{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,14]],"date-time":"2025-10-14T00:17:17Z","timestamp":1760401037213,"version":"build-2065373602"},"publisher-location":"Cham","reference-count":22,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031962301"},{"type":"electronic","value":"9783031962318"}],"license":[{"start":{"date-parts":[[2025,6,22]],"date-time":"2025-06-22T00:00:00Z","timestamp":1750550400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,6,22]],"date-time":"2025-06-22T00:00:00Z","timestamp":1750550400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-3-031-96231-8_27","type":"book-chapter","created":{"date-parts":[[2025,6,21]],"date-time":"2025-06-21T01:56:47Z","timestamp":1750471007000},"page":"367-382","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Explainable Surface-Level Malware Analysis Through Scalable and\u00a0Accurate Feature Selection"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0003-6694-6886","authenticated-orcid":false,"given":"Lulu","family":"Ito","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-0116-6778","authenticated-orcid":false,"given":"Naoya","family":"Sawada","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-3035-411X","authenticated-orcid":false,"given":"Katsuyuki","family":"Maeda","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0425-8485","authenticated-orcid":false,"given":"Kilho","family":"Shin","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,6,22]]},"reference":[{"key":"27_CR1","unstructured":"Anderson, H.S., Roth, P.: EMBER: an open dataset for training static PE malware machine learning models. CoRR abs\/1804.04637 (2018)"},{"key":"27_CR2","unstructured":"Antonakakis, M., et al.: Understanding the MIRAI botnet. In: Proceedings of the 26th USENIX Security Symposium, pp. 1093\u20131110 (2017)"},{"key":"27_CR3","unstructured":"Elastic: Ember (2022). https:\/\/github.com\/elastic\/ember. Accessed 05 May 2024"},{"issue":"1","key":"27_CR4","first-page":"1","volume":"9","author":"S Enders","year":"2025","unstructured":"Enders, S., Plohmann, D., Blatt, M.: A taxonomic overview of prevalent malware communication strategies. J. Cybercrime Digit. Invest. 9(1), 1\u201313 (2025)","journal-title":"J. Cybercrime Digit. Invest."},{"key":"27_CR5","unstructured":"Hall, M.A.: Correlation-based feature selection for discrete and numeric class machine learning. In: Proceedings of the 17th International Conference of Machine Learning, pp. 359\u2013366 (2000)"},{"key":"27_CR6","unstructured":"Kernighan, B.W., Ritchie, D.M.: The C Programming Language. Prentice Hall (1988)"},{"key":"27_CR7","doi-asserted-by":"crossref","unstructured":"Kira, K., Rendell, L.: A practical approach to feature selection. In: Proceedings of the 11th International Conference on Machine Learning, pp. 249\u2013256 (1992)","DOI":"10.1016\/B978-1-55860-247-2.50037-1"},{"key":"27_CR8","doi-asserted-by":"crossref","unstructured":"Kolter, J.Z., Maloof, M.A.: Learning to detect malicious executables in the wild. In: Proceedings of the Twelfth International Conference on Knowledge Discovery and Data Mining, pp. 470\u2013478. ACM (2006)","DOI":"10.1145\/1014052.1014105"},{"key":"27_CR9","doi-asserted-by":"crossref","unstructured":"Kumar, R., Geetha, S.: Malware classification using xgboost-gradient boosted decision tree. Adv. Sci. Technol. Eng. Syst. J. 5(5), 536\u2013549 (2020)","DOI":"10.25046\/aj050566"},{"issue":"2","key":"27_CR10","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1109\/MSP.2007.48","volume":"5","author":"R Lyda","year":"2007","unstructured":"Lyda, R., Hamrock, J.: Using entropy analysis to identify obfuscated malware. IEEE Secur. Priv. 5(2), 40\u201345 (2007)","journal-title":"IEEE Secur. Priv."