{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T02:00:04Z","timestamp":1767319204019,"version":"3.48.0"},"publisher-location":"Cham","reference-count":33,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783032105530","type":"print"},{"value":"9783032105547","type":"electronic"}],"license":[{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-3-032-10554-7_30","type":"book-chapter","created":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T01:56:47Z","timestamp":1767319007000},"page":"570-590","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["MDMV: A Malware Detection Method Based on\u00a0Memory and\u00a0Visualization on\u00a0KVM"],"prefix":"10.1007","author":[{"given":"Xiangyi","family":"Wang","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jian","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lexin","family":"Jia","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zheng","family":"Meng","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lingkai","family":"Xing","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2026,1,2]]},"reference":[{"issue":"2","key":"30_CR1","doi-asserted-by":"publisher","first-page":"1851","DOI":"10.1109\/COMST.2019.2891891","volume":"21","author":"A Alshamrani","year":"2019","unstructured":"Alshamrani, A., Myneni, S., Chowdhary, A., Huang, D.: A survey on advanced persistent threats: techniques, solutions, challenges, and research opportunities. IEEE Commun. Surv. Tutor. 21(2), 1851\u20131877 (2019). https:\/\/doi.org\/10.1109\/COMST.2019.2891891","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"30_CR2","unstructured":"AV-TEST: AV-test - the independent it-security institute (2023). https:\/\/www.av-test.org\/en\/statistics\/malware\/"},{"key":"30_CR3","doi-asserted-by":"crossref","unstructured":"Biggio, B., et al.: Poisoning behavioral malware clustering. In: Proceedings of the 2014 Workshop on Artificial Intelligent and Security Workshop, pp. 27\u201336. Association for Computing Machinery, New York (2014)","DOI":"10.1145\/2666652.2666666"},{"key":"30_CR4","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.102166","volume":"103","author":"AS Bozkir","year":"2021","unstructured":"Bozkir, A.S., Tahillioglu, E., Aydos, M., Kara, I.: Catch them alive: a malware detection approach through memory forensics, manifold learning and computer vision. Comput. Secur. 103, 102166 (2021). https:\/\/doi.org\/10.1016\/j.cose.2020.102166","journal-title":"Comput. Secur."},{"key":"30_CR5","doi-asserted-by":"publisher","unstructured":"Chen, X., et al.: Malader: decision-based black-box attack against API sequence based malware detectors. In: 2023 53rd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 165\u2013178 (2023). https:\/\/doi.org\/10.1109\/DSN58367.2023.00027","DOI":"10.1109\/DSN58367.2023.00027"},{"key":"30_CR6","doi-asserted-by":"publisher","unstructured":"Chen, X., Andersen, J., Mao, Z.M., Bailey, M., Nazario, J.: Towards an understanding of anti-virtualization and anti-debugging behavior in modern malware. In: 2008 IEEE International Conference on Dependable Systems and Networks With FTCS and DCC (DSN), pp. 177\u2013186 (2008). https:\/\/doi.org\/10.1109\/DSN.2008.4630086","DOI":"10.1109\/DSN.2008.4630086"},{"key":"30_CR7","unstructured":"CNET: App for windows (2023). https:\/\/download.cnet.com\/windows\/"},{"key":"30_CR8","doi-asserted-by":"publisher","unstructured":"Conti, G., et al.: Automated mapping of large binary objects using primitive fragment type classification. Digit. Investig. 7, S3\u2013S12 (2010). https:\/\/doi.org\/10.1016\/j.diin.2010.05.002, the Proceedings of the Tenth Annual DFRWS Conference","DOI":"10.1016\/j.diin.2010.05.002"},{"key":"30_CR9","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1016\/j.diin.2018.09.006","volume":"27","author":"Y Dai","year":"2018","unstructured":"Dai, Y., Li, H., Qian, Y., Lu, X.: A malware classification method based on memory dump grayscale image. Digit. Investig. 27, 30\u201337 (2018). https:\/\/doi.org\/10.1016\/j.diin.2018.09.006","journal-title":"Digit. Investig."},{"key":"30_CR10","doi-asserted-by":"publisher","unstructured":"Dalal, N., Triggs, B.: Histograms of oriented gradients for human detection. In: 2005 IEEE Computer Society Conference on Computer Vision and Pattern Recognition (CVPR 2005), vol.