{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,17]],"date-time":"2026-02-17T12:09:02Z","timestamp":1771330142631,"version":"3.50.1"},"publisher-location":"Cham","reference-count":21,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319494449","type":"print"},{"value":"9783319494456","type":"electronic"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-49445-6_15","type":"book-chapter","created":{"date-parts":[[2016,11,17]],"date-time":"2016-11-17T12:50:31Z","timestamp":1479387031000},"page":"271-280","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":35,"title":["Malware Characterization Using Windows API Call Sequences"],"prefix":"10.1007","author":[{"given":"Sanchit","family":"Gupta","sequence":"first","affiliation":[]},{"given":"Harshit","family":"Sharma","sequence":"additional","affiliation":[]},{"given":"Sarvjeet","family":"Kaur","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,11,18]]},"reference":[{"key":"15_CR1","doi-asserted-by":"crossref","unstructured":"Shafiq, M.Z., Tabish, S.M., Mirza, F., Farroq, M.: Pe-Miner: mining structural information to detect malicious executable in real time. In: 12th International Symposium on Recent Advances in Intrusion Detection (2009)","DOI":"10.1007\/978-3-642-04342-0_7"},{"key":"15_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"204","DOI":"10.1007\/978-3-540-89900-6_21","volume-title":"Intelligence and Security Informatics","author":"R Moskovitch","year":"2008","unstructured":"Moskovitch, R., Feher, C., Tzachar, N., Berger, E., Gitelman, M., Dolev, S., Elovici, Y.: Unknown malcode detection using OPCODE representation. In: Ortiz-Arroyo, D., Larsen, H.L., Zeng, D.D., Hicks, D., Wagner, G. (eds.) EuroIsI 2008. LNCS, vol. 5376, pp. 204\u2013215. Springer, Heidelberg (2008). doi: 10.1007\/978-3-540-89900-6_21"},{"key":"15_CR3","doi-asserted-by":"crossref","unstructured":"Moskovitch, R., et al: Unknown malcode detection via text categorization and the imbalance problem. In: IEEE International Conference on Intelligence and Security Informatics, pp. 156\u2013161 (2008)","DOI":"10.1109\/ISI.2008.4565046"},{"key":"15_CR4","doi-asserted-by":"publisher","first-page":"64","DOI":"10.1016\/j.ins.2011.08.020","volume":"231","author":"I Santos","year":"2013","unstructured":"Santos, I., et al.: Opcode sequences as representation of executables for data-mining based unknown malware detection. Inf. Sci. 231, 64\u201382 (2013)","journal-title":"Inf. Sci."},{"issue":"2","key":"15_CR5","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2089125.2089126","volume":"44","author":"M Egele","year":"2012","unstructured":"Egele, M., Scholte, T., Kirda, E., Kruegel, C.: A survey on automated dynamic malware analysis techniques and tools. ACM Comput. Surv. 44(2), 1\u201342 (2012)","journal-title":"ACM Comput. Surv."},{"key":"15_CR6","doi-asserted-by":"crossref","unstructured":"Santos, I., et al.: OPEM: a static-dynamic approach for machine-learning-based malware detection. In: International Conference CISIS12-ICEUTE12, vol. 189, pp. 271\u2013280 (2013)","DOI":"10.1007\/978-3-642-33018-6_28"},{"issue":"4","key":"15_CR7","doi-asserted-by":"publisher","first-page":"283","DOI":"10.1007\/s11416-008-0108-y","volume":"5","author":"Y Ye","year":"2009","unstructured":"Ye, Y., et al.: SBMDS: an interpretable string based malware detection system using SVM ensemble with bagging. J. Comput. Virol. 5(4), 283\u2013293 (2009)","journal-title":"J. Comput. Virol."},{"key":"15_CR8","doi-asserted-by":"crossref","unstructured":"Zolkipli, M.F., Jantan, A.: Approach for malware behavior identification and classification. In: 3rd International Conference on Computer Research and Development, Shanghai, pp. 191\u2013194 (2011)","DOI":"10.1109\/ICCRD.2011.5764001"},{"key":"15_CR9","doi-asserted-by":"publisher","first-page":"646","DOI":"10.1016\/j.jnca.2012.10.004","volume":"36","author":"MR Islam","year":"2013","unstructured":"Islam, M.R., Tian, R., Batten, L., Versteeg, S.: Classification of malware based on integrated static and dynamic features. J. Netw. Comput. Appl. 36, 646\u2013656 (2013)","journal-title":"J. Netw. Comput. Appl."