{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,25]],"date-time":"2025-06-25T04:10:55Z","timestamp":1750824655195,"version":"3.41.0"},"publisher-location":"Cham","reference-count":46,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319647005"},{"type":"electronic","value":"9783319647012"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-64701-2_28","type":"book-chapter","created":{"date-parts":[[2017,7,25]],"date-time":"2017-07-25T08:56:55Z","timestamp":1500973015000},"page":"386-398","source":"Crossref","is-referenced-by-count":2,"title":["Machine Learning for Analyzing Malware"],"prefix":"10.1007","author":[{"given":"Yajie","family":"Dong","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhenyan","family":"Liu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yida","family":"Yan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yong","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tu","family":"Peng","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ji","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2017,7,26]]},"reference":[{"key":"28_CR1","unstructured":"Michael, S., Andrew. H.: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software. Publishing House of Electronics Industry (2014)"},{"key":"28_CR2","unstructured":"Liao, G., Liu, J.A.: Malicious code detection method based on data mining and machine learning. J. Inf. Secur. Res. (2016)"},{"key":"28_CR3","unstructured":"Huang, H.X., Zhang, L., Deng, L.: Review of malware detection based on data mining. Comput. Sci. (2016)"},{"key":"28_CR4","doi-asserted-by":"crossref","unstructured":"Lee, D.H., Song, I.S., Kim, K.J.: A study on malicious codes pattern analysis using visualization. In: IEEE Computer Society, pp. 1\u20135 (2011)","DOI":"10.1109\/ICISA.2011.5772330"},{"key":"28_CR5","first-page":"2721","volume":"7","author":"JZ Kolter","year":"2006","unstructured":"Kolter, J.Z., Maloof, M.A.: Learning to detect and classify malicious executables in the wild. J. Mach. Learn. Res. 7, 2721\u20132744 (2006)","journal-title":"J. Mach. Learn. Res."},{"key":"28_CR6","doi-asserted-by":"crossref","unstructured":"Schultz, M.G., Eskin, E., Zadok, E.: Data mining methods for detection of new malicious executables, pp. 38\u201349 (2001)","DOI":"10.1109\/SECPRI.2001.924286"},{"key":"28_CR7","doi-asserted-by":"crossref","unstructured":"Shabtai, A., Moskovitch, R., Feher, C.: Detecting unknown malicious code by applying classification techniques on OpCode patterns. Secur. Inform. (2012)","DOI":"10.1186\/2190-8532-1-1"},{"key":"28_CR8","doi-asserted-by":"crossref","unstructured":"Lai, Y.A.: Feature selection for malicious detection. In: ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel\/distributed Computing, pp. 365\u2013370. IEEE Xplore (2008)","DOI":"10.1109\/SNPD.2008.18"},{"key":"28_CR9","unstructured":"Mao, M., Liu, Y.: Research on malicious program detection based on machine learning. Softw. Guide (2010)"},{"key":"28_CR10","doi-asserted-by":"crossref","first-page":"78","DOI":"10.1145\/2347736.2347755","volume":"55","author":"P Domingos","year":"2012","unstructured":"Domingos, P.: A few useful things to know about machine learning. Commun. ACM 55, 78\u201387 (2012)","journal-title":"Commun. ACM"},{"key":"28_CR11","doi-asserted-by":"crossref","first-page":"1941","DOI":"10.1016\/j.patrec.2008.06.016","volume":"29","author":"R Perdisci","year":"2008","unstructured":"Perdisci, R., Lanzi, A., Lee, W.: Classification of packed executables for accurate computer virus detection. Pattern Recogn. Lett. 29, 1941\u20131946 (2008)","journal-title":"Pattern Recogn. Lett."},{"key":"28_CR12","doi-asserted-by":"crossref","first-page":"315","DOI":"10.1016\/j.cose.2013.08.008","volume":"39","author":"Y Ding","year":"2013","unstructured":"Ding, Y., Yuan, X., Tang, K.: A fast malware detection algorithm based on objective-oriented association mining. Comput. Secur. 39, 315\u2013324 (2013)","journal-title":"Comput. Secur."