{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,3]],"date-time":"2025-09-03T10:08:23Z","timestamp":1756894103435},"publisher-location":"Berlin, Heidelberg","reference-count":24,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642029172"},{"type":"electronic","value":"9783642029189"}],"license":[{"start":{"date-parts":[[2009,1,1]],"date-time":"2009-01-01T00:00:00Z","timestamp":1230768000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-02918-9_2","type":"book-chapter","created":{"date-parts":[[2009,6,26]],"date-time":"2009-06-26T10:15:11Z","timestamp":1246011311000},"page":"21-37","source":"Crossref","is-referenced-by-count":4,"title":["How Good Are Malware Detectors at Remediating Infected Systems?"],"prefix":"10.1007","author":[{"given":"Emanuele","family":"Passerini","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Roberto","family":"Paleari","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lorenzo","family":"Martignoni","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"2_CR1","unstructured":"Symantec Inc.: Symantec internet security threat report: vol.\u00a0XIII. Technical report, Symantec Inc. (April 2008)"},{"key":"2_CR2","first-page":"375","volume-title":"Proceedings of the 14th ACM conference on Computer and communications security (CCS 2007)","author":"J. Franklin","year":"2007","unstructured":"Franklin, J., Perrig, A., Paxson, V., Savage, S.: An inquiry into the nature and causes of the wealth of internet miscreants. In: Proceedings of the 14th ACM conference on Computer and communications security (CCS 2007), pp. 375\u2013388. ACM, New York (2007)"},{"key":"2_CR3","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1109\/SP.2005.20","volume-title":"Proceedings of the 2005 IEEE Symposium on Security and Privacy (Oakland 2005)","author":"M. Christodorescu","year":"2005","unstructured":"Christodorescu, M., Jha, S., Seshia, S.A., Song, D., Bryant, R.E.: Semantics-aware malware detection. In: Proceedings of the 2005 IEEE Symposium on Security and Privacy (Oakland 2005), pp. 32\u201346. ACM Press, Oakland (2005)"},{"key":"2_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1007\/978-3-540-87403-4_5","volume-title":"Recent Advances in Intrusion Detection","author":"L. Martignoni","year":"2008","unstructured":"Martignoni, L., Stinson, E., Fredrikson, M., Jha, S., Mitchell, J.C.: A Layered Architecture for Detecting Malicious Behaviors. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol.\u00a05230, pp. 78\u201397. Springer, Heidelberg (2008)"},{"key":"2_CR5","unstructured":"NovaShield Inc.: NovaShield Anti-Malware, \n                    \n                      http:\/\/www.novashield.com\/"},{"key":"2_CR6","unstructured":"Sana Security: Primary Response SafeConnect, \n                    \n                      http:\/\/www.sanasecurity.com\/"},{"key":"2_CR7","unstructured":"PC Tools: ThreatFire AntiVirus \u2013 Behavioral Virus and Spyware Protection, \n                    \n                      http:\/\/www.threatfire.com\/"},{"key":"2_CR8","unstructured":"Slashdot: AVG virus scanner removes critical Windows file, \n                    \n                      http:\/\/tech.slashdot.org\/article.pl?sid=08\/11\/10\/2319209"},{"key":"2_CR9","unstructured":"Heise Media: Bitdefender and GData delete winlogon system file, \n                    \n                      http:\/\/www.h-online.com\/security\/Bitdefender-and-GData-delete-winlogon-system-file\u2013\/news\/112652"},{"key":"2_CR10","unstructured":"AMTSO: Fundamental principles of testing, \n                    \n                      http:\/\/www.amtso.org\/documents\/doc_download\/6-amtso-fundamental-principles-of-testing.html"},{"key":"2_CR11","unstructured":"Martignoni, L., Paleari, R.: WUSSTrace \u2013 a user-space syscall tracer for Microsoft Windows, \n                    \n                      http:\/\/security.dico.unimi.it\/projects.shtml"},{"key":"2_CR12","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-03811-6","volume-title":"Principles of Program Analysis","author":"F. Nielson","year":"1999","unstructured":"Nielson, F., Nielson, H.R., Hankin, C.L.: Principles of Program Analysis. Springer, Heidelberg (1999)"},{"key":"2_CR13","doi-asserted-by":"crossref","unstructured":"Agrawal, H., Horgan, J.R.: Dynamic Program