{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,30]],"date-time":"2026-01-30T04:56:44Z","timestamp":1769749004568,"version":"3.49.0"},"publisher-location":"Cham","reference-count":39,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031355035","type":"print"},{"value":"9783031355042","type":"electronic"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-35504-2_4","type":"book-chapter","created":{"date-parts":[[2023,6,9]],"date-time":"2023-06-09T08:01:47Z","timestamp":1686297707000},"page":"69-88","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Madvex: Instrumentation-Based Adversarial Attacks on\u00a0Machine Learning Malware Detection"],"prefix":"10.1007","author":[{"given":"Nils","family":"Loose","sequence":"first","affiliation":[]},{"given":"Felix","family":"M\u00e4chtle","sequence":"additional","affiliation":[]},{"given":"Claudius","family":"Pott","sequence":"additional","affiliation":[]},{"given":"Volodymyr","family":"Bezsmertnyi","sequence":"additional","affiliation":[]},{"given":"Thomas","family":"Eisenbarth","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,6,10]]},"reference":[{"key":"4_CR1","unstructured":"WebAssembly Core Specification. https:\/\/www.w3.org\/TR\/wasm-core-2\/"},{"key":"4_CR2","unstructured":"Ieee standard for floating-point arithmetic. IEEE Std 754\u20132019 (Revision of IEEE 754\u20132008) (2019)"},{"key":"4_CR3","unstructured":"Ba, J., Caruana, R.: Do deep nets really need to be deep? In: Advances in Neural Information Processing Systems, vol. 27 (2014)"},{"key":"4_CR4","series-title":"Lecture Notes in Computer Science (Lecture Notes in Artificial Intelligence)","doi-asserted-by":"publisher","first-page":"387","DOI":"10.1007\/978-3-642-40994-3_25","volume-title":"Machine Learning and Knowledge Discovery in Databases","author":"B Biggio","year":"2013","unstructured":"Biggio, B., Corona, I., Maiorca, D., Nelson, B., \u0160rndi\u0107, N., Laskov, P., Giacinto, G., Roli, F.: Evasion attacks against machine learning at test time. In: Blockeel, H., Kersting, K., Nijssen, S., \u017delezn\u00fd, F. (eds.) ECML PKDD 2013. LNCS (LNAI), vol. 8190, pp. 387\u2013402. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40994-3_25"},{"key":"4_CR5","doi-asserted-by":"crossref","unstructured":"de Boer, P., Kroese, D.P., Mannor, S., Rubinstein, R.Y.: A tutorial on the cross-entropy method. Ann. Oper. Res. 134(1) (2005)","DOI":"10.1007\/s10479-005-5724-z"},{"key":"4_CR6","unstructured":"Bytecodealliance: wasm-mutate (2023). https:\/\/github.com\/bytecodealliance\/wasm-tools\/tree\/main\/crates\/wasm-mutate. Accessed: 2023"},{"key":"4_CR7","doi-asserted-by":"crossref","unstructured":"Cabrera-Arteaga, J., Monperrus, M., Toady, T., Baudry, B.: Webassembly diversification for malware evasion (2022)","DOI":"10.1016\/j.cose.2023.103296"},{"key":"4_CR8","doi-asserted-by":"crossref","unstructured":"Carlini, N., Wagner, D.A.: Towards evaluating the robustness of neural networks. In: 2017 IEEE Symposium on Security and Privacy, SP 2017 (2017)","DOI":"10.1109\/SP.2017.49"},{"key":"4_CR9","doi-asserted-by":"crossref","unstructured":"Chen, B., Ren, Z., Yu, C., Hussain, I., Liu, J.: Adversarial examples for CNN-based malware detectors. IEEE Access 7 (2019)","DOI":"10.1109\/ACCESS.2019.2913439"},{"key":"4_CR10","doi-asserted-by":"crossref","unstructured":"Chen, L., Ye, Y., Bourlai, T.: Adversarial machine learning in malware detection: arms race between evasion attack and defense. In: European Intelligence and Security Informatics Conference, EISIC 2017 (2017)","DOI":"10.1109\/EISIC.2017.21"},{"key":"4_CR11","unstructured":"Dan Hubbard: Cisco Umbrella 1 Million (2021). https:\/\/umbrella.cisco.com\/blog\/cisco-umbrella-1-million. Accessed: 2023"},{"key":"4_CR12","doi-asserted-by":"crossref","unstructured":"Eskandari, S., Leoutsarakos, A., Mursch, T., Clark, J.: A first look at browser-based cryptojacking. In: 2018 IEEE European Symposium on Security and Privacy Workshops, EuroS &P Workshops 2018 (2018)","DOI":"10.1109\/EuroSPW.2018.00014"},{"key":"4_CR13","unstructured":"Goodfellow, I., Shlens, J., Szegedy, C.: Explaining and harnessing adversarial examples (2014)"},{"key":"4_CR14","doi-asserted-by":"crossref","unstructured":"Hilbig, A., Lehmann, D., Pradel, M.: An empirical study of real-world webassembly binaries: security, languages, use cases. In: WWW \u201921: The Web Conference 2021. ACM\/IW3C2 (2021)","DOI":"10.1145\/3442381.3450138"},{"key":"4_CR15","doi-asserted-by":"crossref","unstructured":"Kharraz, A., et al.: Outguard: detecting in-browser covert cryptocurrency mining in the wild. In: The World Wide Web Conference, WWW 2019 (2019)","DOI":"10.1145\/3308558.3313665"},{"key":"4_CR16","unstructured":"Khormali, A., Abusnaina, A., Chen, S., Nyang, D., Mohaisen, A.: Copycat: practical adversarial attacks on visualization-based malware detection (2019)"},{"key":"4_CR17","doi-asserted-by":"crossref","unstructured":"Konoth, R.K., Vineti, E., Moonsamy, V., Lindorfer, M., Kruegel, C., Bos, H., Vigna, G.: Minesweeper: an in-depth look into drive-by cryptocurrency mining and its defense. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS (2018)","DOI":"10.1145\/3243734.3243858"},{"key":"4_CR18","unstructured":"Kreuk, F., Barak, A., Aviv-Reuven, S., Baruch, M., Pinkas, B., Keshet, J.: Deceiving end-to-end deep learning malware detectors using adversarial examples (2018)"},{"key":"4_CR19","unstructured":"Ling, X., et al.: Adversarial attacks against windows PE malware detection: a survey of the state-of-the-art. CoRR (2021)"},{"key":"4_CR20","doi-asserted-by":"crossref","unstructured":"Liu, X., Zhang, J., Lin, Y., Li, H.: ATMPA: attacking machine learning-based malware visualization detection methods via adversarial examples. In: Proceedings of the International Symposium on Quality of Service, IWQoS 2019 (2019)","DOI":"10.1145\/3326285.3329073"},{"key":"4_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"23","DOI":"10.1007\/978-3-030-22038-9_2","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"M Musch","year":"2019","unstructured":"Musch, M., Wressnegger, C., Johns, M., Rieck, K.: New kid on the web: a study on the prevalence of WebAssembly in the wild. In: Perdisci, R., Maurice, C., Giacinto, G., Almgren, M. (eds.) DIMVA 2019. LNCS, vol. 11543, pp. 23\u201342. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-22038-9_2"},{"key":"4_CR22","unstructured":"Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. Decentralized business review, p. 21260 (2008)"},{"key":"4_CR23","doi-asserted-by":"crossref","unstructured":"Naseem, F.N., Aris, A., Babun, L., Tekiner, E., Uluagac, A.S.: MINOS: a lightweight real-time cryptojacking detection system. In: 28th Annual Network and Distributed System Security Symposium, NDSS 2021 (2021)","DOI":"10.14722\/ndss.2021.24444"},{"key":"4_CR24","unstructured":"Noh, J.: WebAssembly Works (2008). https:\/\/github.com\/Snack-X\/wasm-works. Accessed: 2023"},{"key":"4_CR25","doi-asserted-by":"crossref","unstructured":"Papadopoulos, P., Ilia, P., Markatos, E.P.: Truth in web mining: Measuring the profitability and cost of cryptominers as a web monetization model (2018)","DOI":"10.1007\/978-3-030-30215-3_14"},{"key":"4_CR26","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P., Wu, X., Jha, S., Swami, A.: Distillation as a defense to adversarial perturbations against deep neural networks. In: Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016 (2016)","DOI":"10.1109\/SP.2016.41"},{"key":"4_CR27","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P.D., Goodfellow, I.J., Jha, S., Celik, Z.B., Swami, A.: Practical black-box attacks against machine learning. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, AsiaCCS 2017 (2017)","DOI":"10.1145\/3052973.3053009"},{"key":"4_CR28","doi-asserted-by":"crossref","unstructured":"Park, D., Khan, H., Yener, B.: Generation & evaluation of adversarial examples for malware obfuscation. In: 18th IEEE International Conference On Machine Learning And Applications, ICMLA 2019 (2019)","DOI":"10.1109\/ICMLA.2019.00210"},{"key":"4_CR29","doi-asserted-by":"crossref","unstructured":"Qiao, Y., Zhang, W., Tian, Z., Yang, L.T., Liu, Y., Alazab, M.: Adversarial malware sample generation method based on the prototype of deep learning detector. Comput. Secur. 