{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,16]],"date-time":"2026-03-16T09:30:02Z","timestamp":1773653402108,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":22,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642166112","type":"print"},{"value":"9783642166129","type":"electronic"}],"license":[{"start":{"date-parts":[[2010,1,1]],"date-time":"2010-01-01T00:00:00Z","timestamp":1262304000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-16612-9_14","type":"book-chapter","created":{"date-parts":[[2010,11,17]],"date-time":"2010-11-17T06:45:14Z","timestamp":1289976314000},"page":"168-182","source":"Crossref","is-referenced-by-count":22,"title":["Behavior Abstraction in Malware Analysis"],"prefix":"10.1007","author":[{"given":"Philippe","family":"Beaucamps","sequence":"first","affiliation":[]},{"given":"Isabelle","family":"Gnaedig","sequence":"additional","affiliation":[]},{"given":"Jean-Yves","family":"Marion","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"14_CR1","unstructured":"DynamoRIO, http:\/\/dynamorio.org"},{"key":"14_CR2","unstructured":"OpenFST, http:\/\/www.openfst.org\/"},{"key":"14_CR3","unstructured":"Pin, http:\/\/www.pintool.org"},{"key":"14_CR4","first-page":"891","volume-title":"IEEE Conference on Local Computer Networks","author":"M. Apel","year":"2009","unstructured":"Apel, M., Bockermann, C., Meier, M.: Measuring similarity of malware behavior. In: IEEE Conference on Local Computer Networks, pp. 891\u2013898. IEEE, Los Alamitos (October 2009)"},{"key":"14_CR5","unstructured":"Beaucamps, P., Gnaedig, I., Marion, J.-Y.: Behavior Abstraction in Malware Analysis - Extended Version. HAL-INRIA Open Archive Number inria-00509486"},{"key":"14_CR6","unstructured":"Bergeron, J., Debbabi, M., Desharnais, J., Erhioui, M., Lavoie, Y., Tawbi, N.: Static detection of malicious code in executable programs. In: Symposium on Requirements Engineering for Information Security (2001)"},{"key":"14_CR7","doi-asserted-by":"crossref","unstructured":"Bonfante, G., Kaczmarek, M., Marion, J.-Y.: Architecture of a morphological malware detector. Journal in Computer Virology (2008)","DOI":"10.1007\/s11416-008-0102-4"},{"key":"14_CR8","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1007\/978-0-387-68768-1_4","volume":"36","author":"D. Brumley","year":"2008","unstructured":"Brumley, D., Hartwig, C., Liang, Z., Newsome, J., Song, D., Yin, H.: Automatically identifying trigger-based behavior in malware. Botnet Detection\u00a036, 65\u201388 (2008)","journal-title":"Botnet Detection"},{"key":"14_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"129","DOI":"10.1007\/11790754_8","volume-title":"Detection of Intrusions and Malware & Vulnerability Assessment","author":"D. Bruschi","year":"2006","unstructured":"Bruschi, D., Martignoni, L., Monga, M.: Detecting self-mutating malware using control-flow graph matching. In: B\u00fcschkes, R., Laskov, P. (eds.) DIMVA 2006. LNCS, vol.\u00a04064, pp. 129\u2013143. Springer, Heidelberg (2006)"},{"key":"14_CR10","first-page":"32","volume-title":"IEEE Symposium on Security and Privacy","author":"M. Christodorescu","year":"2005","unstructured":"Christodorescu, M., Jha, S., Seshia, S.A., Song, D., Bryant, R.E.: Semantics-aware malware detection. In: IEEE Symposium on Security and Privacy, pp. 32\u201346. IEEE Computer Society, Los Alamitos (2005)"},{"issue":"1","key":"14_CR11","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1016\/0167-4048(87)90122-2","volume":"6","author":"F. Cohen","year":"1987","unstructured":"Cohen, F.: Computer viruses: Theory and experiments. Computers and Security\u00a06(1), 22\u201335 (1987)","journal-title":"Computers and Security"},{"key":"14_CR12","unstructured":"Dullien, T., Rolles, R.: Graph-based comparison of executable objects. In: Symposium sur la S\u00e9curit\u00e9 des Technologies de l\u2019Information et des T\u00e9l\u00e9communications (2005)"},{"key":"14_CR13","first-page":"169","volume":"72","author":"J. Esparza","year":"2000","unstructured":"Esparza, J., Rossmanith, P., Schwoon, S.: A uniform framework for problems on context-free grammars. Bulletin of the EATCS\u00a072, 169\u2013177 (2000)","journal-title":"Bulletin of the EATCS"},{"key":"14_CR14","unstructured":"Godefroid, P., Levin, M.Y., Molnar, D.: Automated whitebox fuzz testing. In: Network Distributed Security Symposium, Internet Society (2008)"},{"key":"14_CR15","volume-title":"Semantics of Programming Languages: Structures and Techniques","author":"C.A. Gunter","year":"1992","unstructured":"Gunter, C.A.: Semantics of Programming Languages: Structures and Techniques. MIT Press, Cambridge (1992)"},{"key":"14_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"81","DOI":"10.1007\/978-3-642-04342-0_5","volume-title":"International Symposium on Recent Advances in Intrusion Detection","author":"G. Jacob","year":"2009","unstructured":"Jacob, G., Debar, H., Filiol, E.: Malware behavioral detection by attribute-automata using abstraction from platform and language. In: Balzarotti, D. (ed.) RAID 2009. LNCS, vol.\u00a05758, pp. 81\u2013100. Springer, Heidelberg (2009)"},{"key":"14_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"174","DOI":"10.1007\/11506881_11","volume-title":"Intrusion and Malware Detection and Vulnerability Assessment","author":"J. Kinder","year":"2005","unstructured":"Kinder, J., Katzenbeisser, S., Schallhart, C., Veith, H.: Detecting malicious code by model checking. In: Julisch, K., Kr\u00fcgel, C. (eds.) DIMVA 2005. LNCS, vol.\u00a03548, pp. 174\u2013187. Springer, Heidelberg (2005)"},{"key":"14_CR18","unstructured":"Charlier, B.L., Mounji, A., Swimmer, M.: Dynamic detection and classification of computer viruses using general behaviour patterns. In: International Virus Bulletin Conference, pp. 1\u201322 (1995)"},{"key":"14_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1007\/978-3-540-87403-4_5","volume-title":"Recent Advances in Intrusion Detection","author":"L. Martignoni","year":"2008","unstructured":"Martignoni, L., Stinson, E., Fredrikson, M., Jha, S., Mitchell, J.C.: A layered architecture for detecting malicious behaviors. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol.\u00a05230, pp. 78\u201397. Springer, Heidelberg (2008)"},{"key":"14_CR20","first-page":"231","volume-title":"IEEE Symposium on Security and Privacy","author":"A. Moser","year":"2007","unstructured":"Moser, A., Kruegel, C., Kirda, E.: Exploring multiple execution paths for malware analysis. In: IEEE Symposium on Security and Privacy, pp. 231\u2013245. IEEE Computer Society, Los Alamitos (2007)"},{"key":"14_CR21","first-page":"144","volume-title":"IEEE Symposium on Security and Privacy","author":"R. Sekar","year":"2001","unstructured":"Sekar, R., Bendre, M., Dhurjati, D., Bollineni, P.: A fast automaton-based method for detecting anomalous program behaviors. In: IEEE Symposium on Security and Privacy, pp. 144\u2013155. IEEE Computer Society, Los Alamitos (2001)"},{"key":"14_CR22","first-page":"298","volume-title":"Information Assurance Workshop","author":"P.K. Singh","year":"2003","unstructured":"Singh, P.K., Lakhotia, A.: Static verification of worm and virus behavior in binary executables using model checking. In: Information Assurance Workshop, pp. 298\u2013300. IEEE Press, Los Alamitos (2003)"}],"container-title":["Lecture Notes in Computer Science","Runtime Verification"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-16612-9_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,6]],"date-time":"2019-06-06T05:57:34Z","timestamp":1559800654000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-16612-9_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642166112","9783642166129"],"references-count":22,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-16612-9_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2010]]}}}