},{"key":"27_CR11","unstructured":"Morikawa, Y., Shin, K.: Bornfs (2025). https:\/\/github.com\/MY1390\/bornfs.git"},{"key":"27_CR12","doi-asserted-by":"crossref","unstructured":"Oyama, Y., Miyashita, T., Kokubo, H.: Identifying useful features for malware detection in the ember dataset. In: Proceedings of the Seventh International Symposium on Computing and Networking Workshops, pp. 360\u2013365. IEEE (2019)","DOI":"10.1109\/CANDARW.2019.00069"},{"key":"27_CR13","doi-asserted-by":"crossref","unstructured":"Peng, H., Long, F., Ding, C.: Feature selection based on mutual information: criteria of max-dependency, max-relevance and min-redundancy. IEEE Trans. Pattern Anal. Mach. Intell. 27(8) (2005)","DOI":"10.1109\/TPAMI.2005.159"},{"key":"27_CR14","doi-asserted-by":"crossref","unstructured":"Rajab, M.A., Zarfoss, J., Monrose, F., Terzis, A.: A multifaceted approach to understanding the botnet phenomenon. In: Proceedings of the 6th ACM SIGCOMM Conference on Internet Measurement, pp. 41\u201352 (2006)","DOI":"10.1145\/1177080.1177086"},{"key":"27_CR15","unstructured":"Rapid7 Metasploit Team: MSFvenom payload creation and encoding (2023). https:\/\/www.rapid7.com\/products\/metasploit\/. Accessed 03 Dec 2023"},{"key":"27_CR16","doi-asserted-by":"crossref","unstructured":"Sandor, M., Portase, R.M., Colesa, A.: Ember feature dataset analysis for malware detection. In: Proceedings of the 19th International Conference on Intelligent Computer Communication and Processing, pp. 203\u2013209. IEEE (2023)","DOI":"10.1109\/ICCP60212.2023.10398693"},{"issue":"1","key":"27_CR17","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1002\/j.1538-7305.1951.tb01366.x","volume":"30","author":"CE Shannon","year":"1951","unstructured":"Shannon, C.E.: Prediction and entropy of printed english. Bell Syst. Tech. J. 30(1), 50\u201364 (1951)","journal-title":"Bell Syst. Tech. J."},{"key":"27_CR18","doi-asserted-by":"crossref","unstructured":"Shin, K., Liu, C., Maeda, K., Ohshima, H.: Bornfs: feature selection with balanced relevance and nuisance and its application to very large datasets. In: Proceedings of the 16th International Conference on Agents and Artificial Intelligence, pp. 1100\u20131107. SCITEPRESS (2024)","DOI":"10.5220\/0012436000003636"},{"key":"27_CR19","unstructured":"Tanenbaum, A.S.: Structured Computer Organization. Prentice Hall (1992)"},{"key":"27_CR20","unstructured":"Tanenbaum, A.S., Bos, H.: Modern Operating Systems. Pearson (2006)"},{"key":"27_CR21","unstructured":"Veil Development Team: Veil framework: Payload creation and obfuscation (2023). https:\/\/github.com\/Veil-Framework\/Veil. Accessed 03 Dec 2023"},{"key":"27_CR22","doi-asserted-by":"crossref","unstructured":"Weinberger, K.Q., Dasgupta, A., Langford, J., Smola, A., Attenberg, J.: Feature hashing for large scale multitask learning. In: Proceedings of the 26th Annual International Conference on Machine Learning, pp. 1113\u20131120. ACM (2009)","DOI":"10.1145\/1553374.1553516"}],"container-title":["IFIP Advances in Information and Communication Technology","Artificial Intelligence Applications and Innovations"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-96231-8_27","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,13]],"date-time":"2025-10-13T06:23:16Z","timestamp":1760336596000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-96231-8_27"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6,22]]},"ISBN":["9783031962301","9783031962318"],"references-count":22,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-96231-8_27","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"type":"print","value":"1868-4238"},{"type":"electronic","value":"1868-422X"}],"subject":[],"published":{"date-parts":[[2025,6,22]]},"assertion":[{"value":"22 June 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"AIAI","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on Artificial Intelligence Applications and Innovations","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Limassol","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Cyprus","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 June 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 June 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"aiai2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/ifipaiai.org\/2025\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}