\u00a01, pp. 886\u2013893 (2005). https:\/\/doi.org\/10.1109\/CVPR.2005.177","DOI":"10.1109\/CVPR.2005.177"},{"key":"30_CR11","doi-asserted-by":"publisher","unstructured":"He, K., Zhang, X., Ren, S., Sun, J.: Deep residual learning for image recognition. In: 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR), pp. 770\u2013778. IEEE (2016). https:\/\/doi.org\/10.1109\/CVPR.2016.90","DOI":"10.1109\/CVPR.2016.90"},{"key":"30_CR12","doi-asserted-by":"publisher","unstructured":"Kaloudi, N., Li, J.: The AI-based cyber threat landscape: a survey. 53(1) (2020). https:\/\/doi.org\/10.1145\/3372823","DOI":"10.1145\/3372823"},{"key":"30_CR13","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2022.119133","volume":"214","author":"I Kara","year":"2023","unstructured":"Kara, I.: Fileless malware threats: recent advances, analysis approach through memory forensics and research challenges. Expert Syst. Appl. 214, 119133 (2023). https:\/\/doi.org\/10.1016\/j.eswa.2022.119133","journal-title":"Expert Syst. Appl."},{"key":"30_CR14","doi-asserted-by":"publisher","first-page":"648","DOI":"10.1016\/j.neunet.2021.09.019","volume":"144","author":"T Landman","year":"2021","unstructured":"Landman, T., Nissim, N.: Deep-hook: a trusted deep learning-based framework for unknown malware detection and classification in linux cloud environments. Neural Netw. 144, 648\u2013685 (2021). https:\/\/doi.org\/10.1016\/j.neunet.2021.09.019","journal-title":"Neural Netw."},{"key":"30_CR15","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103279","volume":"130","author":"K Li","year":"2023","unstructured":"Li, K., Guo, W., Zhang, F., Du, J.: Gambd: generating adversarial malware against malconv. Comput. Secur. 130, 103279 (2023). https:\/\/doi.org\/10.1016\/j.cose.2023.103279","journal-title":"Comput. Secur."},{"issue":"7","key":"30_CR16","doi-asserted-by":"publisher","first-page":"7642","DOI":"10.1109\/TITS.2022.3208891","volume":"24","author":"S Li","year":"2023","unstructured":"Li, S., Li, Y., Wu, X., Otaibi, S.A., Tian, Z.: Imbalanced malware family classification using multimodal fusion and weight self-learning. IEEE Trans. Intell. Transp. Syst. 24(7), 7642\u20137652 (2023). https:\/\/doi.org\/10.1109\/TITS.2022.3208891","journal-title":"IEEE Trans. Intell. Transp. Syst."},{"key":"30_CR17","doi-asserted-by":"publisher","unstructured":"Lienhart, R., Maydt, J.: An extended set of haar-like features for rapid object detection. In: Proceedings of the International Conference on Image Processing, vol.\u00a01, pp. 900\u2013903 (2002). https:\/\/doi.org\/10.1109\/ICIP.2002.1038171","DOI":"10.1109\/ICIP.2002.1038171"},{"key":"30_CR18","doi-asserted-by":"publisher","unstructured":"Muralidharan, T., Cohen, A., Gerson, N., Nissim, N.: File packing from the malware perspective: techniques, analysis approaches, and directions for enhancements. ACM Comput. Surv. 55(5) (2022). https:\/\/doi.org\/10.1145\/3530810","DOI":"10.1145\/3530810"},{"key":"30_CR19","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2023.119952","volume":"223","author":"H Naeem","year":"2023","unstructured":"Naeem, H., Dong, S., Falana, O.J., Ullah, F.: Development of a deep stacked ensemble with process based volatile memory forensics for platform independent malware detection and classification. Expert Syst. Appl. 223, 119952 (2023). https:\/\/doi.org\/10.1016\/j.eswa.2023.119952","journal-title":"Expert Syst. Appl."},{"key":"30_CR20","doi-asserted-by":"publisher","first-page":"871","DOI":"10.1016\/j.cose.2018.04.005","volume":"77","author":"S Ni","year":"2018","unstructured":"Ni, S., Qian, Q., Zhang, R.: Malware identification using visualization images and deep learning. Comput. Secur. 77, 871\u2013885 (2018). https:\/\/doi.org\/10.1016\/j.cose.2018.04.005","journal-title":"Comput. Secur."},{"issue":"7","key":"30_CR21","doi-asserted-by":"publisher","first-page":"971","DOI":"10.1109\/TPAMI.2002.1017623","volume":"24","author":"T Ojala","year":"2002","unstructured":"Ojala, T., Pietikainen, M., Maenpaa, T.: Multiresolution gray-scale and rotation invariant texture classification with local binary patterns. IEEE Trans. Pattern Anal. Mach. Intell. 24(7), 971\u2013987 (2002). https:\/\/doi.org\/10.1109\/TPAMI.2002.1017623","journal-title":"IEEE Trans. Pattern Anal. Mach. Intell."},{"key":"30_CR22","doi-asserted-by":"publisher","unstructured":"Or-Meir, O., Nissim, N., Elovici, Y., Rokach, L.: Dynamic malware analysis in the modern era\u2013a state of the art survey. 52(5) (2019). https:\/\/doi.org\/10.1145\/3329786","DOI":"10.1145\/3329786"},{"issue":"18","key":"30_CR23","doi-asserted-by":"publisher","first-page":"11963","DOI":"10.1007\/s00521-021-05861-7","volume":"33","author":"ES Parildi","year":"2021","unstructured":"Parildi, E.S., Hatzinakos, D., Lawryshyn, Y.: Deep learning-aided runtime opcode-based Windows malware detection. Neural Comput. Appl. 33(18), 11963\u201311983 (2021). https:\/\/doi.org\/10.1007\/s00521-021-05861-7","journal-title":"Neural Comput. Appl."