{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,21]],"date-time":"2026-01-21T08:53:52Z","timestamp":1768985632852,"version":"3.49.0"},"publisher-location":"Cham","reference-count":37,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783031163012","type":"print"},{"value":"9783031163029","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-16302-9_1","type":"book-chapter","created":{"date-parts":[[2022,10,5]],"date-time":"2022-10-05T23:03:52Z","timestamp":1665011032000},"page":"3-18","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Deep Learning-Based Malware Detection Using PE Headers"],"prefix":"10.1007","author":[{"given":"Arnas","family":"Nakro\u0161is","sequence":"first","affiliation":[]},{"given":"Ingrida","family":"Lagzdinyt\u0117-Budnik\u0117","sequence":"additional","affiliation":[]},{"given":"Agn\u0117","family":"Paulauskait\u0117-Tarasevi\u010dien\u0117","sequence":"additional","affiliation":[]},{"given":"Giedrius","family":"Paulikas","sequence":"additional","affiliation":[]},{"given":"Paulius","family":"Dapkus","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,10,6]]},"reference":[{"key":"1_CR1","unstructured":"Malware Statistics & Trends Report | AV-TEST. https:\/\/www.av-test.org\/en\/statistics\/malware\/. Accessed 24 Feb 2022"},{"key":"1_CR2","unstructured":"Mahler, T., et al.: Know your enemy: characteristics of cyber-attacks on medical imaging devices. ArXiv180105583 Cs, February 2018. http:\/\/arxiv.org\/abs\/1801.05583. Accessed 24 Feb 2022"},{"key":"1_CR3","doi-asserted-by":"publisher","unstructured":"Samra, A.A.A., Qunoo, H.N., Al-Rubaie, F., El-Talli, H.: A survey of static android malware detection techniques. In: 2019 IEEE 7th Palestinian International Conference on Electrical and Computer Engineering (PICECE), pp. 1\u20136, March 2019. https:\/\/doi.org\/10.1109\/PICECE.2019.8747224","DOI":"10.1109\/PICECE.2019.8747224"},{"key":"1_CR4","doi-asserted-by":"publisher","unstructured":"Sayadi, H., et al.: Towards accurate run-time hardware-assisted stealthy malware detection: a lightweight, yet effective time series CNN-based approach. Cryptography 5(4), Art. no. 4 (2021). https:\/\/doi.org\/10.3390\/cryptography5040028","DOI":"10.3390\/cryptography5040028"},{"key":"1_CR5","doi-asserted-by":"publisher","unstructured":"Patil, S., et al.: Improving the robustness of AI-based malware detection using adversarial machine learning. Algorithms 14(10), Art. no. 10 (2021). https:\/\/doi.org\/10.3390\/a14100297","DOI":"10.3390\/a14100297"},{"key":"1_CR6","doi-asserted-by":"publisher","unstructured":"You, I., Yim, K.: Malware obfuscation techniques: a brief survey. In: 2010 International Conference on Broadband, Wireless Computing, Communication and Applications, pp. 297\u2013300, November 2010. https:\/\/doi.org\/10.1109\/BWCCA.2010.85","DOI":"10.1109\/BWCCA.2010.85"},{"key":"1_CR7","doi-asserted-by":"publisher","unstructured":"Sung, A.H., Xu, J., Chavez, P., Mukkamala, S.: Static analyzer of vicious executables (SAVE). In: 20th Annual Computer Security Applications Conference, pp. 326\u2013334, December 2004. https:\/\/doi.org\/10.1109\/CSAC.2004.37","DOI":"10.1109\/CSAC.2004.37"},{"key":"1_CR8","doi-asserted-by":"publisher","unstructured":"Awan, M.J., et al.: Image-based malware classification using VGG19 network and spatial convolutional attention. Electronics 10(19), Art. no. 19 (2021). https:\/\/doi.org\/10.3390\/electronics10192444","DOI":"10.3390\/electronics10192444"},{"key":"1_CR9","doi-asserted-by":"publisher","unstructured":"El-Shafai, W., Almomani, I., AlKhayer, A.: Visualized malware multi-classification framework using fine-tuned CNN-based transfer learning models. Appl. Sci. 11(14), Art. no. 14 (2021). https:\/\/doi.org\/10.3390\/app11146446","DOI":"10.3390\/app11146446"},{"key":"1_CR10","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1016\/j.jpdc.2020.03.012","volume":"141","author":"G Xiao","year":"2020","unstructured":"Xiao, G., Li, J., Chen, Y., Li, K.: MalFCS: an effective malware classification framework with automated feature extraction based on deep convolutional neural networks. J. Parallel Distrib. Comput. 