Privacy in Communication Networks","author":"Y Aafer","year":"2013","unstructured":"Aafer, Y., Du, W., Yin, H.: DroidAPIMiner: mining API-level features for robust malware detection in Android. In: Zia, T., Zomaya, A., Varadharajan, V., Mao, M. (eds.) SecureComm 2013. LNICST, vol. 127, pp. 86\u2013103. Springer, Cham (2013). https:\/\/doi.org\/10.1007\/978-3-319-04283-1_6"},{"key":"10_CR2","doi-asserted-by":"crossref","unstructured":"Ahmadi, M., Ulyanov, D., Semenov, S., Trofimov, M., Giacinto, G.: Novel feature extraction, selection and fusion for effective malware family classification. In: Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy, pp. 183\u2013194 (2016)","DOI":"10.1145\/2857705.2857713"},{"key":"10_CR3","doi-asserted-by":"crossref","unstructured":"Al-Dujaili, A., Huang, A., Hemberg, E., O\u2019Reilly, U.M.: Adversarial deep learning for robust detection of binary encoded malware. In: 2018 IEEE Security and Privacy Workshops (SPW), pp. 76\u201382. IEEE (2018)","DOI":"10.1109\/SPW.2018.00020"},{"key":"10_CR4","doi-asserted-by":"publisher","first-page":"144","DOI":"10.1016\/j.cose.2018.01.001","volume":"74","author":"BAS Al-rimy","year":"2018","unstructured":"Al-rimy, B.A.S., Maarof, M.A., Shaid, S.Z.M.: Ransomware threat success factors, taxonomy, and countermeasures: a survey and research directions. Comput. Secur. 74, 144\u2013166 (2018)","journal-title":"Comput. Secur."},{"key":"10_CR5","unstructured":"Alazab, M., Venkatraman, S., Watters, P., Alazab, M., et al.: Zero-day malware detection based on supervised learning algorithms of API call signatures. In: 2011 Australasian Data Mining Conference (AusDM 11) (2010)"},{"key":"10_CR6","doi-asserted-by":"publisher","first-page":"S94","DOI":"10.1016\/j.diin.2014.03.012","volume":"11","author":"S Alrabaee","year":"2014","unstructured":"Alrabaee, S., Saleem, N., Preda, S., Wang, L., Debbabi, M.: OBA2: an onion approach to binary code authorship attribution. Digit. Investig. 11, S94\u2013S103 (2014)","journal-title":"Digit. Investig."},{"key":"10_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"256","DOI":"10.1007\/978-3-319-51966-1_17","volume-title":"Foundations and Practice of Security","author":"S Alrabaee","year":"2017","unstructured":"Alrabaee, S., Shirani, P., Debbabi, M., Wang, L.: On the feasibility of malware authorship attribution. In: Cuppens, F., Wang, L., Cuppens-Boulahia, N., Tawbi, N., Garcia-Alfaro, J. (eds.) FPS 2016. LNCS, vol. 10128, pp. 256\u2013272. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-51966-1_17"},{"key":"10_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1007\/978-3-319-66402-6_6","volume-title":"Computer Security \u2013 ESORICS 2017","author":"B Alsulami","year":"2017","unstructured":"Alsulami, B., Dauber, E., Harang, R., Mancoridis, S., Greenstadt, R.: Source code authorship attribution using long short-term memory based networks. In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017. LNCS, vol. 10492, pp. 65\u201382. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66402-6_6"},{"key":"10_CR9","doi-asserted-by":"publisher","first-page":"101760","DOI":"10.1016\/j.cose.2020.101760","volume":"92","author":"E Amer","year":"2020","unstructured":"Amer, E., Zelinka, I.: A dynamic windows malware detection and prediction method based on contextual understanding of API call sequence. Comput. Secur. 92, 101760 (2020)","journal-title":"Comput. Secur."},{"key":"10_CR10","doi-asserted-by":"crossref","unstructured":"Anderson, B., McGrew, D.: Machine learning for encrypted malware traffic classification: accounting for noisy labels and non-stationarity. In: Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1723\u20131732 (2017)","DOI":"10.1145\/3097983.3098163"},{"key":"10_CR11","unstructured":"Anderson, H.S., Kharkar, A., Filar, B., Roth, P.: Evading machine learning malware detection. Black Hat (2017)"},{"key":"10_CR12","doi-asserted-by":"crossref","unstructured":"Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K., Siemens, C.: Drebin: effective and explainable detection of Android malware in your pocket. In: NDSS, vol. 14, pp. 23\u201326 (2014)","DOI":"10.14722\/ndss.2014.23247"},{"issue":"1","key":"10_CR13","doi-asserted-by":"publisher","first-page":"88","DOI":"10.1109\/TSUSC.2018.2809665","volume":"4","author":"A Azmoodeh","year":"2018","unstructured":"Azmoodeh, A., Dehghantanha, A., Choo, K.K.R.: Robust malware detection for internet of (battlefield) things devices using deep eigenspace learning. IEEE Trans. Sustain. Comput. 4(1), 88\u201395 (2018)","journal-title":"IEEE Trans. Sustain. Comput."},{"key":"10_CR14","doi-asserted-by":"crossref","unstructured":"Biggio, B., et al.: Poisoning behavioral malware clustering. In: Proceedings of the 2014 Workshop on Artificial Intelligent and Security Workshop, pp. 27\u201336 (2014)","DOI":"10.1145\/2666652.2666666"},{"key":"10_CR15","doi-asserted-by":"publisher","first-page":"317","DOI":"10.1016\/j.patcog.2018.07.023","volume":"84","author":"B Biggio","year":"2018","unstructured":"Biggio, B., Roli, F.: Wild patterns: ten years after the rise of adversarial machine learning. Pattern Recogn. 84, 317\u2013331 (2018)","journal-title":"Pattern Recogn."},{"key":"10_CR16","doi-asserted-by":"crossref","unstructured":"Bilge, L., Balzarotti, D., Robertson, W., Kirda, E., Kruegel, C.: Disclosure: detecting botnet command and control servers through large-scale netflow analysis. In: ACSAC, pp. 129\u2013138. ACM (2012)","DOI":"10.1145\/2420950.2420969"},{"key":"10_CR17","doi-asserted-by":"publisher","first-page":"756","DOI":"10.1016\/j.cose.2017.09.013","volume":"77","author":"P Black","year":"2017","unstructured":"Black, P., Gondal, I., Layton, R.: A survey of similarities in banking malware behaviours. Comput. Secur. 77, 756\u2013772 (2017)","journal-title":"Comput. Secur."},{"issue":"2","key":"10_CR18","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/s11416-015-0247-x","volume":"12","author":"A Boukhtouta","year":"2016","unstructured":"Boukhtouta, A., Mokhov, S.A., Lakhdari, N.E., Debbabi, M., Paquet, J.: Network malware classification comparison using dpi and flow packet headers. J. Comput. Virol. Hacking Tech. 12(2), 69\u2013100 (2016)","journal-title":"J. Comput. Virol. Hacking Tech."