119 (2022)","DOI":"10.1016\/j.cose.2022.102762"},{"key":"4_CR30","doi-asserted-by":"crossref","unstructured":"Rodriguez, J.D.P., Posegga, J.: RAPID: resource and api-based detection against in-browser miners. In: Proceedings of the 34th Annual Computer Security Applications Conference, ACSAC 2018 (2018)","DOI":"10.1145\/3274694.3274735"},{"key":"4_CR31","doi-asserted-by":"crossref","unstructured":"Romano, A., Zheng, Y., Wang, W.: Minerray: semantics-aware analysis for ever-evolving cryptojacking detection. In: 35th IEEE\/ACM International Conference on Automated Software Engineering, ASE 2020 (2020)","DOI":"10.1145\/3324884.3416580"},{"key":"4_CR32","doi-asserted-by":"crossref","unstructured":"Russo, M., Srndic, N., Laskov, P.: Detection of illicit cryptomining using network metadata. EURASIP J. Inf. Secur. 2021(1) (2021)","DOI":"10.1186\/s13635-021-00126-1"},{"key":"4_CR33","doi-asserted-by":"crossref","unstructured":"Suciu, O., Coull, S.E., Johns, J.: Exploring adversarial examples in malware detection. In: 2019 IEEE Security and Privacy Workshops, SP Workshops 2019 (2019)","DOI":"10.1109\/SPW.2019.00015"},{"key":"4_CR34","unstructured":"Szegedy, C., et al.: Intriguing properties of neural networks. In: 2nd International Conference on Learning Representations, ICLR 2014 (2014)"},{"key":"4_CR35","doi-asserted-by":"crossref","unstructured":"Tekiner, E., Acar, A., Uluagac, A.S., Kirda, E., Sel\u00e7uk, A.A.: Sok: Cryptojacking malware. In: IEEE European Symposium on Security and Privacy, EuroS &P (2021)","DOI":"10.1109\/EuroSP51992.2021.00019"},{"key":"4_CR36","unstructured":"Tram\u00e8r, F., Carlini, N., Brendel, W., Madry, A.: On adaptive attacks to adversarial example defenses. In: Advances in Neural Information Processing Systems 33: Annual Conference on Neural Information Processing Systems 2020, NeurIPS 2020 (2020)"},{"key":"4_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"122","DOI":"10.1007\/978-3-319-98989-1_7","volume-title":"Computer Security","author":"W Wang","year":"2018","unstructured":"Wang, W., Ferrell, B., Xu, X., Hamlen, K.W., Hao, S.: SEISMIC: SEcure in-lined script monitors for interrupting cryptojacks. In: Lopez, J., Zhou, J., Soriano, M. (eds.) ESORICS 2018. LNCS, vol. 11099, pp. 122\u2013142. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-98989-1_7"},{"key":"4_CR38","unstructured":"WebAssembly: Binaryen (2022). https:\/\/github.com\/WebAssembly\/binaryen. Accessed: 2023"},{"key":"4_CR39","doi-asserted-by":"crossref","unstructured":"Zhang, J., Jiang, X.: Adversarial examples: Opportunities and challenges (2018)","DOI":"10.1109\/TNNLS.2019.2933524"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-35504-2_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,7,4]],"date-time":"2023-07-04T23:03:02Z","timestamp":1688511782000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-35504-2_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031355035","9783031355042"],"references-count":39,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-35504-2_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"10 June 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DIMVA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Hamburg","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Germany","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 July 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 July 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dimva2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/dimva2023.de\/org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"hotcrp.com","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"43","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"28% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2.4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}