{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T19:03:10Z","timestamp":1742929390973,"version":"3.40.3"},"publisher-location":"Cham","reference-count":33,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783031212796"},{"type":"electronic","value":"9783031212802"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-21280-2_16","type":"book-chapter","created":{"date-parts":[[2022,11,18]],"date-time":"2022-11-18T08:30:15Z","timestamp":1668760215000},"page":"287-305","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Detection of\u00a0MSOffice-Embedded Malware: Feature Mining and\u00a0Short- vs. Long-Term Performance"],"prefix":"10.1007","author":[{"given":"Silviu","family":"Vi\u0163el","sequence":"first","affiliation":[]},{"given":"Marilena","family":"Lupa\u015fcu","sequence":"additional","affiliation":[]},{"given":"Drago\u015f Teodor","family":"Gavrilu\u0163","sequence":"additional","affiliation":[]},{"given":"Henri","family":"Luchian","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,11,19]]},"reference":[{"key":"16_CR1","unstructured":"Aboud, E., O\u2019Brien, D.: Detection of malicious VBA macros using machine learning methods (2018)"},{"key":"16_CR2","doi-asserted-by":"crossref","unstructured":"Azeez, N.A., Odufuwa, O.E., Misra, S., Oluranti, J., Dama\u0161evi\u010dius, R.: Windows PE malware detection using ensemble learning. Informatics 8(1) (2021)","DOI":"10.3390\/informatics8010010"},{"key":"16_CR3","doi-asserted-by":"crossref","unstructured":"Bearden, R., Lo, D.C.T.: Automated Microsoft office macro malware detection using machine learning. In: 2017 IEEE International Conference on Big Data (2017)","DOI":"10.1109\/BigData.2017.8258483"},{"key":"16_CR4","doi-asserted-by":"crossref","unstructured":"Casino, F., Totosis, N., Apostolopoulos, T., Lykousas, N., Patsakis, C.: Analysis and correlation of visual evidence in campaigns of malicious office documents (2021)","DOI":"10.1145\/3513025"},{"key":"16_CR5","doi-asserted-by":"crossref","unstructured":"Cohen, A., Nissim, N., Rokach, L., Elovici, Y.: SFEM: structural feature extraction methodology for the detection of malicious office documents using machine learning methods. Expert Syst. Appl. 63 (2016)","DOI":"10.1016\/j.eswa.2016.07.010"},{"key":"16_CR6","unstructured":"Collberg, C., Thomborson, C.: A taxonomy of obfuscating transformations (1997)"},{"key":"16_CR7","unstructured":"Ertaul, L., Venkatesh, S.: JHide-a tool kit for code obfuscation. In: IASTED Conference on Software Engineering and Applications, pp. 133\u2013138 (2004)"},{"key":"16_CR8","unstructured":"Ertaul, L., Venkatesh, S.: Novel obfuscation algorithms for software security. In: Proceedings of the 2005 International Conference on Software Engineering Research and Practice, SERP, vol. 5. Citeseer (2005)"},{"key":"16_CR9","unstructured":"Gabor, S.: VBA is not dead! Virus Bulletin (2014). https:\/\/www.virusbulletin.com\/virusbulletin\/2014\/07\/vba-not-dead"},{"key":"16_CR10","doi-asserted-by":"crossref","unstructured":"Huneault-Leblanc, S., Talhi, C.: P-code based classification to detect malicious VBA macro. In: 2020 International Symposium on Networks, Computers and Communications (ISNCC), pp. 1\u20136. IEEE (2020)","DOI":"10.1109\/ISNCC49221.2020.9297272"},{"key":"16_CR11","doi-asserted-by":"crossref","unstructured":"Iwamoto, K., Wasaki, K.: A method for shellcode extraction from malicious document files using entropy and emulation (2015)","DOI":"10.7763\/IJET.2016.V6.866"},{"key":"16_CR12","doi-asserted-by":"crossref","unstructured":"Kim, S., Hong, S., Oh, J., Lee, H.: Obfuscated VBA macro detection using machine learning. In: DSN, pp. 490\u2013501. IEEE Computer Society (2018)","DOI":"10.1109\/DSN.2018.00057"},{"key":"16_CR13","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102582","volume":"114","author":"V Koutsokostas","year":"2022","unstructured":"Koutsokostas, V., et al.: Invoice# 31415 attached: automated analysis of malicious Microsoft office documents. Comput. Secur. 114, 102582 (2022)","journal-title":"Comput. Secur."},{"key":"16_CR14","doi-asserted-by":"crossref","unstructured":"Li, W., Stolfo, S., Stavrou, A., Androulaki, E., Keromytis, A.: A study of malcode-bearing documents (2007)","DOI":"10.1007\/978-3-540-73614-1_14"},{"key":"16_CR15","doi-asserted-by":"publisher","unstructured":"Lu, X., Wang, F., Shu, Z.: Malicious word document detection based on multi-view features learning, pp. 1\u20136 (2019). https:\/\/doi.org\/10.1109\/ICCCN.2019.8846940","DOI":"10.1109\/ICCCN.2019.8846940"},{"key":"16_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"714","DOI":"10.1007\/978-3-030-36938-5_46","volume-title":"Network and System Security","author":"M Mimura","year":"2019","unstructured":"Mimura, M.: Using sparse composite document vectors to classify VBA macros. In: Liu, J.K., Huang, X. (eds.) NSS 2019. LNCS, vol. 11928, pp. 714\u2013720. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-36938-5_46"},{"key":"16_CR17","doi-asserted-by":"publisher","first-page":"204709","DOI":"10.1109\/ACCESS.2020.3037330","volume":"8","author":"M Mimura","year":"2020","unstructured":"Mimura, M.: An improved method of detecting macro malware on an imbalanced dataset. IEEE Access 8, 204709\u2013204717 (2020)","journal-title":"IEEE Access"},{"key":"16_CR18","doi-asserted-by":"crossref","unstructured":"Mimura, M.: Using fake text vectors to improve the sensitivity of minority class for macro malware detection (2020)","DOI":"10.1016\/j.jisa.2020.102600"},{"key":"16_CR19","first-page":"555","volume":"27","author":"M Mimura","year":"2019","unstructured":"Mimura, M., Miura, H.: Detecting unseen malicious VBA macros with NLP techniques. J. Inf. Process. 