Slicing. In: Proceedings of the ACM SIGPLAN 1990 Conference on Programming Language Design and Implementation, White Plains, NY, USA, June 1990, pp. 246\u2013256 (1990)","DOI":"10.1145\/93542.93576"},{"key":"2_CR14","volume-title":"The Art of Computer Virus Research and Defense","author":"P. Szor","year":"2005","unstructured":"Szor, P.: The Art of Computer Virus Research and Defense. Addison-Wesley Professional, Reading (2005)"},{"key":"2_CR15","unstructured":"Bayer, U., Kruegel, C., Kirda, E.: TTAnalyze: A Tool for Analyzing Malware. In: 15th Annual Conference of the European Institute for Computer Antivirus Research, EICAR (2006)"},{"issue":"2","key":"2_CR16","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1109\/MSP.2007.45","volume":"5","author":"C. Willems","year":"2007","unstructured":"Willems, C., Holz, T., Freiling, F.: Toward automated dynamic malware analysis using CWSandbox. IEEE Security & Privacy\u00a05(2), 32\u201339 (2007)","journal-title":"IEEE Security & Privacy"},{"key":"2_CR17","doi-asserted-by":"publisher","first-page":"231","DOI":"10.1109\/SP.2007.17","volume-title":"Proceeding of the 2007 IEEE Symposium on Security and Privacy","author":"A. Moser","year":"2007","unstructured":"Moser, A., Kruegel, C., Kirda, E.: Exploring Multiple Execution Paths for Malware Analysis. In: Proceeding of the 2007 IEEE Symposium on Security and Privacy, pp. 231\u2013245. IEEE Computer Society Press, Oakland (2007)"},{"key":"2_CR18","volume-title":"Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS","author":"H. Yin","year":"2007","unstructured":"Yin, H., Song, D., Egele, M., Kirda, E., Kruegel, C.: Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS. ACM, Alexandria (2007)"},{"key":"2_CR19","doi-asserted-by":"publisher","first-page":"257","DOI":"10.1109\/ACSAC.2006.16","volume-title":"Proceedings of the 22nd Annual Computer Security Applications Conference (ACSAC 2006)","author":"F. Hsu","year":"2006","unstructured":"Hsu, F., Chen, H., Ristenpart, T., Li, J., Su, Z.: Back to the Future: A Framework for Automatic Malware Removal and System Repair. In: ACSAC 2006, pp. 257\u2013268. IEEE Computer Society, Los Alamitos (2006)"},{"key":"2_CR20","doi-asserted-by":"publisher","first-page":"182","DOI":"10.1109\/CSAC.2003.1254323","volume-title":"Proceedings of the 19th Annual Computer Security Applications Conference (ACSAC 2003)","author":"Z. Liang","year":"2003","unstructured":"Liang, Z., Venkatakrishnan, V.N., Sekar, R.: Isolated Program Execution: An Application Transparent Approach for Executing Untrusted Programs. In: Proceedings of the 19th Annual Computer Security Applications Conference (ACSAC 2003), pp. 182\u2013191. IEEE Computer Society, Los Alamitos (2003)"},{"key":"2_CR21","doi-asserted-by":"publisher","first-page":"191","DOI":"10.1145\/1095810.1095829","volume-title":"Proceedings of the twentieth ACM symposium on Operating systems principles","author":"E.B. Nightingale","year":"2005","unstructured":"Nightingale, E.B., Chen, P.M., Flinn, J.: Speculative execution in a distributed file system. In: Proceedings of the twentieth ACM symposium on Operating systems principles, pp. 191\u2013205. ACM, New York (2005)"},{"issue":"4","key":"2_CR22","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1145\/1013886.1007518","volume":"29","author":"M. Christodorescu","year":"2004","unstructured":"Christodorescu, M., Jha, S.: Testing malware detectors. SIGSOFT Software Engineering Notes\u00a029(4), 34\u201344 (2004)","journal-title":"SIGSOFT Software Engineering Notes"},{"key":"2_CR23","unstructured":"Bruce, J.: The Challenge of Detecting and Removing Installed Threats. In: Virus Bulletin Conference (October 2006)"},{"key":"2_CR24","unstructured":"Morgenstern, M., Marx, A.: System Cleaning: Getting Rid of Malware from Infected PCs. In: Virus Bulletin Conference (June 2008)"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-02918-9_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2018,10,6]],"date-time":"2018-10-06T06:29:10Z","timestamp":1538807350000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-02918-9_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642029172","9783642029189"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-02918-9_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2009]]}}}