},{"key":"10_CR19","doi-asserted-by":"crossref","unstructured":"Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: CrowDroid: behavior-based malware detection system for Android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 15\u201326 (2011)","DOI":"10.1145\/2046614.2046619"},{"key":"10_CR20","doi-asserted-by":"publisher","first-page":"399","DOI":"10.1016\/j.cose.2017.11.016","volume":"73","author":"P Burnap","year":"2018","unstructured":"Burnap, P., French, R., Turner, F., Jones, K.: Malware classification using self organising feature maps and machine activity data. Comput. Secur. 73, 399\u2013410 (2018)","journal-title":"Comput. Secur."},{"key":"10_CR21","doi-asserted-by":"crossref","unstructured":"Cakir, B., Dogdu, E.: Malware classification using deep learning methods. In: Proceedings of the ACMSE 2018 Conference, pp. 1\u20135 (2018)","DOI":"10.1145\/3190645.3190692"},{"key":"10_CR22","doi-asserted-by":"crossref","unstructured":"Canfora, G., De Lorenzo, A., Medvet, E., Mercaldo, F., Visaggio, C.A.: Effectiveness of opcode ngrams for detection of multi family Android malware. In: 2015 10th International Conference on Availability, Reliability and Security, pp. 333\u2013340. IEEE (2015)","DOI":"10.1109\/ARES.2015.57"},{"key":"10_CR23","doi-asserted-by":"crossref","unstructured":"Chen, L., Hou, S., Ye, Y.: SecureDroid: enhancing security of machine learning-based detection against adversarial Android malware attacks. In: Proceedings of the 33rd Annual Computer Security Applications Conference, pp. 362\u2013372 (2017)","DOI":"10.1145\/3134600.3134636"},{"key":"10_CR24","doi-asserted-by":"publisher","first-page":"326","DOI":"10.1016\/j.cose.2017.11.007","volume":"73","author":"S Chen","year":"2018","unstructured":"Chen, S., et al.: Automated poisoning attacks and defenses in malware detection systems: an adversarial machine learning approach. Comput. Secur. 73, 326\u2013344 (2018)","journal-title":"Comput. Secur."},{"key":"10_CR25","doi-asserted-by":"publisher","first-page":"987","DOI":"10.1109\/TIFS.2019.2932228","volume":"15","author":"X Chen","year":"2019","unstructured":"Chen, X., et al.: Android HIV: a study of repackaging malware for evading machine-learning detection. IEEE Trans. Inf. Forensics Secur. 15, 987\u20131001 (2019)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"10_CR26","doi-asserted-by":"crossref","unstructured":"Chen, Y., Narayanan, A., Pang, S., Tao, B.: Malicioius software detection using multiple sequence alignment and data mining. In: 2012 IEEE 26th International Conference on Advanced Information Networking and Applications, pp. 8\u201314. IEEE (2012)","DOI":"10.1109\/AINA.2012.62"},{"key":"10_CR27","doi-asserted-by":"publisher","first-page":"346","DOI":"10.1016\/j.ins.2017.04.044","volume":"433","author":"Z Chen","year":"2018","unstructured":"Chen, Z., et al.: Machine learning based mobile malware detection using highly imbalanced network traffic. Inf. Sci. 433, 346\u2013364 (2018)","journal-title":"Inf. Sci."},{"key":"10_CR28","doi-asserted-by":"crossref","unstructured":"David, O.E., Netanyahu, N.S.: Deepsign: deep learning for automatic malware signature generation and classification. In: 2015 International Joint Conference on Neural Networks (IJCNN), pp. 1\u20138. IEEE (2015)","DOI":"10.1109\/IJCNN.2015.7280815"},{"key":"10_CR29","doi-asserted-by":"publisher","first-page":"711","DOI":"10.1109\/TDSC.2017.2700270","volume":"16","author":"A Demontis","year":"2017","unstructured":"Demontis, A., et al.: Yes, machine learning can be more secure! a case study on Android malware detection. IEEE Trans. Dependable Secure Comput. 16, 711\u2013724 (2017)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"10_CR30","doi-asserted-by":"crossref","unstructured":"Eskandari, S., Leoutsarakos, A., Mursch, T., Clark, J.: A first look at browser-based cryptojacking. In: 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pp. 58\u201366. IEEE (2018)","DOI":"10.1109\/EuroSPW.2018.00014"},{"key":"10_CR31","doi-asserted-by":"publisher","first-page":"838","DOI":"10.1109\/TIFS.2020.3021924","volume":"16","author":"M Fan","year":"2020","unstructured":"Fan, M., Wei, W., Xie, X., Liu, Y., Guan, X., Liu, T.: Can we trust your explanations? Sanity checks for interpreters in Android malware analysis. IEEE Trans. Inf. Forensics Secur. 16, 838\u2013853 (2020)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"10_CR32","doi-asserted-by":"crossref","unstructured":"Fan, Y., Hou, S., Zhang, Y., Ye, Y., Abdulhayoglu, M.: Gotcha-sly malware! scorpion a metagraph2vec based malware detection system. In: Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining, pp. 253\u2013262 (2018)","DOI":"10.1145\/3219819.3219862"},{"key":"10_CR33","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1016\/j.eswa.2016.01.002","volume":"52","author":"Y Fan","year":"2016","unstructured":"Fan, Y., Ye, Y., Chen, L.: Malicious sequential pattern mining for automatic malware detection. Expert Syst. Appl. 52, 16\u201325 (2016)","journal-title":"Expert Syst. Appl."},{"key":"10_CR34","doi-asserted-by":"crossref","unstructured":"Firdausi, I., Erwin, A., Nugroho, A.S., et al.: Analysis of machine learning techniques used in behavior-based malware detection. In: 2010 Second International Conference on Advances in Computing, Control, and Telecommunication Technologies, pp. 201\u2013203. IEEE (2010)","DOI":"10.1109\/ACT.2010.33"},{"issue":"2","key":"10_CR35","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1007\/s13222-016-0221-x","volume":"16","author":"I Frommholz","year":"2016","unstructured":"Frommholz, I., Al-Khateeb, H.M., Potthast, M., Ghasem, Z., Shukla, M., Short, E.: On textual analysis and machine learning for cyberstalking detection. Datenbank-Spektrum 16(2), 127\u2013135 (2016)","journal-title":"Datenbank-Spektrum"},{"key":"10_CR36","unstructured":"Garcia, S.: Modelling the network behaviour of malware to block malicious patterns. The stratosphere project: a behavioural IPS. Virus Bulletin (2015)"},{"key":"10_CR37","doi-asserted-by":"publisher","first-page":"100","DOI":"10.1016\/j.cose.2014.05.011","volume":"45","author":"S Garcia","year":"2014","unstructured":"Garcia, S., Grill, M., Stiborek, J., Zunino, A.: An empirical comparison of botnet detection methods. Comput. Secur. 45, 100\u2013123 (2014)","journal-title":"Comput. Secur."},{"key":"10_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1007\/978-3-319-66399-9_4","volume-title":"Computer Security \u2013 ESORICS 2017","author":"K Grosse","year":"2017","unstructured":"Grosse, K., Papernot, N., Manoharan, P., Backes, M., McDaniel, P.: Adversarial examples for malware detection. In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017. LNCS, vol. 10493, pp. 62\u201379. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66399-9_4"},{"key":"10_CR39","doi-asserted-by":"publisher","first-page":"12118","DOI":"10.1109\/ACCESS.2018.2805783","volume":"6","author":"J Gu","year":"2018","unstructured":"Gu, J., Sun, B., Du, X., Wang, J., Zhuang, Y., Wang, Z.: Consortium blockchain-based malware detection in mobile devices. IEEE Access 6, 12118\u201312128 (2018)","journal-title":"IEEE Access"},{"key":"10_CR40","doi-asserted-by":"publisher","first-page":"88","DOI":"10.1016\/j.future.2018.03.007","volume":"85","author":"H HaddadPajouh","year":"2018","unstructured":"HaddadPajouh, H., Dehghantanha, A., Khayami, R., Choo, K.K.R.: A deep recurrent neural network based approach for internet of things malware threat hunting. Futur. Gener. Comput. Syst. 85, 88\u201396 (2018)","journal-title":"Futur. Gener. Comput. Syst."},{"key":"10_CR41","unstructured":"VX Heaven: VX heaven virus collection, 15 May 2010. http:\/\/vxheaven.org\/"},{"key":"10_CR42","doi-asserted-by":"crossref","unstructured":"Hou, S., Ye, Y., Song, Y., Abdulhayoglu, M.: HinDroid: an intelligent Android malware detection system based on structured heterogeneous information network. In: Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1507\u20131515 (2017)","DOI":"10.1145\/3097983.3098026"},{"key":"10_CR43","unstructured":"Hu, W., Tan, Y.: Black-box attacks against RNN based malware detection algorithms. In: Workshops at the Thirty-Second AAAI Conference on Artificial Intelligence (2018)"},{"key":"10_CR44","first-page":"1","volume":"37","author":"H Huang","year":"2019","unstructured":"Huang, H., Deng, H., Sheng, Y., Ye, X.: Accelerating convolutional neural network-based malware traffic detection through ant-colony clustering. J. Intell. Fuzzy Syst. (Preprint) 37, 1\u201315 (2019)","journal-title":"J. Intell. Fuzzy Syst. (Preprint)"},{"key":"10_CR45","doi-asserted-by":"crossref","unstructured":"Ijaz, M., Durad, M.H., Ismail, M.: Static and dynamic malware analysis using machine learning. In: 2019 16th International Bhurban Conference on Applied Sciences and Technology (IBCAST), pp. 687\u2013691. IEEE (2019)","DOI":"10.1109\/IBCAST.2019.8667136"},{"key":"10_CR46","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-61675-5","volume-title":"Machine Learning for Authorship Attribution and Cyber Forensics","author":"F Iqbal","year":"2020","unstructured":"Iqbal, F., Debbabi, M., Fung, B.C.: Machine Learning for Authorship Attribution and Cyber Forensics. Springer, Heidelberg (2020)"},{"key":"10_CR47","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"51","DOI":"10.1007\/978-3-642-22786-8_6","volume-title":"Computer Networks and Intelligent Computing","author":"S Jain","year":"2011","unstructured":"Jain, S., Meena, Y.K.: Byte level n\u2013gram analysis for malware detection. In: Venugopal, K.R., Patnaik, L.M. (eds.) ICIP 2011. CCIS, vol. 157, pp. 51\u201359. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-22786-8_6"},{"key":"10_CR48","unstructured":"Jordaney, R., et al.: Transcend: detecting concept drift in malware classification models. In: 26th USENIX Security Symposium (USENIX Security 2017), pp. 625\u2013642 (2017)"},{"key":"10_CR49","unstructured":"Jordaney, R., Wang, Z., Papini, D., Nouretdinov, I., Cavallaro, L.: Misleading metrics: on evaluating machine learning for malware with confidence. Technical report (2016)"},{"key":"10_CR50","doi-asserted-by":"crossref","unstructured":"Kalash, M., Rochan, M., Mohammed, N., Bruce, N.D., Wang, Y., Iqbal, F.: Malware classification with deep convolutional neural networks. In: 2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS), pp. 1\u20135. IEEE (2018)","DOI":"10.1109\/NTMS.2018.8328749"},{"issue":"1","key":"10_CR51","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3292577","volume":"52","author":"V Kalgutkar","year":"2019","unstructured":"Kalgutkar, V., Kaur, R., Gonzalez, H., Stakhanova, N., Matyukhina, A.: Code authorship attribution: methods and challenges. ACM Comput. Surv. (CSUR) 52(1), 1\u201336 (2019)","journal-title":"ACM Comput. Surv. (CSUR)"},{"key":"10_CR52","doi-asserted-by":"crossref","unstructured":"Kalgutkar, V., Stakhanova, N., Cook, P., Matyukhina, A.: Android authorship attribution through string analysis. In: Proceedings of the 13th International Conference on Availability, Reliability and Security, pp. 1\u201310 (2018)","DOI":"10.1145\/3230833.3230849"},{"key":"10_CR53","doi-asserted-by":"crossref","unstructured":"Kantchelian, A., et al.: Better malware ground truth: techniques for weighting anti-virus vendor labels. In: Proceedings of the 8th ACM Workshop on Artificial Intelligence and Security, pp. 45\u201356 (2015)","DOI":"10.1145\/2808769.2808780"},{"key":"10_CR54","doi-asserted-by":"publisher","first-page":"S48","DOI":"10.1016\/j.diin.2018.01.007","volume":"24","author":"EB Karbab","year":"2018","unstructured":"Karbab, E.B., Debbabi, M., Derhab, A., Mouheb, D.: MalDozer: automatic framework for Android malware detection using deep learning. Digit. Investig. 24, S48\u2013S59 (2018)","journal-title":"Digit. Investig."},{"key":"10_CR55","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-319-26362-5_1","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"KN Khasawneh","year":"2015","unstructured":"Khasawneh, K.N., Ozsoy, M., Donovick, C., Abu-Ghazaleh, N., Ponomarev, D.: Ensemble learning for low-level hardware-supported malware detection. In: Bos, H., Monrose, F., Blanc, G. (eds.) RAID 2015. LNCS, vol. 9404, pp. 3\u201325. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-26362-5_1"},{"key":"10_CR56","doi-asserted-by":"crossref","unstructured":"Kirat, D., Nataraj, L., Vigna, G., Manjunath, B.: SigMal: a static signal processing based malware triage. In: Proceedings of the 29th Annual Computer Security Applications Conference, pp. 89\u201398 (2013)","DOI":"10.1145\/2523649.2523682"},{"key":"10_CR57","doi-asserted-by":"crossref","unstructured":"Kirat, D., Vigna, G.: MalGene: automatic extraction of malware analysis evasion signature. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 769\u2013780 (2015)","DOI":"10.1145\/2810103.2813642"},{"key":"10_CR58","doi-asserted-by":"crossref","unstructured":"Kolosnjaji, B., et al.: Adversarial malware binaries: evading deep learning for malware detection in executables. In: 2018 26th European Signal Processing Conference (EUSIPCO), pp. 533\u2013537. IEEE (2018)","DOI":"10.23919\/EUSIPCO.2018.8553214"},{"key":"10_CR59","series-title":"Lecture Notes in Computer Science (Lecture Notes in Artificial Intelligence)","doi-asserted-by":"publisher","first-page":"137","DOI":"10.1007\/978-3-319-50127-7_11","volume-title":"AI 2016: Advances in Artificial Intelligence","author":"B Kolosnjaji","year":"2016","unstructured":"Kolosnjaji, B., Zarras, A., Webster, G., Eckert, C.: Deep learning for classification of malware system call sequences. In: Kang, B.H., Bai, Q. (eds.) AI 2016. LNCS (LNAI), vol. 9992, pp. 137\u2013149. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-50127-7_11"},{"key":"10_CR60","doi-asserted-by":"publisher","first-page":"S118","DOI":"10.1016\/j.diin.2018.04.024","volume":"26","author":"Q Le","year":"2018","unstructured":"Le, Q., Boydell, O., Mac Namee, B., Scanlon, M.: Deep learning at the shallow end: malware classification for non-domain experts. Digit. Investig. 26, S118\u2013S126 (2018)","journal-title":"Digit. Investig."},{"key":"10_CR61","series-title":"Studies in Computational Intelligence","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-319-08624-8_1","volume-title":"Intelligent Methods for Cyber Warfare","author":"C LeDoux","year":"2015","unstructured":"LeDoux, C., Lakhotia, A.: Malware and machine learning. In: Yager, R.R., Reformat, M.Z., Alajlan, N. (eds.) Intelligent Methods for Cyber Warfare. SCI, vol. 563, pp. 1\u201342. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-08624-8_1"},{"key":"10_CR62","doi-asserted-by":"publisher","first-page":"3886","DOI":"10.1109\/TIFS.2020.3003571","volume":"15","author":"D Li","year":"2020","unstructured":"Li, D., Li, Q.: Adversarial deep ensemble: evasion attacks and defenses for malware detection. IEEE Trans. Inf. Forensics Secur. 15, 3886\u20133900 (2020)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"issue":"7","key":"10_CR63","doi-asserted-by":"publisher","first-page":"3216","DOI":"10.1109\/TII.2017.2789219","volume":"14","author":"J Li","year":"2018","unstructured":"Li, J., Sun, L., Yan, Q., Li, Z., Srisa-an, W., Ye, H.: Significant permission identification for machine-learning-based Android malware detection. IEEE Trans. Ind. Inf. 14(7), 3216\u20133225 (2018)","journal-title":"IEEE Trans. Ind. Inf."},{"key":"10_CR64","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"238","DOI":"10.1007\/978-3-642-15512-3_13","volume-title":"Recent Advances in Intrusion Detection","author":"P Li","year":"2010","unstructured":"Li, P., Liu, L., Gao, D., Reiter, M.K.: On challenges in evaluating malware clustering. In: Jha, S., Sommer, R., Kreibich, C. (eds.) RAID 2010. LNCS, vol. 6307, pp. 238\u2013255. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-15512-3_13"},{"key":"10_CR65","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"192","DOI":"10.1007\/978-3-319-66332-6_9","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"Y Li","year":"2017","unstructured":"Li, Y., Jang, J., Hu, X., Ou, X.: Android malware clustering through malicious payload mining. In: Dacier, M., Bailey, M., Polychronakis, M., Antonakakis, M. (eds.) RAID 2017. LNCS, vol. 10453, pp. 192\u2013214. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66332-6_9"},{"key":"10_CR66","series-title":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","doi-asserted-by":"publisher","first-page":"597","DOI":"10.1007\/978-3-319-59608-2_33","volume-title":"Security and Privacy in Communication Networks","author":"Z Li","year":"2017","unstructured":"Li, Z., Sun, L., Yan, Q., Srisa-an, W., Chen, Z.: DroidClassifier: efficient adaptive mining of application-layer header for classifying Android malware. In: Deng, R., Weng, J., Ren, K., Yegneswaran, V. (eds.) SecureComm 2016. LNICST, vol. 198, pp. 597\u2013616. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-59608-2_33"},{"key":"10_CR67","doi-asserted-by":"crossref","unstructured":"Lindorfer, M., Neugschwandtner, M., Weichselbaum, L., Fratantonio, Y., Van Der Veen, V., Platzer, C.: Andrubis-1,000,000 apps later: a view on current Android malware behaviors. In: 2014 Third International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS), pp. 3\u201317. IEEE (2014)","DOI":"10.1109\/BADGERS.2014.7"},{"key":"10_CR68","doi-asserted-by":"crossref","unstructured":"Liu, Y., et al.: Towards a timely causality analysis for enterprise security. In: NDSS (2018)","DOI":"10.14722\/ndss.2018.23254"},{"key":"10_CR69","unstructured":"Lundberg, S.M., Lee, S.I.: A unified approach to interpreting model predictions. In: Advances in Neural Information Processing Systems, vol. 30, pp. 4765\u20134774 (2017)"},{"key":"10_CR70","unstructured":"Mariconti, E., Onaolapo, J., Ross, G., Stringhini, G.: The cause of all evils: assessing causality between user actions and malware activity. In: 10th USENIX Workshop on Cyber Security Experimentation and Test (CSET 2017) (2017)"},{"key":"10_CR71","series-title":"Advances in Intelligent Systems and Computing","doi-asserted-by":"publisher","first-page":"1269","DOI":"10.1007\/978-3-030-22868-2_90","volume-title":"Intelligent Computing","author":"SM Mathews","year":"2019","unstructured":"Mathews, S.M.: Explainable artificial intelligence applications in NLP, biomedical, and malware classification: a literature review. In: Arai, K., Bhatia, R., Kapoor, S. (eds.) CompCom 2019. AISC, vol. 998, pp. 1269\u20131292. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-22868-2_90"},{"key":"10_CR72","doi-asserted-by":"crossref","unstructured":"McLaughlin, N., et al.: Deep Android malware detection. In: Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, pp. 301\u2013308 (2017)","DOI":"10.1145\/3029806.3029823"},{"key":"10_CR73","doi-asserted-by":"publisher","first-page":"266","DOI":"10.1016\/j.compeleceng.2017.02.013","volume":"61","author":"N Milosevic","year":"2017","unstructured":"Milosevic, N., Dehghantanha, A., Choo, K.K.R.: Machine learning aided Android malware classification. Comput. Electr. Eng. 61, 266\u2013274 (2017)","journal-title":"Comput. Electr. Eng."},{"key":"10_CR74","doi-asserted-by":"crossref","unstructured":"Miramirkhani, N., Appini, M.P., Nikiforakis, N., Polychronakis, M.: Spotless sandboxes: evading malware analysis systems using wear-and-tear artifacts. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 1009\u20131024. IEEE (2017)","DOI":"10.1109\/SP.2017.42"},{"key":"10_CR75","doi-asserted-by":"crossref","unstructured":"Mishra, P., Khurana, K., Gupta, S., Sharma, M.K.: VMAnalyzer: malware semantic analysis using integrated CNN and bi-directional LSTM for detecting VM-level attacks in cloud. In: 2019 Twelfth International Conference on Contemporary Computing (IC3), pp. 1\u20136. IEEE (2019)","DOI":"10.1109\/IC3.2019.8844877"},{"key":"10_CR76","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"231","DOI":"10.1007\/978-3-319-05149-9_15","volume-title":"Information Security Applications","author":"A Mohaisen","year":"2014","unstructured":"Mohaisen, A., Alrawi, O., Larson, M., McPherson, D.: Towards a methodical evaluation of antivirus scans and labels. In: Kim, Y., Lee, H., Perrig, A. (eds.) WISA 2013. LNCS, vol. 8267, pp. 231\u2013241. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-05149-9_15"},{"key":"10_CR77","doi-asserted-by":"publisher","first-page":"251","DOI":"10.1016\/j.cose.2015.04.001","volume":"52","author":"A Mohaisen","year":"2015","unstructured":"Mohaisen, A., Alrawi, O., Mohaisen, M.: AMAL: high-fidelity, behavior-based automated malware analysis and classification. Comput. Secur. 52, 251\u2013266 (2015)","journal-title":"Comput. Secur."},{"key":"10_CR78","doi-asserted-by":"crossref","unstructured":"Moubarak, J., Chamoun, M., Filiol, E.: Comparative study of recent MEA malware phylogeny. In: 2017 2nd International Conference on Computer and Communication Systems (ICCCS), pp. 16\u201320. IEEE (2017)","DOI":"10.1109\/CCOMS.2017.8075178"},{"key":"10_CR79","doi-asserted-by":"crossref","unstructured":"Mu\u00f1oz-Gonz\u00e1lez, L., et al.: Towards poisoning of deep learning algorithms with back-gradient optimization. In: Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, pp. 27\u201338 (2017)","DOI":"10.1145\/3128572.3140451"},{"key":"10_CR80","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"43","DOI":"10.1007\/978-3-030-65726-0_5","volume-title":"Internet of Things, Smart Spaces, and Next Generation Networks and Systems","author":"I Murenin","year":"2020","unstructured":"Murenin, I., Novikova, E., Ushakov, R., Kholod, I.: Explaining Android application authorship attribution based on source code analysis. In: Murenin, I., Novikova, E., Ushakov, R., Kholod, I. (eds.) NEW2AN\/ruSMART -2020. LNCS, vol. 12525, pp. 43\u201356. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-65726-0_5"},{"key":"10_CR81","doi-asserted-by":"publisher","first-page":"381","DOI":"10.1007\/978-3-030-62582-5_15","volume-title":"Malware Analysis Using Artificial Intelligence and Deep Learning","author":"A Nadeem","year":"2021","unstructured":"Nadeem, A., Hammerschmidt, C., Ga\u00f1\u00e1n, C.H., Verwer, S.: Beyond labeling: using clustering to build network behavioral profiles of malware families. In: Stamp, M., Alazab, M., Shalaginov, A. (eds.) Malware Analysis Using Artificial Intelligence and Deep Learning, pp. 381\u2013409. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-62582-5_15"},{"key":"10_CR82","doi-asserted-by":"crossref","unstructured":"Naidu, V., Narayanan, A.: Using different substitution matrices in a string-matching technique for identifying viral polymorphic malware variants. In: 2016 IEEE Congress on Evolutionary Computation (CEC), pp. 2903\u20132910. IEEE (2016)","DOI":"10.1109\/CEC.2016.7744156"},{"issue":"1","key":"10_CR83","doi-asserted-by":"publisher","first-page":"343","DOI":"10.1007\/s00500-014-1511-6","volume":"20","author":"FA Narudin","year":"2014","unstructured":"Narudin, F.A., Feizollah, A., Anuar, N.B., Gani, A.: Evaluation of machine learning classifiers for mobile malware detection. Soft. Comput. 20(1), 343\u2013357 (2014). https:\/\/doi.org\/10.1007\/s00500-014-1511-6","journal-title":"Soft. Comput."},{"key":"10_CR84","doi-asserted-by":"crossref","unstructured":"Nataraj, L., Karthikeyan, S., Jacob, G., Manjunath, B.S.: Malware images: visualization and automatic classification. In: Proceedings of the 8th International Symposium on Visualization for Cyber Security, pp. 1\u20137 (2011)","DOI":"10.1145\/2016904.2016908"},{"key":"10_CR85","doi-asserted-by":"crossref","unstructured":"Nguyen, T.D., Marchal, S., Miettinen, M., Fereidooni, H., Asokan, N., Sadeghi, A.R.: D\u00efot: a federated self-learning anomaly detection system for IoT. In: 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS), pp. 756\u2013767. IEEE (2019)","DOI":"10.1109\/ICDCS.2019.00080"},{"issue":"2","key":"10_CR86","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3313391","volume":"22","author":"L Onwuzurike","year":"2019","unstructured":"Onwuzurike, L., Mariconti, E., Andriotis, P., Cristofaro, E.D., Ross, G., Stringhini, G.: MaMaDroid: detecting Android malware by building Markov chains of behavioral models (extended version). ACM Trans. Privacy Secur. (TOPS) 22(2), 1\u201334 (2019)","journal-title":"ACM Trans. Privacy Secur. (TOPS)"},{"issue":"3","key":"10_CR87","doi-asserted-by":"publisher","first-page":"213","DOI":"10.1007\/s11416-017-0307-5","volume":"14","author":"HH Pajouh","year":"2018","unstructured":"Pajouh, H.H., Dehghantanha, A., Khayami, R., Choo, K.K.R.: Intelligent OS X malware threat detection with code inspection. J. Comput. Virol. Hacking Tech. 14(3), 213\u2013223 (2018)","journal-title":"J. Comput. Virol. Hacking Tech."},{"key":"10_CR88","unstructured":"Parmisano, A., Garcia, S., Erquiaga, M.J.: Stratosphere laboratory. A labeled dataset with malicious and benign IoT network traffic (2020). https:\/\/www.stratosphereips.org\/datasets-iot23"},{"key":"10_CR89","doi-asserted-by":"crossref","unstructured":"Pascanu, R., Stokes, J.W., Sanossian, H., Marinescu, M., Thomas, A.: Malware classification with recurrent networks. In: 2015 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), pp. 1916\u20131920. IEEE (2015)","DOI":"10.1109\/ICASSP.2015.7178304"},{"key":"10_CR90","doi-asserted-by":"crossref","unstructured":"Peiravian, N., Zhu, X.: Machine learning for Android malware detection using permission and API calls. In: 2013 IEEE 25th International Conference on Tools with Artificial Intelligence, pp. 300\u2013305. IEEE (2013)","DOI":"10.1109\/ICTAI.2013.53"},{"key":"10_CR91","doi-asserted-by":"crossref","unstructured":"Pellegrino, G., Lin, Q., Hammerschmidt, C., Verwer, S.: Learning behavioral fingerprints from netflows using timed automata. In: IFIP, pp. 308\u2013316. IEEE (2017)","DOI":"10.23919\/INM.2017.7987293"},{"key":"10_CR92","unstructured":"Pendlebury, F., Pierazzi, F., Jordaney, R., Kinder, J., Cavallaro, L.: TESSERACT: eliminating experimental bias in malware classification across space and time. In: 28th USENIX Security Symposium (USENIX Security 2019), pp. 729\u2013746 (2019)"},{"key":"10_CR93","unstructured":"Perdisci, R., Lee, W., Feamster, N.: Behavioral clustering of http-based malware and signature generation using malicious network traces. In: NSDI, vol. 10 (2010)"},{"key":"10_CR94","doi-asserted-by":"crossref","unstructured":"Pirscoveanu, R.S., Hansen, S.S., Larsen, T.M., Stevanovic, M., Pedersen, J.M., Czech, A.: Analysis of malware behavior: type classification using machine learning. In: 2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), pp. 1\u20137. IEEE (2015)","DOI":"10.1109\/CyberSA.2015.7166115"},{"key":"10_CR95","doi-asserted-by":"crossref","unstructured":"\u201cPolo\u201d Chau, D.H., Wright, A., Nachenberg, C., Faloutsos, C., Wilhelm, J.: Polonium: tera-scale graph mining and inference for malware detection. In: Proceedings of the SIAM International Conference on Data Mining, pp. 131\u2013142. Society for Industrial and Applied Mathematics (2011)","DOI":"10.1137\/1.9781611972818.12"},{"key":"10_CR96","unstructured":"Raff, E., Barker, J., Sylvester, J., Brandon, R., Catanzaro, B., Nicholas, C.K.: Malware detection by eating a whole exe. In: Workshops at the Thirty-Second AAAI Conference on Artificial Intelligence (2018)"},{"key":"10_CR97","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"144","DOI":"10.1007\/978-3-642-41284-4_8","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"MZ Rafique","year":"2013","unstructured":"Rafique, M.Z., Caballero, J.: FIRMA: malware clustering and network signature generation with mixed network behaviors. In: Stolfo, S.J., Stavrou, A., Wright, C.V. (eds.) RAID 2013. LNCS, vol. 8145, pp. 144\u2013163. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-41284-4_8"},{"key":"10_CR98","doi-asserted-by":"crossref","unstructured":"Ribeiro, M.T., Singh, S., Guestrin, C.: \u201cWhy should I trust you?\u201d explaining the predictions of any classifier. In: Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1135\u20131144 (2016)","DOI":"10.1145\/2939672.2939778"},{"issue":"4","key":"10_CR99","doi-asserted-by":"publisher","first-page":"639","DOI":"10.3233\/JCS-2010-0410","volume":"19","author":"K Rieck","year":"2011","unstructured":"Rieck, K., Trinius, P., Willems, C., Holz, T.: Automatic analysis of malware behavior using machine learning. J. Comput. Secur. 19(4), 639\u2013668 (2011)","journal-title":"J. Comput. Secur."},{"issue":"10","key":"10_CR100","doi-asserted-by":"publisher","first-page":"1619","DOI":"10.1109\/TPAMI.2006.211","volume":"28","author":"JJ Rodriguez","year":"2006","unstructured":"Rodriguez, J.J., Kuncheva, L.I., Alonso, C.J.: Rotation forest: a new classifier ensemble method. IEEE Trans. Pattern Anal. Mach. Intell. 28(10), 1619\u20131630 (2006)","journal-title":"IEEE Trans. Pattern Anal. Mach. Intell."},{"key":"10_CR101","unstructured":"Ronen, R., Radu, M., Feuerstein, C., Yom-Tov, E., Ahmadi, M.: Microsoft malware classification challenge. arXiv preprint arXiv:1802.10135 (2018)"},{"key":"10_CR102","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"91","DOI":"10.1007\/978-3-319-68612-7_11","volume-title":"Artificial Neural Networks and Machine Learning \u2013 ICANN 2017","author":"I Rosenberg","year":"2017","unstructured":"Rosenberg, I., Sicard, G., David, E.O.: DeepAPT: nation-state APT attribution using end-to-end deep neural networks. In: Lintas, A., Rovetta, S., Verschure, P.F.M.J., Villa, A.E.P. (eds.) ICANN 2017. LNCS, vol. 10614, pp. 91\u201399. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-68612-7_11"},{"key":"10_CR103","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"172","DOI":"10.1007\/978-3-642-23822-2_10","volume-title":"Computer Security \u2013 ESORICS 2011","author":"N Rosenblum","year":"2011","unstructured":"Rosenblum, N., Zhu, X., Miller, B.P.: Who wrote this code? Identifying the authors of program binaries. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 172\u2013189. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-23822-2_10"},{"key":"10_CR104","doi-asserted-by":"crossref","unstructured":"Sahs, J., Khan, L.: A machine learning approach to Android malware detection. In: 2012 European Intelligence and Security Informatics Conference, pp. 141\u2013147. IEEE (2012)","DOI":"10.1109\/EISIC.2012.34"},{"key":"10_CR105","doi-asserted-by":"crossref","unstructured":"Sami, A., Yadegari, B., Rahimi, H., Peiravian, N., Hashemi, S., Hamze, A.: Malware detection based on mining API calls. In: Proceedings of the 2010 ACM Symposium on Applied Computing, pp. 1020\u20131025 (2010)","DOI":"10.1145\/1774088.1774303"},{"key":"10_CR106","doi-asserted-by":"publisher","first-page":"64","DOI":"10.1016\/j.ins.2011.08.020","volume":"231","author":"I Santos","year":"2013","unstructured":"Santos, I., Brezo, F., Ugarte-Pedrero, X., Bringas, P.G.: Opcode sequences as representation of executables for data-mining-based unknown malware detection. Inf. Sci. 231, 64\u201382 (2013)","journal-title":"Inf. Sci."},{"key":"10_CR107","doi-asserted-by":"crossref","unstructured":"Saxe, J., Berlin, K.: Deep neural network based malware detection using two dimensional binary program features. In: 2015 10th International Conference on Malicious and Unwanted Software (MALWARE), pp. 11\u201320. IEEE (2015)","DOI":"10.1109\/MALWARE.2015.7413680"},{"key":"10_CR108","unstructured":"Saxe, J., Sanders, H.: Malware Data Science: Attack Detection and Attribution. No Starch Press (2018)"},{"key":"10_CR109","doi-asserted-by":"crossref","unstructured":"Sayadi, H., et al.: 2SMaRT: a two-stage machine learning-based approach for run-time specialized hardware-assisted malware detection. In: 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 728\u2013733. IEEE (2019)","DOI":"10.23919\/DATE.2019.8715080"},{"key":"10_CR110","doi-asserted-by":"crossref","unstructured":"Sayadi, H., Patel, N., PD, S.M., Sasan, A., Rafatirad, S., Homayoun, H.: Ensemble learning for effective run-time hardware-based malware detection: a comprehensive analysis and classification. In: 2018 55th ACM\/ESDA\/IEEE Design Automation Conference (DAC), pp. 1\u20136. IEEE (2018)","DOI":"10.1109\/DAC.2018.8465828"},{"key":"10_CR111","doi-asserted-by":"crossref","unstructured":"Shabtai, A., Fledel, Y., Elovici, Y.: Automated static code analysis for classifying Android applications using machine learning. In: 2010 International Conference on Computational Intelligence and Security, pp. 329\u2013333. IEEE (2010)","DOI":"10.1109\/CIS.2010.77"},{"key":"10_CR112","doi-asserted-by":"crossref","unstructured":"Shibahara, T., Yagi, T., Akiyama, M., Chiba, D., Yada, T.: Efficient dynamic malware analysis based on network behavior using deep learning. In: 2016 IEEE Global Communications Conference (GLOBECOM), pp. 1\u20137. IEEE (2016)","DOI":"10.1109\/GLOCOM.2016.7841778"},{"issue":"1","key":"10_CR113","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1515\/popets-2018-0007","volume":"2018","author":"L Simko","year":"2018","unstructured":"Simko, L., Zettlemoyer, L., Kohno, T.: Recognizing and imitating programmer style: adversaries in program authorship attribution. Proc. Priv. Enhancing Technol. 