27, 555\u2013563 (2019)","journal-title":"J. Inf. Process."},{"key":"16_CR20","doi-asserted-by":"crossref","unstructured":"Moubarak, J., Feghali, T.: Comparing machine learning techniques for malware detection. In: ICISSP (2020)","DOI":"10.5220\/0009373708440851"},{"key":"16_CR21","doi-asserted-by":"crossref","unstructured":"Nissim, N., Cohen, A., Elovici, Y.: ALDOCX: detection of unknown malicious Microsoft office documents using designated active learning methods based on new structural feature extraction methodology (2016)","DOI":"10.1109\/ICMLA.2015.52"},{"key":"16_CR22","unstructured":"Otsubo, Y.: O-checker: detection of malicious documents through deviation from file format specifications (2016)"},{"key":"16_CR23","doi-asserted-by":"crossref","unstructured":"Ravi, V., Gururaj, S., Vedamurthy, H., Nirmala, M.: Analysing corpus of office documents for macro-based attacks using machine learning (2022)","DOI":"10.1016\/j.gltp.2022.04.004"},{"key":"16_CR24","doi-asserted-by":"crossref","unstructured":"Rudd, E.M., Harang, R.E., Saxe, J.: MEADE: towards a malicious email attachment detection engine. CoRR abs\/1804.08162 (2018)","DOI":"10.1109\/THS.2018.8574202"},{"key":"16_CR25","doi-asserted-by":"crossref","unstructured":"De los Santos, S., Torres, J.: Macro malware detection using machine learning techniques-a new approach. In: ICISSP, pp. 295\u2013302 (2017)","DOI":"10.5220\/0006132202950302"},{"key":"16_CR26","doi-asserted-by":"crossref","unstructured":"Schreck, T., Berger, S., G\u00f6bel, J.: BISSAM: automatic vulnerability identification of office documents (2012)","DOI":"10.1007\/978-3-642-37300-8_12"},{"key":"16_CR27","doi-asserted-by":"crossref","unstructured":"Smutz, C., Stavrou, A.: Preventing exploits in Microsoft office documents through content randomization (2015)","DOI":"10.1007\/978-3-319-26362-5_11"},{"key":"16_CR28","series-title":"Studies in Computational Intelligence","doi-asserted-by":"publisher","first-page":"203","DOI":"10.1007\/978-981-15-5495-7_11","volume-title":"Bio-inspired Neurocomputing","author":"T Szanda\u0142a","year":"2021","unstructured":"Szanda\u0142a, T.: Review and comparison of commonly used activation functions for deep neural networks. In: Bhoi, A.K., Mallick, P.K., Liu, C.-M., Balas, V.E. (eds.) Bio-inspired Neurocomputing. SCI, vol. 903, pp. 203\u2013224. Springer, Singapore (2021). https:\/\/doi.org\/10.1007\/978-981-15-5495-7_11"},{"key":"16_CR29","doi-asserted-by":"crossref","unstructured":"Tzermias, Z., Sykiotakis, G., Polychronakis, M., Markatos, E.: Combining static and dynamic analysis for the detection of malicious documents (2011)","DOI":"10.1145\/1972551.1972555"},{"key":"16_CR30","doi-asserted-by":"crossref","unstructured":"Wael, D., Sayed, S.G., Abdelbaki, N.: Enhanced approach to detect malicious VBScript files based on data mining techniques. In: Shakshuki, E.M., Yasar, A.U.H. (eds.) EUSPN\/ICTH. Procedia Computer Science, vol. 141, pp. 552\u2013558 (2018)","DOI":"10.1016\/j.procs.2018.10.127"},{"key":"16_CR31","doi-asserted-by":"crossref","unstructured":"Yang, S., Chen, W., Li, S., Xu, Q.: Approach using transforming structural data into image for detection of malicious MS-doc files based on deep learning models. In: 2019 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC), pp. 28\u201332 (2019)","DOI":"10.1109\/APSIPAASC47483.2019.9023208"},{"key":"16_CR32","doi-asserted-by":"crossref","unstructured":"You, I., Yim, K.: Malware obfuscation techniques: a brief survey. In: 2010 International Conference on Broadband, Wireless Computing, Communication and Applications, pp. 297\u2013300. IEEE (2010)","DOI":"10.1109\/BWCCA.2010.85"},{"key":"16_CR33","doi-asserted-by":"crossref","unstructured":"Yu, M., et al.: A unified malicious documents detection model based on two layers of abstraction (2019)","DOI":"10.1109\/HPCC\/SmartCity\/DSS.2019.00322"}],"container-title":["Lecture Notes in Computer Science","Information Security Practice and Experience"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-21280-2_16","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,11,18]],"date-time":"2022-11-18T08:33:58Z","timestamp":1668760438000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-21280-2_16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031212796","9783031212802"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-21280-2_16","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"19 November 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ISPEC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Security Practice and Experience","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Taipei","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Taiwan","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 November 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 November 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ispec2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/ispec2022.ndhu.edu.tw\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"87","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"33","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"38% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2.3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2 invited papers","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}