141, 49\u201358 (2020). https:\/\/doi.org\/10.1016\/j.jpdc.2020.03.012","journal-title":"J. Parallel Distrib. Comput."},{"key":"1_CR11","doi-asserted-by":"publisher","DOI":"10.1016\/j.adhoc.2020.102154","volume":"105","author":"H Naeem","year":"2020","unstructured":"Naeem, H., et al.: Malware detection in industrial internet of things based on hybrid image visualization and deep learning model. Ad Hoc Netw. 105, 102154 (2020). https:\/\/doi.org\/10.1016\/j.adhoc.2020.102154","journal-title":"Ad Hoc Netw."},{"key":"1_CR12","doi-asserted-by":"publisher","unstructured":"Manavi, F., Hamzeh, A.: A new method for ransomware detection based on PE header using convolutional neural networks. In: 2020 17th International ISC Conference on Information Security and Cryptology (ISCISC), pp. 82\u201387, September 2020. https:\/\/doi.org\/10.1109\/ISCISC51277.2020.9261903","DOI":"10.1109\/ISCISC51277.2020.9261903"},{"key":"1_CR13","doi-asserted-by":"publisher","unstructured":"Rezaei, T., Hamze, A.: An efficient approach for malware detection using PE header specifications. In: 2020 6th International Conference on Web Research (ICWR), pp. 234\u2013239, April 2020. https:\/\/doi.org\/10.1109\/ICWR49608.2020.9122312","DOI":"10.1109\/ICWR49608.2020.9122312"},{"key":"1_CR14","doi-asserted-by":"publisher","unstructured":"Chen, Z., Xie, Z., Zhang, W., Xu, X.: ResNet and model fusion for automatic spoofing detection. In: Interspeech 2017, pp. 102\u2013106, August 2017. https:\/\/doi.org\/10.21437\/Interspeech.2017-1085","DOI":"10.21437\/Interspeech.2017-1085"},{"key":"1_CR15","doi-asserted-by":"publisher","unstructured":"Ha, J., Roh, H.: Experimental evaluation of malware family classification methods from sequential information of TLS-encrypted traffic. Electronics 10(24), Art. no. 24 (2021). https:\/\/doi.org\/10.3390\/electronics10243180","DOI":"10.3390\/electronics10243180"},{"key":"1_CR16","doi-asserted-by":"publisher","unstructured":"Elkhawas, A.I., Abdelbaki, N.: Malware detection using opcode trigram sequence with SVM. In: 2018 26th International Conference on Software, Telecommunications and Computer Networks (SoftCOM), pp. 1\u20136, September 2018. https:\/\/doi.org\/10.23919\/SOFTCOM.2018.8555738","DOI":"10.23919\/SOFTCOM.2018.8555738"},{"key":"1_CR17","doi-asserted-by":"publisher","unstructured":"Mohammed, T.M., Nataraj, L., Chikkagoudar, S., Chandrasekaran, S., Manjunath, B.S.: HAPSSA: holistic approach to PDF malware detection using signal and statistical analysis. In: MILCOM 2021 - 2021 IEEE Military Communications Conference (MILCOM), pp. 709\u2013714, November 2021. https:\/\/doi.org\/10.1109\/MILCOM52596.2021.9653097","DOI":"10.1109\/MILCOM52596.2021.9653097"},{"key":"1_CR18","doi-asserted-by":"publisher","unstructured":"Elnaggar, R., Servadei, L., Mathur, S., Wille, R., Ecker, W., Chakrabarty, K.: Accurate and robust malware detection: running XGBoost on run-time data from performance counters. IEEE Trans. Comput.