2018(1), 127\u2013144 (2018)","journal-title":"Proc. Priv. Enhancing Technol."},{"key":"10_CR114","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"75","DOI":"10.1007\/978-3-030-20951-3_6","volume-title":"Cyber Security Cryptography and Machine Learning","author":"A Singh","year":"2019","unstructured":"Singh, A., Handa, A., Kumar, N., Shukla, S.K.: Malware classification using image representation. In: Dolev, S., Hendler, D., Lodha, S., Yung, M. (eds.) CSCML 2019. LNCS, vol. 11527, pp. 75\u201392. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-20951-3_6"},{"key":"10_CR115","doi-asserted-by":"crossref","unstructured":"Smith, M.R., et al.: Mind the gap: on bridging the semantic gap between machine learning and malware analysis. In: Proceedings of the 13th ACM Workshop on Artificial Intelligence and Security, pp. 49\u201360 (2020)","DOI":"10.1145\/3411508.3421373"},{"issue":"1","key":"10_CR116","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s13673-018-0125-x","volume":"8","author":"A Souri","year":"2018","unstructured":"Souri, A., Hosseini, R.: A state-of-the-art survey of malware detection approaches using data mining techniques. HCIS 8(1), 1\u201322 (2018). https:\/\/doi.org\/10.1186\/s13673-018-0125-x","journal-title":"HCIS"},{"issue":"2","key":"10_CR117","doi-asserted-by":"publisher","first-page":"141","DOI":"10.1007\/s10207-014-0250-0","volume":"14","author":"M Spreitzenbarth","year":"2015","unstructured":"Spreitzenbarth, M., Schreck, T., Echtler, F., Arp, D., Hoffmann, J.: Mobile-sandbox: combining static and dynamic analysis with machine-learning techniques. Int. J. Inf. Secur. 14(2), 141\u2013153 (2015)","journal-title":"Int. J. Inf. Secur."},{"key":"10_CR118","doi-asserted-by":"crossref","unstructured":"Suarez-Tangil, G., Dash, S.K., Ahmadi, M., Kinder, J., Giacinto, G., Cavallaro, L.: DroidSieve: fast and accurate classification of obfuscated Android malware. In: Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, pp. 309\u2013320 (2017)","DOI":"10.1145\/3029806.3029825"},{"issue":"4","key":"10_CR119","doi-asserted-by":"publisher","first-page":"1104","DOI":"10.1016\/j.eswa.2013.07.106","volume":"41","author":"G Suarez-Tangil","year":"2014","unstructured":"Suarez-Tangil, G., Tapiador, J.E., Peris-Lopez, P., Blasco, J.: Dendroid: a text mining approach to analyzing and classifying code structures in Android malware families. Expert Syst. Appl. 41(4), 1104\u20131117 (2014)","journal-title":"Expert Syst. Appl."},{"key":"10_CR120","doi-asserted-by":"publisher","unstructured":"Tamersoy, A., Roundy, K., Chau, D.H.: Guilt by association: large scale malware detection by mining file-relation graphs. In: Proceedings of the 20th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1524\u20131533. Association for Computing Machinery, New York (2014). https:\/\/doi.org\/10.1145\/2623330.2623342","DOI":"10.1145\/2623330.2623342"},{"key":"10_CR121","doi-asserted-by":"crossref","unstructured":"Tegeler, F., Fu, X., Vigna, G., Kruegel, C.: BotFinder: finding bots in network traffic without deep packet inspection. In: CoNEXT, pp. 349\u2013360. ACM (2012)","DOI":"10.1145\/2413176.2413217"},{"key":"10_CR122","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1016\/j.cose.2018.11.001","volume":"81","author":"D Ucci","year":"2019","unstructured":"Ucci, D., Aniello, L., Baldoni, R.: Survey of machine learning techniques for malware analysis. Comput. Secur. 81, 123\u2013147 (2019)","journal-title":"Comput. Secur."},{"key":"10_CR123","doi-asserted-by":"crossref","unstructured":"Verwer, S., Nadeem, A., Hammerschmidt, C., Bliek, L., Al-Dujaili, A., O\u2019Reilly, U.M.: The robust malware detection challenge and greedy random accelerated multi-bit search. In: Proceedings of the 13th ACM Workshop on Artificial Intelligence and Security, pp. 61\u201370 (2020)","DOI":"10.1145\/3411508.3421374"},{"issue":"11","key":"10_CR124","doi-asserted-by":"publisher","first-page":"1869","DOI":"10.1109\/TIFS.2014.2353996","volume":"9","author":"W Wang","year":"2014","unstructured":"Wang, W., Wang, X., Feng, D., Liu, J., Han, Z., Zhang, X.: Exploring permission-induced risk in Android applications for malicious application detection. IEEE Trans. Inf. Forensics Secur. 9(11), 1869\u20131882 (2014)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"10_CR125","unstructured":"Wang, W., Zhu, M., Zeng, X., Ye, X., Sheng, Y.: Malware traffic classification using convolutional neural network for representation learning. In: 2017 International Conference on Information Networking (ICOIN), pp. 712\u2013717. IEEE (2017)"},{"issue":"12","key":"10_CR126","doi-asserted-by":"publisher","first-page":"2768","DOI":"10.1109\/TMC.2018.2886881","volume":"18","author":"X Wang","year":"2018","unstructured":"Wang, X., Yang, Y., Zhu, S.: Automated hybrid analysis of Android malware through augmenting fuzzing with forced execution. IEEE Trans. Mob. Comput. 18(12), 2768\u20132782 (2018)","journal-title":"IEEE Trans. Mob. Comput."},{"key":"10_CR127","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"646","DOI":"10.1007\/978-3-319-89500-0_55","volume-title":"Information and Communications Security","author":"Z Wang","year":"2018","unstructured":"Wang, Z., Tian, M., Jia, C.: An active and dynamic botnet detection approach to track hidden concept drift. In: Qing, S., Mitchell, C., Chen, L., Liu, D. (eds.) ICICS 2017. LNCS, vol. 10631, pp. 646\u2013660. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-89500-0_55"},{"key":"10_CR128","unstructured":"Xu, K., et al.: Show, attend and tell: neural image caption generation with visual attention. In: International Conference on Machine Learning, pp. 2048\u20132057 (2015)"},{"key":"10_CR129","doi-asserted-by":"crossref","unstructured":"Xu, Z., Ray, S., Subramanyan, P., Malik, S.: Malware detection using machine learning based analysis of virtual memory access patterns. In: Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 169\u2013174. IEEE (2017)","DOI":"10.23919\/DATE.2017.7926977"},{"key":"10_CR130","doi-asserted-by":"crossref","unstructured":"Yakura, H., Shinozaki, S., Nishimura, R., Oyama, Y., Sakuma, J.: Malware analysis of imaged binary samples by convolutional neural network with attention mechanism. In: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy, pp. 127\u2013134 (2018)","DOI":"10.1145\/3176258.3176335"},{"issue":"5","key":"10_CR131","doi-asserted-by":"publisher","first-page":"1250","DOI":"10.1109\/JIOT.2017.2694844","volume":"4","author":"Y Yang","year":"2017","unstructured":"Yang, Y., Wu, L., Yin, G., Li, L., Zhao, H.: A survey on security and privacy issues in internet-of-things. IEEE Internet Things J. 4(5), 1250\u20131258 (2017)","journal-title":"IEEE Internet Things J."},{"issue":"3","key":"10_CR132","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3073559","volume":"50","author":"Y Ye","year":"2017","unstructured":"Ye, Y., Li, T., Adjeroh, D., Iyengar, S.S.: A survey on malware detection using data mining techniques. ACM Comput. Surv. (CSUR) 50(3), 1\u201340 (2017)","journal-title":"ACM Comput. Surv. (CSUR)"},{"issue":"1","key":"10_CR133","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1186\/s13635-019-0087-1","volume":"2019","author":"SY Yerima","year":"2019","unstructured":"Yerima, S.Y., Alzaylaee, M.K., Sezer, S.: Machine learning-based dynamic analysis of Android apps with improved code coverage. EURASIP J. Inf. Secur. 2019(1), 4 (2019)","journal-title":"EURASIP J. Inf. Secur."},{"key":"10_CR134","doi-asserted-by":"crossref","unstructured":"Yerima, S.Y., Sezer, S., McWilliams, G., Muttik, I.: A new Android malware detection approach using Bayesian classification. In: 2013 IEEE 27th International Conference on Advanced Information Networking and Applications (AINA), pp. 121\u2013128. IEEE (2013)","DOI":"10.1109\/AINA.2013.88"},{"key":"10_CR135","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1007\/978-3-319-45719-2_8","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"A Yokoyama","year":"2016","unstructured":"Yokoyama, A., et al.: SandPrint: fingerprinting malware sandboxes to provide intelligence for sandbox evasion. In: Monrose, F., Dacier, M., Blanc, G., Garcia-Alfaro, J. (eds.) RAID 2016. LNCS, vol. 9854, pp. 165\u2013187. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-45719-2_8"},{"issue":"1","key":"10_CR136","doi-asserted-by":"publisher","first-page":"114","DOI":"10.1109\/TST.2016.7399288","volume":"21","author":"Z Yuan","year":"2016","unstructured":"Yuan, Z., Lu, Y., Xue, Y.: DroidDetector: Android malware characterization and detection using deep learning. Tsinghua Sci. Technol. 21(1), 114\u2013123 (2016)","journal-title":"Tsinghua Sci. Technol."},{"issue":"2","key":"10_CR137","doi-asserted-by":"publisher","first-page":"461","DOI":"10.1007\/s00521-017-3077-6","volume":"31","author":"D Yuxin","year":"2017","unstructured":"Yuxin, D., Siyi, Z.: Malware detection based on deep learning algorithm. Neural Comput. Appl. 31(2), 461\u2013472 (2017). https:\/\/doi.org\/10.1007\/s00521-017-3077-6","journal-title":"Neural Comput. Appl."},{"issue":"3","key":"10_CR138","doi-asserted-by":"publisher","first-page":"766","DOI":"10.1109\/TCYB.2015.2415032","volume":"46","author":"F Zhang","year":"2015","unstructured":"Zhang, F., Chan, P.P., Biggio, B., Yeung, D.S., Roli, F.: Adversarial feature selection against evasion attacks. IEEE Trans. Cybern. 46(3), 766\u2013777 (2015)","journal-title":"IEEE Trans. Cybern."},{"key":"10_CR139","doi-asserted-by":"crossref","unstructured":"Zhang, H., Sun, M., Yao, D., North, C.: Visualizing traffic causality for analyzing network anomalies. In: Proceedings of the 2015 ACM International Workshop on International Workshop on Security and Privacy Analytics, pp. 37\u201342 (2015)","DOI":"10.1145\/2713579.2713583"},{"key":"10_CR140","doi-asserted-by":"publisher","first-page":"180","DOI":"10.1016\/j.cose.2016.01.002","volume":"58","author":"H Zhang","year":"2016","unstructured":"Zhang, H., Yao, D.D., Ramakrishnan, N., Zhang, Z.: Causality reasoning about network events for detecting stealthy malware activities. Comput. Secur. 58, 180\u2013198 (2016)","journal-title":"Comput. Secur."},{"key":"10_CR141","doi-asserted-by":"publisher","first-page":"991","DOI":"10.1007\/s11280-019-00675-z","volume":"23","author":"H Zhang","year":"2019","unstructured":"Zhang, H., Zhang, W., Lv, Z., Sangaiah, A.K., Huang, T., Chilamkurti, N.: MALDC: a depth detection method for malware based on behavior chains. World Wide Web 23, 991\u20131010 (2019)","journal-title":"World Wide Web"},{"key":"10_CR142","doi-asserted-by":"crossref","unstructured":"Zhang, X., et al.: Enhancing state-of-the-art classifiers with API semantics to detect evolved Android malware. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, pp. 757\u2013770 (2020)","DOI":"10.1145\/3372297.3417291"},{"key":"10_CR143","doi-asserted-by":"crossref","unstructured":"Zhou, Y., Jiang, X.: Dissecting Android malware: characterization and evolution. In: 2012 IEEE Symposium on Security and Privacy, pp. 95\u2013109. IEEE (2012)","DOI":"10.1109\/SP.2012.16"},{"key":"10_CR144","doi-asserted-by":"publisher","first-page":"638","DOI":"10.1016\/j.neucom.2017.07.030","volume":"272","author":"HJ Zhu","year":"2018","unstructured":"Zhu, H.J., You, Z.H., Zhu, Z.X., Shi, W.L., Chen, X., Cheng, L.: DroidDet: effective and robust detection of Android malware using static analysis along with rotation forest model. Neurocomputing 272, 638\u2013646 (2018)","journal-title":"Neurocomputing"},{"key":"10_CR145","doi-asserted-by":"crossref","unstructured":"Zhu, Z., Dumitra\u015f, T.: FeatureSmith: automatically engineering features for malware detection by mining the security literature. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 767\u2013778 (2016)","DOI":"10.1145\/2976749.2978304"}],"container-title":["Lecture Notes in Computer Science","Security and Artificial Intelligence"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-98795-4_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,4,7]],"date-time":"2022-04-07T18:11:01Z","timestamp":1649355061000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-98795-4_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783030987947","9783030987954"],"references-count":145,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-98795-4_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"8 April 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}