{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T08:54:20Z","timestamp":1743065660128,"version":"3.40.3"},"publisher-location":"Cham","reference-count":18,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319459301"},{"type":"electronic","value":"9783319459318"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-45931-8_7","type":"book-chapter","created":{"date-parts":[[2016,9,16]],"date-time":"2016-09-16T07:26:19Z","timestamp":1474010779000},"page":"103-119","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Attacking and Defending Dynamic Analysis System-Calls Based IDS"],"prefix":"10.1007","author":[{"given":"Ishai","family":"Rosenberg","sequence":"first","affiliation":[]},{"given":"Ehud","family":"Gudes","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,9,17]]},"reference":[{"issue":"5","key":"7_CR1","doi-asserted-by":"crossref","first-page":"412","DOI":"10.1093\/bioinformatics\/16.5.412","volume":"16","author":"P. Baldi","year":"2000","unstructured":"Baldi, P., Brunak, S., Chauvin, Y., Andersen, C.A., Nielsen, H.: Assessing the accuracy of prediction algorithms for classification: an overview. Bioinformatics 16(5), 412\u2013424 (2000)","journal-title":"Bioinformatics"},{"key":"7_CR2","doi-asserted-by":"crossref","unstructured":"Biggio, B., Rieck, K., Ariu, D., Wressnegger, C., Corona, I., Giacinto, G., Rol., F.: Poisoning behavioral malware clustering. In: Proceedings of the 7th ACM Workshop on Artificial Intelligence and Security (2014)","DOI":"10.1145\/2666652.2666666"},{"key":"7_CR3","doi-asserted-by":"crossref","unstructured":"Firdausi, I., Lim, C., Erwin, A.: Analysis of machine learning techniques used in behavior based malware detection. In: Proceedings of 2nd International Conference on Advances in Computing, Control and Telecommunication Technologies, pp. 201\u2013203 (2010)","DOI":"10.1109\/ACT.2010.33"},{"key":"7_CR4","unstructured":"Forrest, S., Hofmeyr, S., Somayaji, A., Longsta, T.: A sense of self for unix processes. In: IEEE Symposium on Security and Privacy, pp. 120\u2013128. IEEE Press, USA (1996)"},{"key":"7_CR5","doi-asserted-by":"crossref","unstructured":"Forrest, S., Hofmeyr, S., Somayaji, A.: The evolution of system-call monitoring. In: Proceedings of the Annual Computer Security Applications Conference, pp. 418\u2013430 (2008)","DOI":"10.1109\/ACSAC.2008.54"},{"key":"7_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"274","DOI":"10.1007\/978-3-642-31540-4_21","volume-title":"Data and Applications Security and Privacy XXVI","author":"S Gambs","year":"2012","unstructured":"Gambs, S., Gmati, A., Hurfin, M.: Reconstruction attack through classifier analysis. In: Cuppens-Boulahia, N., Cuppens, F., Garcia-Alfaro, J. (eds.) DBSec 2012. LNCS, vol. 7371, pp. 274\u2013281. Springer, Heidelberg (2012)"},{"issue":"6","key":"7_CR7","doi-asserted-by":"publisher","first-page":"1182","DOI":"10.1016\/j.csi.2009.04.004","volume":"31","author":"KW Hamlen","year":"2009","unstructured":"Hamlen, K.W., Mohan, V., Masud, M.M., Khan, L., Thuraisingham, B.: Exploiting an Antivirus Interface. Comput. Stand. Interfaces 31(6), 1182\u20131189 (2009)","journal-title":"Comput. Stand. Interfaces"},{"key":"7_CR8","doi-asserted-by":"crossref","unstructured":"Kolter, J.Z., Maloof, M.A.: Learning to detect malicious executables in the wild. In: Proceedings of the 10th International Conference on Knowledge Discovery and Data Mining, pp. 470\u2013478 (2004)","DOI":"10.1145\/1014052.1014105"},{"issue":"1","key":"7_CR9","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1145\/375360.375365","volume":"33","author":"G Navarro","year":"2001","unstructured":"Navarro, G.: A guided tour to approximate string matching. ACM Comput. Surv. 33(1), 31\u201388 (2001)","journal-title":"ACM Comput. Surv."