{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,28]],"date-time":"2025-11-28T04:46:40Z","timestamp":1764305200899,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":42,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642140808"},{"type":"electronic","value":"9783642140815"}],"license":[{"start":{"date-parts":[[2010,1,1]],"date-time":"2010-01-01T00:00:00Z","timestamp":1262304000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2010,1,1]],"date-time":"2010-01-01T00:00:00Z","timestamp":1262304000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-14081-5_23","type":"book-chapter","created":{"date-parts":[[2010,9,24]],"date-time":"2010-09-24T16:22:49Z","timestamp":1285345369000},"page":"370-390","source":"Crossref","is-referenced-by-count":36,"title":["Pattern Recognition Techniques for the Classification of Malware Packers"],"prefix":"10.1007","author":[{"given":"Li","family":"Sun","sequence":"first","affiliation":[]},{"given":"Steven","family":"Versteeg","sequence":"additional","affiliation":[]},{"given":"Serdar","family":"Bozta\u015f","sequence":"additional","affiliation":[]},{"given":"Trevor","family":"Yann","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"23_CR1","unstructured":"The WildList Organization International: WildList, http:\/\/www.wildlist.org\/"},{"key":"23_CR2","unstructured":"Brosch, T., Morgenstern, M.: Runtime Packers: The hidden problem? Black Hat USA (2006), http:\/\/www.blackhat.com\/presentations\/bh-usa-06\/BH-US-06-Morgenstern.pdf"},{"key":"23_CR3","unstructured":"Bustamante, P.: Mal(ware)formation Statistics (2007), http:\/\/research.pandasecurity.com\/malwareformation-statistics\/"},{"key":"23_CR4","unstructured":"Morgenstern, M., Marx, A.: Runtime Packer Testing Experiences. In: 2nd International CARO Workshop (2008), www.datasecurity-event.com\/uploads\/runtimepacker.ppt"},{"key":"23_CR5","unstructured":"Ebringer, T., Sun, L., Bozta\u015f, S.: A Fast Randomness Test that Preserves Local Detail. In: Proceedings of 18th Virus Bulletin International Conference, pp. 34\u201342 (2008)"},{"key":"23_CR6","unstructured":"Pietrek, M.: An In-depth Look into the Win32 Portable Executable File Format (2002), http:\/\/msdn.microsoft.com\/msdnmag\/issue\/02\/02\/PE\/print.asp"},{"key":"23_CR7","unstructured":"Ferrie, P.: Anti-unpacker Tricks Current. In: 2nd International CARO Workshop (2008), http:\/\/www.datasecurity-event.com\/uploads\/unpackers.pdf"},{"key":"23_CR8","unstructured":"Ferrie, P.: Anti-unpacker Tricks 2 Part One. Virus Bulletin, 4\u20138 (December 2008)"},{"key":"23_CR9","unstructured":"Ferrie, P.: Anti-unpacker Tricks 2 Part Two. Virus Bulletin, 4\u20139 (January 2009)"},{"key":"23_CR10","unstructured":"Ferrie, P.: Anti-unpacker Tricks 2 Part Three. Virus Bulletin, 4\u20139 (Febuary 2009)"},{"key":"23_CR11","doi-asserted-by":"crossref","unstructured":"Ferrie, P.: Anti-unpacker Tricks 2 Part Tour. Virus Bulletin, 4\u20137 (March 2009)","DOI":"10.1016\/S1464-2859(09)70202-0"},{"key":"23_CR12","unstructured":"VMware workstation, http:\/\/www.vmware.com\/products\/ws\/"},{"key":"23_CR13","unstructured":"PEiD, http:\/\/www.peid.info\/"},{"key":"23_CR14","unstructured":"Carrera, E.: pefile, http:\/\/code.google.com\/p\/pefile\/"},{"key":"23_CR15","unstructured":"Kephart, J.O., Sorkin, G.B., Arnold, W.C., Chess, D.M., Tesauro, G.J., White, S.R.: Biologically Inspired Defenses against Computer Viruses. In: Proceedings of the Fourteenth