{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T15:34:18Z","timestamp":1743003258856,"version":"3.40.3"},"publisher-location":"Cham","reference-count":34,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783031212796"},{"type":"electronic","value":"9783031212802"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-21280-2_13","type":"book-chapter","created":{"date-parts":[[2022,11,18]],"date-time":"2022-11-18T08:30:15Z","timestamp":1668760215000},"page":"233-251","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Using API Calls for Sequence-Pattern Feature Mining-Based Malware Detection"],"prefix":"10.1007","author":[{"given":"Gheorghe","family":"Balan","sequence":"first","affiliation":[]},{"given":"Drago\u015f Teodor","family":"Gavrilu\u0163","sequence":"additional","affiliation":[]},{"given":"Henri","family":"Luchian","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,11,19]]},"reference":[{"key":"13_CR1","doi-asserted-by":"publisher","unstructured":"Ahmadi, M., Ulyanov, D., Semenov, S., Trofimov, M., Giacinto, G.: Novel feature extraction, selection and fusion for effective malware family classification. In: Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy, pp. 183\u2013194 (2016). https:\/\/doi.org\/10.1145\/2857705.2857713","DOI":"10.1145\/2857705.2857713"},{"key":"13_CR2","doi-asserted-by":"publisher","unstructured":"Alazab, M., Venkatraman, S., Watters, P.: Towards understanding malware behaviour by the extraction of API calls. In: 2010 Second Cybercrime and Trustworthy Computing Workshop, pp. 52\u201359 (2010). https:\/\/doi.org\/10.1109\/CTC.2010.8","DOI":"10.1109\/CTC.2010.8"},{"key":"13_CR3","doi-asserted-by":"publisher","unstructured":"Amer, E., El-Sappagh, S., Hu, J.: Contextual identification of windows malware through semantic interpretation of API call sequence. Appl. Sci. 10(21), 7673 (10 2020). https:\/\/doi.org\/10.3390\/app10217673","DOI":"10.3390\/app10217673"},{"key":"13_CR4","doi-asserted-by":"publisher","unstructured":"Amer, E., Zelinka, I.: A dynamic windows malware detection and prediction method based on contextual understanding of API call sequence. Comput. Secur. 92, 101760 (2020). https:\/\/doi.org\/10.1016\/j.cose.2020.101760","DOI":"10.1016\/j.cose.2020.101760"},{"key":"13_CR5","unstructured":"Anderson, H.: Evading Machine Learning Malware Detection (2017)"},{"key":"13_CR6","unstructured":"Anderson, H., Kharkar, A., Filar, B., Evans, D., Roth, P.: Learning to evade static PE machine learning malware models via reinforcement learning (2018)"},{"key":"13_CR7","doi-asserted-by":"publisher","unstructured":"Apicella, A., Donnarumma, F., Isgr\u00f3, F., Prevete, R.: A survey on modern trainable activation functions. Neural Netw. 138, 14\u201332 (2021). https:\/\/doi.org\/10.1016\/j.neunet.2021.01.026","DOI":"10.1016\/j.neunet.2021.01.026"},{"key":"13_CR8","doi-asserted-by":"publisher","unstructured":"Athiwaratkun, B., Stokes, J.: Malware classification with LSTM and GRU language models and a character-level cnn. In: 2017 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), pp. 2482\u20132486 (2017). https:\/\/doi.org\/10.1109\/ICASSP.2017.7952603","DOI":"10.1109\/ICASSP.2017.7952603"},{"key":"13_CR9","doi-asserted-by":"publisher","unstructured":"Balan, G., Popescu, A.: Detecting java compiled malware using machine learning techniques. In: 2018 20th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC), pp. 435\u2013439 (2018). https:\/\/doi.org\/10.1109\/SYNASC.2018.00073","DOI":"10.1109\/SYNASC.2018.00073"},{"key":"13_CR10","doi-asserted-by":"publisher","unstructured":"Bucevschi, A., Balan, G., Prelipcean, D.B.: Preventing file-less attacks with machine learning techniques. In: 2019 21st International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC), pp. 248\u2013252 (2019). https:\/\/doi.org\/10.1109\/SYNASC49474.2019.00042","DOI":"10.1109\/SYNASC49474.2019.00042"},{"key":"13_CR11","doi-asserted-by":"publisher","unstructured":"Chen, W., Wang, Z., Chen, D.: An emulator for executing IA-32 applications on arm-based systems. J. Comput. 