},{"key":"7_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"497","DOI":"10.1007\/978-3-319-28166-7_24","volume-title":"The 13th International Conference on Applied Cryptography and Network Security","author":"J Ming","year":"2015","unstructured":"Ming, J., Xin, Z., Lan, P., Wu, D., Liu, P., Mao, B.: Replacement attacks: automatically impeding behavior-based malware speciffications. In: Malkin, T., Kolesnikov, V., Lewko, A.B., Polychronakis, M. (eds.) ACNS 2015. LNCS, vol. 9092, pp. 497\u2013517. Springer, Switzerland (2015)"},{"key":"7_CR11","doi-asserted-by":"crossref","unstructured":"Moser, A., Kruegel, C., Kirda, E.: Limits of static analysis for malware detection. In: 23rd Annual Computer Security Applications Conference, pp. 421\u2013430 (2007)","DOI":"10.1109\/ACSAC.2007.21"},{"key":"7_CR12","doi-asserted-by":"crossref","unstructured":"Moskovitch, R., Gus, I., Pluderman, S., Stopel, D., Fermat, Y., Shahar, Y., Elovici, Y.: Host based intrusion detection using machine learning. In: Proceedings of Intelligence and Security Informatics, pp. 107\u2013114 (2007)","DOI":"10.1109\/ISI.2007.379542"},{"key":"7_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-75496-1_1","volume-title":"Information Security","author":"T Raffetseder","year":"2007","unstructured":"Raffetseder, T., Kruegel, C., Kirda, E.: Detecting system emulators. In: Garay, J.A., Lenstra, A.K., Mambo, M., Peralta, R. (eds.) ISC 2007. LNCS, vol. 4779, pp. 1\u201318. Springer, Heidelberg (2007)"},{"key":"7_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"378","DOI":"10.1007\/978-3-642-04342-0_31","volume-title":"Recent Advances in Intrusion Detection","author":"B Rozenberg","year":"2009","unstructured":"Rozenberg, B., Gudes, E., Elovici, Y., Fledel, Y.: Method for detecting unknown malicious executables. In: Kirda, E., Jha, S., Balzarotti, D. (eds.) RAID 2009. LNCS, vol. 5758, pp. 378\u2013379. Springer, Heidelberg (2009)"},{"key":"7_CR15","unstructured":"Somayaji, A., Forrest, S.: Automated response using system-call delays. In: Proceedings of the 9th USENIX Security Symposium, pp. 185\u2013198 (2000)"},{"key":"7_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"146","DOI":"10.1007\/11663812_8","volume-title":"Recent Advances in Intrusion Detection","author":"Sufatrio","year":"2006","unstructured":"Sufatrio, Yap, R.H.C.: Improving host-based IDS with argument abstraction to prevent mimicry attacks. In: Valdes, A., Zamboni, D. (eds.) RAID 2005. LNCS, vol. 3858, pp. 146\u2013164. Springer, Heidelberg (2006)"},{"issue":"6","key":"7_CR17","doi-asserted-by":"publisher","first-page":"875","DOI":"10.1142\/S0218213006003028","volume":"15","author":"G Tandon","year":"2006","unstructured":"Tandon, G., Chan, P.: On the learning of system call attributes for host-based anomaly detection. Int. J. Artif. Intell. Tools 15(6), 875\u2013892 (2006)","journal-title":"Int. J. Artif. Intell. Tools"},{"key":"7_CR18","doi-asserted-by":"crossref","unstructured":"Wagner, D., Soto, P.: Mimicry attacks on host-based intrusion detection systems. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 255\u2013264 (2002)","DOI":"10.1145\/586110.586145"}],"container-title":["Lecture Notes in Computer Science","Information Security Theory and Practice"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-45931-8_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,9,19]],"date-time":"2020-09-19T00:21:49Z","timestamp":1600474909000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-45931-8_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319459301","9783319459318"],"references-count":18,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-45931-8_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2016]]},"assertion":[{"value":"17 September 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"WISTP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on Information Security Theory and Practice","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Heraklion","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Greece","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2016","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 September 2016","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 September 2016","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"wistp2016","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}