},{"key":"30_CR24","doi-asserted-by":"publisher","unstructured":"Rosenberg, I., Shabtai, A., Elovici, Y., Rokach, L.: Adversarial machine learning attacks and defense methods in the cyber security domain. ACM Comput. Surv. 54(5) (2021). https:\/\/doi.org\/10.1145\/3453158","DOI":"10.1145\/3453158"},{"key":"30_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"121","DOI":"10.1007\/978-3-642-04342-0_7","volume-title":"Recent Advances in Intrusion Detection","author":"MZ Shafiq","year":"2009","unstructured":"Shafiq, M.Z., Tabish, S.M., Mirza, F., Farooq, M.: PE-miner: mining structural information to detect malicious executables in realtime. In: Kirda, E., Jha, S., Balzarotti, D. (eds.) RAID 2009. LNCS, vol. 5758, pp. 121\u2013141. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-04342-0_7"},{"key":"30_CR26","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2020.107138","volume":"171","author":"D Vasan","year":"2020","unstructured":"Vasan, D., Alazab, M., Wassan, S., Naeem, H., Safaei, B., Zheng, Q.: IMCFN: image-based malware classification using fine-tuned convolutional neural network architecture. Comput. Netw. 171, 107138 (2020). https:\/\/doi.org\/10.1016\/j.comnet.2020.107138","journal-title":"Comput. Netw."},{"key":"30_CR27","unstructured":"VirusShare (2023). https:\/\/virusshare.com\/"},{"key":"30_CR28","unstructured":"VirusTotal (2023). https:\/\/virustotal.com\/"},{"key":"30_CR29","unstructured":"Volatility: Volatility. volatility framework - volatile memory extraction utility framework (2023). https:\/\/github.com\/volatilityfoundation\/volatility"},{"key":"30_CR30","doi-asserted-by":"publisher","unstructured":"Xu, Z., Ray, S., Subramanyan, P., Malik, S.: Malware detection using machine learning based analysis of virtual memory access patterns. In: Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 169\u2013174 (2017). https:\/\/doi.org\/10.23919\/DATE.2017.7926977","DOI":"10.23919\/DATE.2017.7926977"},{"issue":"2","key":"30_CR31","doi-asserted-by":"publisher","first-page":"902","DOI":"10.1109\/TDSC.2022.3144697","volume":"20","author":"X Zhang","year":"2023","unstructured":"Zhang, X., et al.: Slowing down the aging of learning-based malware detectors with API knowledge. IEEE Trans. Dependable Secure Comput. 20(2), 902\u2013916 (2023). https:\/\/doi.org\/10.1109\/TDSC.2022.3144697","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"30_CR32","doi-asserted-by":"crossref","unstructured":"Zhang, Z., Qi, P., Wang, W.: Dynamic malware analysis with feature engineering and feature learning. In: Proceedings of the AAAI Conference on Artificial Intelligence, vol.\u00a034, pp. 1210\u20131217 (2020)","DOI":"10.1609\/aaai.v34i01.5474"},{"key":"30_CR33","doi-asserted-by":"publisher","first-page":"4208066","DOI":"10.1155\/2022\/4208066","volume":"2022","author":"L Zheng","year":"2022","unstructured":"Zheng, L., Zhang, J.: A new malware detection method based on VMCADR in cloud environments. Secur. Commun. Netw. 2022, 4208066 (2022). https:\/\/doi.org\/10.1155\/2022\/4208066","journal-title":"Secur. Commun. Netw."}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Mobile and Ubiquitous Systems: Computing, Networking and Services"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-10554-7_30","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T01:56:48Z","timestamp":1767319008000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-10554-7_30"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026]]},"ISBN":["9783032105530","9783032105547"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-10554-7_30","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"value":"1867-8211","type":"print"},{"value":"1867-822X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026]]},"assertion":[{"value":"2 January 2026","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"MobiQuitous","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Mobile and Ubiquitous Systems: Computing, Networking, and Services","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Oslo","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Norway","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 November 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 November 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"mobiquitous2024a","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/mobiquitous.eai-conferences.org\/2024\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}