5(7), 1133\u20131141 (2010). https:\/\/doi.org\/10.4304\/jcp.5.7.1133-1141","DOI":"10.4304\/jcp.5.7.1133-1141"},{"key":"13_CR12","doi-asserted-by":"publisher","unstructured":"Choi, S., Bae, J., Lee, C., Kim, Y., Kim, J.: Attention-based automated feature extraction for malware analysis. Sensors 20(10), 2893 (2020). https:\/\/doi.org\/10.3390\/s20102893","DOI":"10.3390\/s20102893"},{"key":"13_CR13","doi-asserted-by":"publisher","unstructured":"Elhadi, A., Maarof, M., Barry, B.: Improving the detection of malware behaviour using simplified data dependent API call graph. Int. J. Secur. Appl. 7, 29\u201342 (2013). https:\/\/doi.org\/10.14257\/ijsia.2013.7.5.03","DOI":"10.14257\/ijsia.2013.7.5.03"},{"key":"13_CR14","doi-asserted-by":"crossref","unstructured":"Elhadi, A., Maarof, M., Hamza Osman, A.: Malware detection based on hybrid signature behaviour application programming interface call graph. Am. J. Appl. Sci. 9, 283\u2013288 (2012)","DOI":"10.3844\/ajassp.2012.283.288"},{"key":"13_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1007\/978-3-030-41579-2_2","volume-title":"Information and Communications Security","author":"F Fadadu","year":"2020","unstructured":"Fadadu, F., Handa, A., Kumar, N., Shukla, S.K.: Evading API call sequence based malware classifiers. In: Zhou, J., Luo, X., Shen, Q., Xu, Z. (eds.) ICICS 2019. LNCS, vol. 11999, pp. 18\u201333. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-41579-2_2"},{"key":"13_CR16","doi-asserted-by":"publisher","unstructured":"Gavrilu\u0163, D., Benchea, R., Vatamanu, C.: Optimized zero false positives perceptron training for malware detection. In: 2012 14th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing, pp. 247\u2013253 (2012).https:\/\/doi.org\/10.1109\/SYNASC.2012.34","DOI":"10.1109\/SYNASC.2012.34"},{"key":"13_CR17","doi-asserted-by":"publisher","unstructured":"Gavrilu\u0163, D., Cimpoesu, M., Anton, D., Ciortuz, L.: Malware detection using machine learning (2009). In: 2009 International Multiconference on Computer Science and Information Technology, pp. 735\u2013741. https:\/\/doi.org\/10.1109\/IMCSIT.2009.5352759","DOI":"10.1109\/IMCSIT.2009.5352759"},{"key":"13_CR18","doi-asserted-by":"publisher","unstructured":"Gavrilu\u0163, D., Cimpoesu, M., Anton, D., Ciortuz, L.: Malware detection using perceptrons and support vector machines. In: 2009 Computation World: Future Computing, Service Computation, Cognitive, Adaptive, Content, Patterns, pp. 283\u2013288 (2009). https:\/\/doi.org\/10.1109\/ComputationWorld.2009.85","DOI":"10.1109\/ComputationWorld.2009.85"},{"key":"13_CR19","doi-asserted-by":"publisher","unstructured":"Ki, Y., Kim, E., Kim, H.K.: A novel approach to detect malware based on API call sequence analysis. Int. J. Distrib. Sens. Netw. 1\u20139 (2015). https:\/\/doi.org\/10.1155\/2015\/659101","DOI":"10.1155\/2015\/659101"},{"issue":"1","key":"13_CR20","doi-asserted-by":"publisher","first-page":"921","DOI":"10.1007\/s10586-017-1110-2","volume":"22","author":"H Kim","year":"2017","unstructured":"Kim, H., Kim, J., Kim, Y., Kim, I., Kim, K.J., Kim, H.: Improvement of malware detection and classification using API call sequence alignment and visualization. Cluster Comput. 22(1), 921\u2013929 (2017). https:\/\/doi.org\/10.1007\/s10586-017-1110-2","journal-title":"Cluster Comput."},{"key":"13_CR21","unstructured":"Kingma, D., Ba, J.: Adam: a method for stochastic optimization. In: International Conference on Learning Representations (2014)"},{"key":"13_CR22","unstructured":"Lin, C.T., Wang, N.J., Xiao, H., Eckert, C.: Feature selection and extraction for malware classification. J. Inf. Sci. Eng. 31(3), 965\u2013992 (2015)"},{"issue":"2","key":"13_CR23","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1007\/s11416-017-0291-9","volume":"14","author":"CV Li\u0163\u0103","year":"2017","unstructured":"Li\u0163\u0103, C.V., Cosovan, D., Gavrilu\u0163, D.: Anti-emulation trends in modern packers: a survey on the evolution of anti-emulation techniques in UPA packers. J. Comput. Virol. Hacking Tech. 14(2), 107\u2013126 (2017). https:\/\/doi.org\/10.1007\/s11416-017-0291-9","journal-title":"J. Comput. Virol. Hacking Tech."},{"key":"13_CR24","doi-asserted-by":"publisher","unstructured":"Pascanu, R., Stokes, J., Sanossian, H., Marinescu, M., Thomas, A.: Malware classification with recurrent networks. In: 2015 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), pp. 1916\u20131920 (2015). https:\/\/doi.org\/10.1109\/ICASSP.2015.7178304","DOI":"10.1109\/ICASSP.2015.7178304"},{"key":"13_CR25","doi-asserted-by":"publisher","unstructured":"Rabadi, D., Teo, S.: Advanced windows methods on malware detection and classification. In: Annual Computer Security Applications Conference, pp. 54\u201368 (2020). https:\/\/doi.org\/10.1145\/3427228.3427242","DOI":"10.1145\/3427228.3427242"},{"key":"13_CR26","doi-asserted-by":"publisher","unstructured":"Ranveer, S., Hiray, S.: Comparative analysis of feature extraction methods of malware detection. Int. J. Comput. Appl. 120, 1\u20137 (2015). https:\/\/doi.org\/10.5120\/21220-3960","DOI":"10.5120\/21220-3960"},{"key":"13_CR27","doi-asserted-by":"publisher","unstructured":"Shankarapani, M., Ramamoorthy, S., Movva, R., Mukkamala, S.: Malware detection using assembly and API call sequences. J. Comput. Virol. 