},{"key":"15_CR10","doi-asserted-by":"publisher","first-page":"56","DOI":"10.4236\/jis.2014.52006","volume":"5","author":"E Gandotra","year":"2014","unstructured":"Gandotra, E., Bansal, D., Sofat, S.: Malware analysis and classification: a survey. J. Inf. Secur. 5, 56\u201364 (2014)","journal-title":"J. Inf. Secur."},{"issue":"5","key":"15_CR11","first-page":"1","volume":"120","author":"S Ranveer","year":"2015","unstructured":"Ranveer, S., Hiray, S.: Comparative analysis of feature extraction methods of malware detection. Int. J. Comput. Appl. 120(5), 1\u20137 (2015)","journal-title":"Int. J. Comput. Appl."},{"key":"15_CR12","unstructured":"Youngjoon, K., Eunjin, K., HuyKang, K.: A novel approach to detect malware based on API call sequence analysis. Int. J. Distrib. Sens. Netw., Article no. 4 (2015)"},{"key":"15_CR13","doi-asserted-by":"crossref","unstructured":"Park, Y., Reeves, D., Mulukutla, V., Sundaravel, B.: Fast malware classification by automated behavioural graph matching. In: Sixth Annual Workshop on Cyber Security and Information Intelligence Research (2010)","DOI":"10.1145\/1852666.1852716"},{"key":"15_CR14","doi-asserted-by":"crossref","unstructured":"Nari, S., Ghorbani, A.A.: Automated malware classification based on network behavior. In: International Conference on Computing, Networking and Communications (ICNC) (2013)","DOI":"10.1109\/ICCNC.2013.6504162"},{"key":"15_CR15","unstructured":"VxVault. http:\/\/www.vxvault.net"},{"key":"15_CR16","unstructured":"Vxheaven. http:\/\/www.vxheaven.org"},{"key":"15_CR17","unstructured":"VirusSign. http:\/\/www.virussign.com"},{"key":"15_CR18","unstructured":"VirusTotal. https:\/\/www.virustotal.com"},{"key":"15_CR19","doi-asserted-by":"publisher","first-page":"91","DOI":"10.1016\/j.diin.2006.06.015","volume":"3","author":"J Kornblum","year":"2006","unstructured":"Kornblum, J.: Identifying almost identical files using context triggered piecewise hashing. Digit. Invest. J. 3, 91\u201397 (2006)","journal-title":"Digit. Invest. J."},{"key":"15_CR20","unstructured":"Hunt, G., Brubacher, D.: Detours: binary interception of Win32 functions. In: 3rd Conference on USENIX Windows NT Symposium, pp. 135\u2013143 (1999)"},{"key":"15_CR21","doi-asserted-by":"crossref","unstructured":"Firdausi, I., et al.: Analysis of machine learning techniques used in behavior-based malware detection. In: Second International Conference on Advances in Computing, Control and Telecommunication Technologies (ACT), pp. 201\u2013203. IEEE (2010)","DOI":"10.1109\/ACT.2010.33"}],"container-title":["Lecture Notes in Computer Science","Security, Privacy, and Applied Cryptography Engineering"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-49445-6_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,12]],"date-time":"2025-06-12T18:15:18Z","timestamp":1749752118000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-49445-6_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319494449","9783319494456"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-49445-6_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016]]},"assertion":[{"value":"18 November 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SPACE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security, Privacy, and Applied Cryptography Engineering","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Hyderabad","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2016","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 December 2016","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 December 2016","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"6","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"space2016","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}