{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,17]],"date-time":"2026-02-17T14:15:29Z","timestamp":1771337729137,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":27,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642107719","type":"print"},{"value":"9783642107726","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-10772-6_14","type":"book-chapter","created":{"date-parts":[[2009,11,13]],"date-time":"2009-11-13T07:37:49Z","timestamp":1258097869000},"page":"178-192","source":"Crossref","is-referenced-by-count":29,"title":["A Framework for Behavior-Based Malware Analysis in the Cloud"],"prefix":"10.1007","author":[{"given":"Lorenzo","family":"Martignoni","sequence":"first","affiliation":[]},{"given":"Roberto","family":"Paleari","sequence":"additional","affiliation":[]},{"given":"Danilo","family":"Bruschi","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"14_CR1","unstructured":"Bayer, U., Kruegel, C., Kirda, E.: TTAnalyze: A Tool for Analyzing Malware. In: Proceedings of the Annual Conference of the European Institute for Computer Antivirus Research (2006)"},{"key":"14_CR2","doi-asserted-by":"crossref","unstructured":"Martignoni, L., Stinson, E., Fredrikson, M., Jha, S., Mitchell, J.C.: A Layered Architecture for Detecting Malicious Behaviors. In: Proceedings of the International Symposium on Recent Advances in Intrusion Detection (2008)","DOI":"10.1007\/978-3-540-87403-4_5"},{"key":"14_CR3","doi-asserted-by":"crossref","unstructured":"Yin, H., Song, D., Egele, M., Kirda, E., Kruegel, C.: Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis. In: Proceedings of the Conference on Computer and Communications Security (2007)","DOI":"10.1145\/1315245.1315261"},{"key":"14_CR4","unstructured":"NovaShield: \n                    \n                      http:\/\/www.novashield.com\/"},{"key":"14_CR5","unstructured":"Panda Security: True Prevent, \n                    \n                      http:\/\/research.pandasecurity.com\/archive\/How-TruPrevent-Works-_2800_I_2900_.aspx"},{"key":"14_CR6","unstructured":"Sana Security: \n                    \n                      http:\/\/www.sanasecurity.com\/"},{"key":"14_CR7","doi-asserted-by":"crossref","unstructured":"Moser, A., Kruegel, C., Kirda, E.: Exploring Multiple Execution Paths for Malware Analysis. In: Proceeding of the IEEE Symposium on Security and Privacy (2007)","DOI":"10.1109\/SP.2007.17"},{"key":"14_CR8","unstructured":"Brumley, D., Hartwig, C., Liang, Z., Newsome, J., Song, D., Yin, H.: Towards Automatically Identifying Trigger-based Behavior in Malware using Symbolic Execution and Binary Analysis. Technical Report CMU-CS-07-105, Carnegie Mellon University (2007)"},{"key":"14_CR9","unstructured":"Chabbi, M.: Efficient Taint Analysis Using Multicore Machines. Master\u2019s thesis, University of Arizona (2007)"},{"key":"14_CR10","doi-asserted-by":"crossref","unstructured":"Nightingale, E.B., Peek, D., Chen, P.M., Flinn, J.: Parallelizing security checks on commodity hardware. In: Proceedings of the international Conference on Architectural Support for Programming Languages and Operating Systems (2008)","DOI":"10.1145\/1346281.1346321"},{"key":"14_CR11","doi-asserted-by":"crossref","unstructured":"Ho, A., Fetterman, M., Clark, C., Warfield, A., Hand, S.: Practical Taint-based Protection Using Demand Emulation. In: Proceedings of the EuroSys Conference (2006)","DOI":"10.1145\/1217935.1217939"},{"key":"14_CR12","unstructured":"F-Secure: Trojan Information Pages: Bancos.VE, \n                    \n                      http:\/\/www.f-secure.com\/v-descs\/bancos_ve.shtml"},{"key":"14_CR13","unstructured":"NoAH Consortium: Containment environment design. Technical report, European Network of Affined Honeypots (2006)"},{"key":"14_CR14","unstructured":"Goldberg, I., Wagner, D., Thomas, R., Brewer, E.A.: A Secure Environment for Untrusted Helper Applications. In: Proceedings of the USENIX Security Symposium (1996)"},{"key":"14_CR15","volume-title":"Rootkits: Subverting the Windows Kernel","author":"G. Hoglund","year":"2006","unstructured":"Hoglund, G., Butler, J.: Rootkits: Subverting the Windows Kernel. Addison-Wesley, Reading (2006)"},{"key":"14_CR16","volume-title":"Microsoft Windows Internals","author":"M. Russinovich","year":"2004","unstructured":"Russinovich, M., Solomon, D.: Microsoft Windows Internals, 4th edn. Microsoft Press, Redmond (2004)","edition":"4"},{"key":"14_CR17","unstructured":"Cendio: SeamlessRDP \u2013 Seamless Windows Support for rdesktop, \n                    \n                      http:\/\/www.cendio.com\/seamlessrdp\/"},{"key":"14_CR18","unstructured":"Sun, W., Liang, Z., Sekar, R., Venkatakrishnan, V.N.: One-way Isolation: An Effective Approach for Realizing Safe Execution Environments. In: Proceedings of the Symposium on Network and Distributed Systems Security (2005)"},{"key":"14_CR19","doi-asserted-by":"crossref","unstructured":"Cavallaro, L., Saxena, P., Sekar, R.: On the Limits of Information Flow Techniques for Malware Analysis and Containment. In: Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (2008)","DOI":"10.1007\/978-3-540-70542-0_8"},{"key":"14_CR20","unstructured":"Sharif, M., Lanzi, A., Giffin, J., Lee, W.: Impeding Malware Analysis Using Conditional Code Obfuscation. In: Proceedings of the Annual Network and Distributed System Security Symposium (2008)"},{"key":"14_CR21","unstructured":"Porras, P., Saidi, H., Yegneswaran, V.: An Analysis of Conficker\u2019s Logic and Rendezvous Points. Technical report, SRI International (2009)"},{"key":"14_CR22","doi-asserted-by":"crossref","unstructured":"Dinaburg, A., Royal, P., Sharif, M., Lee, W.: Ether: Malware Analysis via Hardware Virtualization Extensions. In: Proceedings of the Conference on Computer and communications security (2008)","DOI":"10.1145\/1455770.1455779"},{"key":"14_CR23","unstructured":"Oberheide, J., Cooke, E., Jahanian, F.: CloudAV: N-Version Antivirus in the Network Cloud. In: Proceedings of the USENIX Security Symposium (2008)"},{"key":"14_CR24","unstructured":"Panda Security: From Traditional Antivirus to Collective Intelligence (2007)"},{"key":"14_CR25","doi-asserted-by":"crossref","unstructured":"Willems, C., Holz, T., Freiling, F.: Toward automated dynamic malware analysis using CWSandbox. IEEE Security and Privacy (2007)","DOI":"10.1109\/MSP.2007.45"},{"key":"14_CR26","unstructured":"Livny, M., Basney, J., Raman, R., Tannenbaum, T.: Mechanisms for High Throughput Computing. SPEEDUP Journal (1997)"},{"key":"14_CR27","unstructured":"VirtualSquare: Remote System Call, \n                    \n                      http:\/\/wiki.virtualsquare.org\/index.php\/Remote_System_Call"}],"container-title":["Lecture Notes in Computer Science","Information Systems Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-10772-6_14.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,30]],"date-time":"2021-04-30T11:40:42Z","timestamp":1619782842000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-10772-6_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642107719","9783642107726"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-10772-6_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2009]]}}}