},{"key":"28_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1007\/978-3-642-11747-3_3","volume-title":"Engineering Secure Software and Systems","author":"I Santos","year":"2010","unstructured":"Santos, I., Brezo, F., Nieves, J., Penya, Y.K., Sanz, B., Laorden, C., Bringas, Pablo G.: Idea: opcode-sequence-based malware detection. In: Massacci, F., Wallach, D., Zannone, N. (eds.) ESSoS 2010. LNCS, vol. 5965, pp. 35\u201343. Springer, Heidelberg (2010). doi: 10.1007\/978-3-642-11747-3_3"},{"key":"28_CR14","doi-asserted-by":"crossref","first-page":"13","DOI":"10.1007\/s11416-005-0002-9","volume":"1","author":"ME Karim","year":"2005","unstructured":"Karim, M.E., Walenstein, A., Lakhotia, A.: Malware phylogeny generation using permutations of code. J. Comput. Virol. Hacking Techn. 1, 13\u201323 (2005)","journal-title":"J. Comput. Virol. Hacking Techn."},{"key":"28_CR15","doi-asserted-by":"crossref","first-page":"156","DOI":"10.1504\/IJESDF.2007.016865","volume":"1","author":"D Bilar","year":"2007","unstructured":"Bilar, D.: Opcodes as predictor for malware. Int. J. Electron. Secur. Digital Forensics 1, 156\u2013168 (2007)","journal-title":"Int. J. Electron. Secur. Digital Forensics"},{"key":"28_CR16","doi-asserted-by":"crossref","first-page":"64","DOI":"10.1016\/j.ins.2011.08.020","volume":"231","author":"I Santos","year":"2013","unstructured":"Santos, I., Brezo, F., Ugarte-Pedrero, X.: Opcode sequences as representation of executables for data-mining-based unknown malware detection. Inf. Sci. 231, 64\u201382 (2013)","journal-title":"Inf. Sci."},{"key":"28_CR17","unstructured":"Liang, C.: Research on the main techonologies. In: Malware Code Detection. Yangzhou University (2012)"},{"issue":"5","key":"28_CR18","first-page":"27","volume":"30","author":"X Chen","year":"2011","unstructured":"Chen, X., Zhang, J., Xiao-Guang, L.: A text classification method for chinese pornographic web recognition. Meas. Control Technol. 30(5), 27\u201326 (2011)","journal-title":"Meas. Control Technol."},{"key":"28_CR19","unstructured":"Cavnar, W.B., Trenkle, J.M.: N-Gram-based text categorization. In: Proceedings of SDAIR 1994, 3rd Annual Symposium on Document Analysis and Information Retrieval, Las Vegas, US (1994)"},{"key":"28_CR20","doi-asserted-by":"crossref","first-page":"131","DOI":"10.1016\/S1088-467X(97)00008-5","volume":"1","author":"M Dash","year":"1997","unstructured":"Dash, M., Liu, H.: Feature selection for classification. Intell. Data Anal. 1, 131\u2013156 (1997)","journal-title":"Intell. Data Anal."},{"key":"28_CR21","doi-asserted-by":"crossref","unstructured":"Adebayo, O.S., Abdulaziz, N.: Android malware classification using static code analysis and Apriori algorithm improved with particle swarm optimization. In: Information and Communication Technologies, pp. 123\u2013128 (2015)","DOI":"10.1109\/WICT.2014.7077314"},{"key":"28_CR22","unstructured":"www.kaggle.com\/malware-classification"},{"key":"28_CR23","unstructured":"Fang, Z.: Research and Implementation of Malware Classification. National University of Defense Technology (2011)"},{"key":"28_CR24","unstructured":"Li, W.: Research and Implementation of Mobile Customer Churn Prediction Based on Decision Tree Algorithm. Beijing University (2010)"},{"key":"28_CR25","unstructured":"Zhu, L.J., Yu-Fen, X.U.: Application of C4.5 algorithm in unknown malicious code identification. J. Shenyang Univ. Chem. Technol. (2013)"},{"key":"28_CR26","unstructured":"Zhang, M.: Remote Sensing Image Classification Algorithm Based on Random Forest. Shandong University of Science and Technology (2013)"},{"key":"28_CR27","doi-asserted-by":"crossref","unstructured":"Tian, R., Batten, L., Islam, R.: An automated classification system based on the strings of trojan and virus families. Malware (2009)","DOI":"10.1109\/MALWARE.2009.5403021"},{"key":"28_CR28","doi-asserted-by":"crossref","first-page":"239","DOI":"10.1002\/sec.524","volume":"6","author":"Z Zhao","year":"2013","unstructured":"Zhao, Z., Wang, J., Wang, C.: An unknown malware detection scheme based on the features of graph. Secur. Commun. Netw. 6, 239\u2013246 (2013)","journal-title":"Secur. Commun. Netw."},{"key":"28_CR29","unstructured":"Zhu, K., Yin, B., Mao, Y.: Malware classification approach based on valid window and Naive Bayes. J. Comput. Res. Develop. 