International Joint Conference on Artificial Intelligence, pp. 985\u2013996 (1995)"},{"issue":"4","key":"23_CR16","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1109\/64.511768","volume":"11","author":"G.J. Tesauro","year":"1996","unstructured":"Tesauro, G.J., Kephart, J.O., Sorkin, G.B.: Neural Networks for Computer Virus Recognition. IEEE Expert\u00a011(4), 5\u20136 (1996)","journal-title":"IEEE Expert"},{"key":"23_CR17","unstructured":"Siddiqui, M.A.: Data Mining Methods for Malware Detection. Master\u2019s thesis, University of Central Florida, Orlando (2008)"},{"key":"23_CR18","unstructured":"Kolter, J.Z., Maloof, M.A.: Learning to Detect and Classify Malicious Executables in the Wild. JMLR\u00a07, 2699\u20132720 (2006)"},{"key":"23_CR19","doi-asserted-by":"crossref","unstructured":"Schultz, M.G., Eskin, E., Zadok, E., Stolfo, S.J.: Data Mining Methods for Detection of New Malicious Executables. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 38\u201349 (2001)","DOI":"10.1109\/SECPRI.2001.924286"},{"key":"23_CR20","unstructured":"Cohen, W.W.: Learning Rules that Classify E-mail. In: Proceedings of the AAAI Spring Symposium on Machine Learning in Information Access, pp. 18\u201325 (1996)"},{"key":"23_CR21","unstructured":"Sahami, M., Dumais, S., Heckerman, D., Horvitz, E.: A Bayesian Approach to Filtering Junk E-mail. AAAI Technical Report WS-98-05, pp. 55\u201362 (1998)"},{"key":"23_CR22","unstructured":"Androutsopoulos, I., Paliouras, G., Karkaletsis, V., Sakkis, G., Spyropoulos, C.D., Stamatopoulos, P.: Learning to Filter Spam E-mail: A Comparison of a Naive Bayesian and a Memory-based Approach. In: Proceedings of Workshop on Machine Learning and Textual Information Access, 4th European Conference on Principles and Practice of Knowledge Discovery in Databases (PKDD), pp. 1\u201313 (2000)"},{"key":"23_CR23","doi-asserted-by":"crossref","unstructured":"Androutsopoulos, I., Koutsias, J., Chandrinos, K.V., Spyropoulos, C.D.: An Experimental Comparison of Naive Bayesian and Keyword-based Anti-spam Filtering with Encrypted Personal Messages. In: Proceedings of the 23rd Annual International ACM SIGIR Conference on Research and Development in Information Retrieval, pp. 160\u2013167 (2000)","DOI":"10.1145\/345508.345569"},{"issue":"14","key":"23_CR24","doi-asserted-by":"publisher","first-page":"1941","DOI":"10.1016\/j.patrec.2008.06.016","volume":"29","author":"R. Perdisci","year":"2008","unstructured":"Perdisci, R., Lanzi, A., Lee, W.: Classification of Packed Executables for Accurate Computer Virus Detection. Pattern Recognition Letters\u00a029(14), 1941\u20131946 (2008)","journal-title":"Pattern Recognition Letters"},{"key":"23_CR25","volume-title":"Introduction to Modern Information Retrieval","author":"G. Salton","year":"1983","unstructured":"Salton, G., McGill, M.J.: Introduction to Modern Information Retrieval. McGraw-Hill Book Co., New York (1983)"},{"key":"23_CR26","volume-title":"Information Retrieval: Data Structures and Algorithms","author":"W.B. Frakes","year":"1992","unstructured":"Frakes, W.B., Baeza-Yates, R.: Information Retrieval: Data Structures and Algorithms. Prentice Hall, Englewood Cliffs (1992)"},{"key":"23_CR27","unstructured":"van Rijsbergen, C.J.: Information Retrieval, Butterworths (1979)"},{"key":"23_CR28","unstructured":"Syring, K.M.: GNU Utilities for Win32 (2004), http:\/\/unxutils.sourceforge.net\/"},{"key":"23_CR29","volume-title":"Data