{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T14:24:59Z","timestamp":1742912699900,"version":"3.40.3"},"publisher-location":"Cham","reference-count":12,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319651262"},{"type":"electronic","value":"9783319651279"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-65127-9_17","type":"book-chapter","created":{"date-parts":[[2017,8,5]],"date-time":"2017-08-05T03:35:53Z","timestamp":1501904153000},"page":"211-222","source":"Crossref","is-referenced-by-count":0,"title":["Malware Analysis and Detection via Activity Trees in User-Dependent Environment"],"prefix":"10.1007","author":[{"given":"Arnur","family":"Tokhtabayev","sequence":"first","affiliation":[]},{"given":"Anton","family":"Kopeikin","sequence":"additional","affiliation":[]},{"given":"Nurlan","family":"Tashatov","sequence":"additional","affiliation":[]},{"given":"Dina","family":"Satybaldina","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,8,6]]},"reference":[{"key":"17_CR1","doi-asserted-by":"crossref","unstructured":"Cohen, F.: Computer viruses theory and experiments, Computers and Security, v. 6 (1987)","DOI":"10.1016\/0167-4048(87)90122-2"},{"key":"17_CR2","unstructured":"Malware Statistics Report by AV-Test Institute. \nhttps:\/\/www.av-test.org\/en\/statistics\/malware\/"},{"key":"17_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"698","DOI":"10.1007\/978-3-642-15497-3_42","volume-title":"Computer Security \u2013 ESORICS 2010","author":"AG Tokhtabayev","year":"2010","unstructured":"Tokhtabayev, A.G., Skormin, V.A., Dolgikh, A.M.: Expressive, efficient and obfuscation resilient behavior based IDS. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 698\u2013715. Springer, Heidelberg (2010). doi:\n10.1007\/978-3-642-15497-3_42"},{"key":"17_CR4","doi-asserted-by":"crossref","unstructured":"Tokhtabayev, A., Skormin, V., Dolgikh, A.: Detection of worm propagation engines in the system call domain using colored petri nets. In: Proceedings of the IEEE IPCCC \u201907, USA, December 2008","DOI":"10.1109\/PCCC.2008.4745108"},{"key":"17_CR5","doi-asserted-by":"crossref","unstructured":"Jensen, K.: Coloured Petri nets (2nd ed.): basic concepts, analysis methods and practical use, vol. 1. Springer, Berlin (1996)","DOI":"10.1007\/978-3-662-03241-1"},{"key":"17_CR6","doi-asserted-by":"crossref","unstructured":"Bernaschi, M., Grabrielli, E., Mancini, L.: Operating system enhancements to prevent the misuse of system calls. In: Proceedings of the ACM CCS 2000, pp. 174\u2013183 (2000)","DOI":"10.1145\/352600.352624"},{"key":"17_CR7","unstructured":"Kang, D., Fuller, D., Honavar, V.: Learning classifiers for misuse and anomaly detection using a bag of system calls representation. In: Proceedings of the 6th IEEE Systems Man and Cybernetics Information Assurance Workshop (IAW), pp. 118\u2013125 (2005)"},{"key":"17_CR8","doi-asserted-by":"crossref","unstructured":"Skormin, V., Volynkin, A., et al.: Run-Time detection of malicious self-replication in binary executables. J. Comput. Secur. 15(2), pp. 273\u2013301 (2007)","DOI":"10.3233\/JCS-2007-15203"},{"key":"17_CR9","doi-asserted-by":"crossref","unstructured":"Bayer, U., et al.: Dynamic analysis of malicious code. J. Comput. Virol. 2(1), 67\u201377 (2006)","DOI":"10.1007\/s11416-006-0012-2"},{"key":"17_CR10","doi-asserted-by":"crossref","unstructured":"Christodorescu, M., Jha, S., Kruegel, C.: Mining specifications of malicious behavior. In: Proceedings of the ESEC-FSE\u201907, NY, USA (2007)","DOI":"10.1145\/1287624.1287628"},{"key":"17_CR11","unstructured":"Kouznetsov, V.: US Patent 6973577 B1: System and Method for Dynamically Detecting Computer Viruses Through Associative Behavioral Analysis of Runtime State, 6 December 2005"},{"key":"17_CR12","doi-asserted-by":"crossref","unstructured":"Martignoni, L., et al.: A layered architecture for detecting malicious behaviors. In: Proceedings of the RAID 2008 (2008)","DOI":"10.1007\/978-3-540-87403-4_5"}],"container-title":["Lecture Notes in Computer Science","Computer Network Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-65127-9_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,8,8]],"date-time":"2017-08-08T14:27:13Z","timestamp":1502202433000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-65127-9_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319651262","9783319651279"],"references-count":12,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-65127-9_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2017]]}}}