7, 107\u2013119 (2011). https:\/\/doi.org\/10.1007\/s11416-010-0141-5","DOI":"10.1007\/s11416-010-0141-5"},{"key":"13_CR28","doi-asserted-by":"publisher","unstructured":"Sundarkumar, G., Vadlamani, R., Nwogu, I., Govindaraju, V.: Malware detection via API calls, topic models and machine learning. In: 2015 IEEE International Conference on Automation Science and Engineering (CASE), pp. 1212\u20131217 (2015). https:\/\/doi.org\/10.1109\/CoASE.2015.7294263","DOI":"10.1109\/CoASE.2015.7294263"},{"key":"13_CR29","doi-asserted-by":"publisher","unstructured":"Tahir, R.: A study on malware and malware detection techniques. Int. J. Educ. Manag. Eng. 8, 20\u201330 (2018). https:\/\/doi.org\/10.5815\/ijeme.2018.02.03","DOI":"10.5815\/ijeme.2018.02.03"},{"key":"13_CR30","doi-asserted-by":"publisher","unstructured":"Uppal, D., Sinha, R., Mehra, V., Jain, V.: Malware detection and classification based on extraction of API sequences. In: 2014 International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 2337\u20132342 (2014). https:\/\/doi.org\/10.1109\/ICACCI.2014.6968547","DOI":"10.1109\/ICACCI.2014.6968547"},{"key":"13_CR31","doi-asserted-by":"publisher","unstructured":"Vitel, S., Balan, G., Prelipcean, D.B.: Improving detection of malicious office documents using one-side classifiers. In: 2019 21st International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC), pp. 243\u2013247 (09 2019). https:\/\/doi.org\/10.1109\/SYNASC49474.2019.00041","DOI":"10.1109\/SYNASC49474.2019.00041"},{"key":"13_CR32","doi-asserted-by":"publisher","unstructured":"Xu, K., Li, Y., Deng, R., Chen, K., Xu, J.: Droidevolver: self-evolving android malware detection system. In: 2019 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 47\u201362 (2019). https:\/\/doi.org\/10.1109\/EuroSP.2019.00014","DOI":"10.1109\/EuroSP.2019.00014"},{"key":"13_CR33","unstructured":"Zuech, R., Khoshgoftaar, T.: A survey on feature selection for intrusion detection. In: Proceedings of the 21st ISSAT International Conference on Reliability and Quality in Design, pp. 150\u2013155 (2015)"},{"key":"13_CR34","doi-asserted-by":"publisher","unstructured":"\u0160tursa, D., Dole\u017eel, P.: Comparison of ReLU and linear saturated activation functions in neural network for universal approximation. In: 2019 22nd International Conference on Process Control (PC19) pp. 146\u2013151 (2019). https:\/\/doi.org\/10.1109\/PC.2019.8815057","DOI":"10.1109\/PC.2019.8815057"}],"container-title":["Lecture Notes in Computer Science","Information Security Practice and Experience"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-21280-2_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,11,18]],"date-time":"2022-11-18T08:33:06Z","timestamp":1668760386000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-21280-2_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031212796","9783031212802"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-21280-2_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"19 November 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ISPEC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Security Practice and Experience","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Taipei","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Taiwan","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 November 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 November 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ispec2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/ispec2022.ndhu.edu.tw\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"87","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"33","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"38% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2.3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2 invited papers","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}