Mining: Practical Machine Learning Tools and Techniques","author":"I.H. Witten","year":"2005","unstructured":"Witten, I.H., Frank, E.: Data Mining: Practical Machine Learning Tools and Techniques, 2nd edn. Morgan Kaufmann, San Francisco (2005)","edition":"2"},{"key":"23_CR30","unstructured":"Holmes, G., Donkin, A., Witten, I.H.: Weka: A Machine Learning Workbench. In: Proceedings of 2nd Australia and New Zealand Conference on Intelligent Information Systems, Brisbane, Australia (1994)"},{"key":"23_CR31","unstructured":"Weka, http:\/\/www.cs.waikato.ac.nz\/~ml\/weka\/"},{"key":"23_CR32","unstructured":"Kohavi, R.: A Study of Cross-Validation and Bootstrap for Accuracy Estimation and Model Selection. In: IJCAI, pp. 1137\u20131145 (1995)"},{"key":"23_CR33","unstructured":"Chou, Y.Y., Shapiro, L.G.: A Hierarchical Multiple Classifier Learning Algorithm. In: Proceedings of 15th International Conference on Pattern Recognition (ICPR 2000), vol.\u00a02, pp. 2152\u20132155 (2000)"},{"key":"23_CR34","unstructured":"Tan, P.N., Steinbach, M., Kumar, V.: Introduction to Data Mining. Pearson Education, Inc., London (2006)"},{"key":"23_CR35","unstructured":"Zhang, H.: The Optimality of Naive Bayes. In: FLAIRS Conf. (2004)"},{"issue":"1","key":"23_CR36","first-page":"37","volume":"6","author":"D.W. Aha","year":"1991","unstructured":"Aha, D.W., Kibler, D., Albert, M.K.: Instance-based Learning Algorithms. Machine Learning\u00a06(1), 37\u201366 (1991)","journal-title":"Machine Learning"},{"key":"23_CR37","doi-asserted-by":"publisher","first-page":"121","DOI":"10.1023\/A:1009715923555","volume":"2","author":"C.J.C. Burges","year":"1998","unstructured":"Burges, C.J.C.: A Tutorial on Support Vector Machines for Pattern Recognition. Data Mining and Knowledge Discovery\u00a02, 121\u2013167 (1998)","journal-title":"Data Mining and Knowledge Discovery"},{"key":"23_CR38","unstructured":"Platt, J.C.: Sequential Minimal Optimization: A Fast Algorithm for Training Support Vector Machines. Microsoft Research (1998)"},{"issue":"1","key":"23_CR39","first-page":"81","volume":"1","author":"J.R. Quinlan","year":"1986","unstructured":"Quinlan, J.R.: Induction of Decision Trees. Machine Learning\u00a01(1), 81\u2013106 (1986)","journal-title":"Machine Learning"},{"key":"23_CR40","unstructured":"Shi, H.J.: Best-first Decision Tree Learning. Master\u2019s thesis, The University of Waikato (2007)"},{"key":"23_CR41","volume-title":"C4.5: Programs for Machine Learning","author":"J.R. Quinlan","year":"1993","unstructured":"Quinlan, J.R.: C4.5: Programs for Machine Learning. Morgan Kaufmann, San Francisco (1993)"},{"key":"23_CR42","volume-title":"Classification and Regression Trees","author":"L. Breiman","year":"1984","unstructured":"Breiman, L., Friedman, J., Stone, C.J., Olshen, R.A.: Classification and Regression Trees. Wadsworth, Monterey (1984)"}],"container-title":["Lecture Notes in Computer Science","Information Security and Privacy"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-14081-5_23","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,2,26]],"date-time":"2025-02-26T01:44:36Z","timestamp":1740534276000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-642-14081-5_23"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642140808","9783642140815"],"references-count":42,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-14081-5_23","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2010]]}}}