373\u2013381 (2014)"},{"key":"28_CR30","unstructured":"Sun, G.: Research on intrusion detection system based on SVM. Beijing University of Posts and Telecommunications (2007)"},{"key":"28_CR31","unstructured":"Qu, J.: Research on Overlap Similarity-based Hierarchical Clustering Algorithms and Its Application. Xiamen University (2007)"},{"key":"28_CR32","unstructured":"Feng, S.R.: Research and application of DBSCAN clustering algorithm based on density. Comput. Eng. Appl. 162\u2013165 (2006)"},{"key":"28_CR33","unstructured":"Yu, J., He, P., Sun, Y.H.: Research on text hierarchical clustering algorithm based on K-Means. Comput. Appl. (2005)"},{"key":"28_CR34","first-page":"76","volume":"51","author":"Y Qian","year":"2015","unstructured":"Qian, Y., Peng, G., Wang, Y.: Homology analysis of malicious code and family clustering. Comput. Eng. Appl. 51, 76\u201381 (2015)","journal-title":"Comput. Eng. Appl."},{"key":"28_CR35","unstructured":"Agrawal, R., Srikant, R.: Fast algorithms for mining association rules in large databases. In: International Conference on Very Large Data Bases. Morgan Kaufmann Publishers Inc (1994)"},{"key":"28_CR36","unstructured":"Zhang, W., Zheng, Q., Shuai, J.M.: New malicious executables detection based on association rules. Comput. Eng. 172\u2013174 (2008)"},{"key":"28_CR37","unstructured":"Li, Z.: Research on Malicious Code Analysis Based on API Association. The PLA Information Engineering University (2014)"},{"key":"28_CR38","doi-asserted-by":"crossref","first-page":"91","DOI":"10.1016\/j.jss.2014.10.031","volume":"100","author":"M Alazab","year":"2014","unstructured":"Alazab, M.: Profiling and classifying the behaviour of malicious codes. J. Syst. Softw. 100, 91\u2013102 (2014)","journal-title":"J. Syst. Softw."},{"key":"28_CR39","first-page":"1","volume":"37","author":"XZ Wang","year":"2011","unstructured":"Wang, X.Z., Sun, L.C., Zhang, M.: Malicious behavior detection method based on sequential pattern discovery. Comput. Eng. 37, 1\u20133 (2011)","journal-title":"Comput. Eng."},{"key":"28_CR40","doi-asserted-by":"crossref","unstructured":"Han, J., Pei, J., Yin, Y.: Mining frequent patterns without candidate generation. In: ACM SIGMOD International Conference on Management of Data. ACM, pp. 1\u201312 (2000)","DOI":"10.1145\/342009.335372"},{"key":"28_CR41","first-page":"9","volume":"31","author":"L Qin","year":"2005","unstructured":"Qin, L., Shi, Z.: Net flow association rules mining based on iceberg queries. Comput. Eng. 31, 9\u201311 (2005)","journal-title":"Comput. Eng."},{"key":"28_CR42","unstructured":"Wang, W.J., Liu, B.X.: Association rule-based network intrusion detection system. Hedianzixue Yu Tance Jishu\/Nuclear Electron. Detection Technol. 119\u2013123 (2015)"},{"key":"28_CR43","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"193","DOI":"10.1007\/978-3-319-15705-4_19","volume-title":"Intelligent Information and Database Systems","author":"M Kruczkowski","year":"2015","unstructured":"Kruczkowski, M., Niewiadomska-Szynkiewicz, E., Kozakiewicz, A.: FP-tree and SVM for malicious web campaign detection. In: Nguyen, N.T., Trawi\u0144ski, B., Kosala, R. (eds.) ACIIDS 2015. LNCS, vol. 9012, pp. 193\u2013201. Springer, Cham (2015). doi: 10.1007\/978-3-319-15705-4_19"},{"key":"28_CR44","doi-asserted-by":"crossref","unstructured":"Zheng, L.X., Xu, X.L., Li, J.: Malicious URL prediction based on community detection. In: International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications, pp. 1\u20137. IEEE (2015)","DOI":"10.1109\/SSIC.2015.7245681"},{"key":"28_CR45","doi-asserted-by":"crossref","unstructured":"Appavu, S., Rajaram, R.: Association rule mining for suspicious email detection: a data mining approach. In: Intelligence and Security Informatics, pp. 316\u2013323. IEEE (2007)","DOI":"10.1109\/ISI.2007.379491"},{"key":"28_CR46","doi-asserted-by":"crossref","unstructured":"Li, X., Dong, X., Wang, Y.: Malicious code forensics based on data mining. In: International Conference on Fuzzy Systems and Knowledge Discovery, pp. 978\u2013983. IEEE (2013)","DOI":"10.1109\/FSKD.2013.6816337"}],"container-title":["Lecture Notes in Computer Science","Network and System Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-64701-2_28","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,24]],"date-time":"2025-06-24T17:45:56Z","timestamp":1750787156000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-64701-2_28"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319647005","9783319647012"],"references-count":46,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-64701-2_28","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2017]]}}}