-Aided Des. Integr. Circ. Syst. 1 (2021). https:\/\/doi.org\/10.1109\/TCAD.2021.3102007","DOI":"10.1109\/TCAD.2021.3102007"},{"key":"1_CR19","doi-asserted-by":"publisher","unstructured":"Tajoddin, A., Jalili, S.: HM3alD: polymorphic malware detection using program behavior-aware hidden Markov model. Appl. Sci. 8(7), Art. no. 7 (2018). https:\/\/doi.org\/10.3390\/app8071044","DOI":"10.3390\/app8071044"},{"key":"1_CR20","doi-asserted-by":"publisher","unstructured":"Wu, D., Guo, P., Wang, P.: Malware detection based on cascading XGBoost and cost sensitive. In: 2020 International Conference on Computer Communication and Network Security (CCNS), pp. 201\u2013205, August 2020. https:\/\/doi.org\/10.1109\/CCNS50731.2020.00051","DOI":"10.1109\/CCNS50731.2020.00051"},{"key":"1_CR21","doi-asserted-by":"publisher","unstructured":"Feizollah, A., Anuar, N.B., Salleh, R., Amalina, F.: Comparative study of k-means and mini batch k-means clustering algorithms in android malware detection using network traffic analysis. In: 2014 International Symposium on Biometrics and Security Technologies (ISBAST), pp. 193\u2013197, August 2014. https:\/\/doi.org\/10.1109\/ISBAST.2014.7013120","DOI":"10.1109\/ISBAST.2014.7013120"},{"key":"1_CR22","doi-asserted-by":"publisher","unstructured":"Fan, M., et al.: Graph embedding based familial analysis of android malware using unsupervised learning. In: 2019 IEEE\/ACM 41st International Conference on Software Engineering (ICSE), pp. 771\u2013782, May 2019. https:\/\/doi.org\/10.1109\/ICSE.2019.00085","DOI":"10.1109\/ICSE.2019.00085"},{"key":"1_CR23","unstructured":"Demetrio, L., Biggio, B., Lagorio, G., Roli, F., Armando, A.: Explaining vulnerabilities of deep learning to adversarial malware binaries. ArXiv190103583 Cs, January 2019. http:\/\/arxiv.org\/abs\/1901.03583. Accessed 27 Feb 2022"},{"key":"1_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"240","DOI":"10.1007\/978-3-030-88418-5_12","volume-title":"Computer Security \u2013 ESORICS 2021","author":"ME Ahmed","year":"2021","unstructured":"Ahmed, M.E., Kim, H., Camtepe, S., Nepal, S.: Peeler: profiling kernel-level events to detect ransomware. In: Bertino, E., Shulman, H., Waidner, M. (eds.) ESORICS 2021. LNCS, vol. 12972, pp. 240\u2013260. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-88418-5_12"},{"key":"1_CR25","doi-asserted-by":"publisher","first-page":"889","DOI":"10.1007\/978-3-030-22277-2_36","volume-title":"Handbook of Computer Networks and Cyber Security","author":"M Al-Kasassbeh","year":"2020","unstructured":"Al-Kasassbeh, M., Mohammed, S., Alauthman, M., Almomani, A.: Feature selection using a machine learning to classify a malware. In: Gupta, B.B., Perez, G.M., Agrawal, D.P., Gupta, D. (eds.) Handbook of Computer Networks and Cyber Security, pp. 889\u2013904. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-22277-2_36"},{"key":"1_CR26","doi-asserted-by":"publisher","unstructured":"Oyama, Y., Miyashita, T., Kokubo, H.: Identifying useful features for malware detection in the ember dataset. In: 2019 Seventh International Symposium on Computing and Networking Workshops (CANDARW), pp. 360\u2013366, November 2019. https:\/\/doi.org\/10.1109\/CANDARW.2019.00069","DOI":"10.1109\/CANDARW.2019.00069"},{"key":"1_CR27","unstructured":"Anderson, H.S., Roth, P.: EMBER: an open dataset for training static PE malware machine learning models. ArXiv180404637 Cs, April 2018. http:\/\/arxiv.org\/abs\/1804.04637. Accessed 26 Mar 2022"},{"issue":"8","key":"1_CR28","doi-asserted-by":"publisher","first-page":"2688","DOI":"10.1109\/TMI.2020.2993291","volume":"39","author":"Y Oh","year":"2020","unstructured":"Oh, Y., Park, S., Ye, J.C.: Deep learning COVID-19 features on CXR using limited training data sets. IEEE Trans. Med. Imaging 39(8), 2688\u20132700 (2020). https:\/\/doi.org\/10.1109\/TMI.2020.2993291","journal-title":"IEEE Trans. Med. Imaging"},{"key":"1_CR29","unstructured":"Ni, K., et al.: Large-scale deep learning on the YFCC100M dataset. ArXiv150203409 Cs, February 2015. http:\/\/arxiv.org\/abs\/1502.03409. Accessed 01 Apr 2022"},{"key":"1_CR30","unstructured":"VirusShare.com. https:\/\/virusshare.com\/. Accessed 22 Jan 2022"},{"key":"1_CR31","unstructured":"MalwareBazaar | Malware sample exchange. https:\/\/bazaar.abuse.ch\/. Accessed 22 Jan 2022"},{"key":"1_CR32","doi-asserted-by":"publisher","unstructured":"Hemalatha, J., Roseline, S.A., Geetha, S., Kadry, S., Dama\u0161evi\u010dius, R.: An efficient DenseNet-based deep learning model for malware detection. Entropy 23(3), Art. no. 3 (2021). https:\/\/doi.org\/10.3390\/e23030344","DOI":"10.3390\/e23030344"},{"key":"1_CR33","unstructured":"Margaritelli, S.: Evilsocket\/ergo (2022). https:\/\/github.com\/evilsocket\/ergo. Accessed 22 Jan 2022"},{"issue":"2","key":"1_CR34","doi-asserted-by":"publisher","first-page":"171","DOI":"10.1023\/A:1010920819831","volume":"45","author":"DJ Hand","year":"2001","unstructured":"Hand, D.J., Till, R.J.: A simple generalisation of the area under the ROC curve for multiple class classification problems. Mach. Learn. 45(2), 171\u2013186 (2001). https:\/\/doi.org\/10.1023\/A:1010920819831","journal-title":"Mach. Learn."},{"key":"1_CR35","unstructured":"Targ, S., Almeida, D., Lyman, K.: Resnet in Resnet: generalizing residual architectures. ArXiv160308029 Cs Stat, March 2016. http:\/\/arxiv.org\/abs\/1603.08029. Accessed 22 Jan 2022"},{"key":"1_CR36","doi-asserted-by":"publisher","unstructured":"Zhu, Y., Newsam, S.: DenseNet for dense flow. In: 2017 IEEE International Conference on Image Processing (ICIP), pp. 790\u2013794, September 2017. https:\/\/doi.org\/10.1109\/ICIP.2017.8296389","DOI":"10.1109\/ICIP.2017.8296389"},{"key":"1_CR37","unstructured":"van Laarhoven, T.: L2 regularization versus batch and weight normalization. ArXiv170605350 Cs Stat, June 2017. http:\/\/arxiv.org\/abs\/1706.05350. Accessed 22 Jan 202"}],"container-title":["Communications in Computer and Information Science","Information and Software Technologies"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-16302-9_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,10,5]],"date-time":"2022-10-05T23:22:47Z","timestamp":1665012167000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-16302-9_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031163012","9783031163029"],"references-count":37,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-16302-9_1","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"value":"1865-0929","type":"print"},{"value":"1865-0937","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"6 October 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICIST","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information and Software Technologies","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Kaunas","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Lithuania","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 October 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15 October 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icist2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/icist.ktu.edu\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"66","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"23","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"35% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}