{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,20]],"date-time":"2025-02-20T23:58:18Z","timestamp":1740095898668,"version":"3.37.3"},"publisher-location":"Berlin, Heidelberg","reference-count":20,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642168246"},{"type":"electronic","value":"9783642168253"}],"license":[{"start":{"date-parts":[[2010,1,1]],"date-time":"2010-01-01T00:00:00Z","timestamp":1262304000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-16825-3_14","type":"book-chapter","created":{"date-parts":[[2010,11,2]],"date-time":"2010-11-02T09:30:44Z","timestamp":1288690244000},"page":"199-216","source":"Crossref","is-referenced-by-count":3,"title":["A Generic Binary Analysis Method for Malware"],"prefix":"10.1007","author":[{"given":"Tomonori","family":"Izumida","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kokichi","family":"Futatsugi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Akira","family":"Mori","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"14_CR1","unstructured":"Ananian, C.S.: The static single information form. Tech. Rep. MIT-LCS-TR-801, Laboratory for Computer Science, Massachusetts Institute of Technology (September 1999), http:\/\/www.lcs.mit.edu\/specpub.php?id=1340"},{"key":"14_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1007\/978-3-540-24723-4_2","volume-title":"Compiler Construction","author":"G. Balakrishnan","year":"2004","unstructured":"Balakrishnan, G., Reps, T.: Analyzing memory accesses in x86 executables. In: Duesterwald, E. (ed.) CC 2004. LNCS, vol.\u00a02985, pp. 5\u201323. Springer, Heidelberg (2004)"},{"key":"14_CR3","doi-asserted-by":"crossref","unstructured":"Ballance, R.A., Maccabe, A.B., Ottenstein, K.J.: The program dependence web: a representation supporting control-, data-, and demand-driven interpretation of imperative languages. In: Proceedings of the ACM SIGPLAN 1990 Conference on Programming Language Design and Implementation, pp. 257\u2013271 (1990)","DOI":"10.1145\/93548.93578"},{"key":"14_CR4","unstructured":"Brumley, D.: Analysis and Defense of Vulnerabilities in Binary Code. Ph.D. thesis, School of Computer Science, Carnegie Mellon University (2008)"},{"key":"14_CR5","unstructured":"Brumley, D., Hartwig, C., Liang, Z., Newsome, J., Poosankam, P., Song, D., Yin, H.: Automatically identifying trigger-based behavior in malware. In: Lee, W., et al. (eds.) Botnet Analysis and Defense (2007)"},{"issue":"2-3","key":"14_CR6","doi-asserted-by":"publisher","first-page":"171","DOI":"10.1016\/S0167-6423(01)00014-4","volume":"40","author":"C. Cifuentes","year":"2001","unstructured":"Cifuentes, C., Van Emmerik, M.: Recovery of jump table case statements from binary code. Science of Computer Programming\u00a040(2-3), 171\u2013188 (2001)","journal-title":"Science of Computer Programming"},{"key":"14_CR7","first-page":"61","volume-title":"IEEE Symposium on Security and Privacy","author":"P.M. Comparetti","year":"2010","unstructured":"Comparetti, P.M., Salvaneschi, G., Kirda, E., Kolbitsch, C., Kruegel, C., Zanero, S.: Identifying dormant functionality in malware programs. In: IEEE Symposium on Security and Privacy, pp. 61\u201376. IEEE Computer Society, Los Alamitos (2010)"},{"issue":"4","key":"14_CR8","doi-asserted-by":"publisher","first-page":"451","DOI":"10.1145\/115372.115320","volume":"13","author":"R. Cytron","year":"1991","unstructured":"Cytron, R., Ferrante, J., Rosen, B.K., Wegman, M.N., Zadeck, F.K.: Efficiently computing static single assignment form and the control dependence graph. ACM Transactions on Programming Languages and Systems\u00a013(4), 451\u2013490 (1991)","journal-title":"ACM Transactions on Programming Languages and Systems"},{"key":"14_CR9","doi-asserted-by":"publisher","first-page":"51","DOI":"10.1145\/1455770.1455779","volume-title":"CCS 2008: Proceedings of the 15th ACM Conference on Computer and Communications Security","author":"A. Dinaburg","year":"2008","unstructured":"Dinaburg, A., Royal, P., Sharif, M., Lee, W.: Ether: malware analysis via hardware virtualization extensions. In: CCS 2008: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 51\u201362. ACM, New York (2008)"},{"key":"14_CR10","doi-asserted-by":"crossref","unstructured":"Hashimoto, M., Mori, A.: Diff\/TS: A tool for fine-grained structural change analysis. In: Proceedings of the 15th Working Conference on Reverse Engineering, WCRE (2008)","DOI":"10.1109\/WCRE.2008.44"},{"key":"14_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"226","DOI":"10.1007\/978-3-540-37621-7_12","volume-title":"Software Security - Theories and Systems","author":"A. Mori","year":"2004","unstructured":"Mori, A.: Detecting unknown computer viruses \u2013 a new approach. In: Futatsugi, K., Mizoguchi, F., Yonezaki, N. (eds.) ISSS 2003. LNCS, vol.\u00a03233, pp. 226\u2013241. Springer, Heidelberg (2004)"},{"key":"14_CR12","doi-asserted-by":"crossref","unstructured":"Mori, A., Izumida, T., Sawada, T., Inoue, T.: A tool for analyzing and detecting malicious mobile code. In: Proceedings of the 28th International Conference on Software Engineering (ICSE 2006), pp. 831\u2013834 (2006)","DOI":"10.1145\/1134285.1134426"},{"key":"14_CR13","doi-asserted-by":"crossref","unstructured":"Moser, A., Kruegel, C., Kirda, E.: Exploring multiple execution paths for malware analysis. In: IEEE Symposium on Security and Privacy, SP 2007, pp. 231\u2013245 (2007)","DOI":"10.1109\/SP.2007.17"},{"key":"14_CR14","doi-asserted-by":"crossref","unstructured":"Moser, A., Kruegel, C., Kirda, E.: Limits of static analysis for malware detection. In: 23rd Annual Computer Security Applications Conference, ACSAC (2007)","DOI":"10.1109\/ACSAC.2007.21"},{"key":"14_CR15","unstructured":"Reif, J.H., Lewis, H.R.: Symbolic evaluation and the global value graph. In: Proceedings of the 4th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages, pp. 104\u2013118 (1977), http:\/\/doi.acm.org\/10.1145\/512950.512961"},{"key":"14_CR16","unstructured":"Reif, J.H., Lewis, H.R.: Efficent symbolic analysis of programs. Journal of Computer and System Sciences\u00a032(3), 280\u2013313 (1986), http:\/\/dx.doi.org\/10.1016\/0022-00008690031-0"},{"key":"14_CR17","unstructured":"Sharif, M.I., Lanzi, A., Giffin, J.T., Lee, W.: Impeding malware analysis using conditional code obfuscation. In: Proceedings of the Network and Distributed System Security Symposium, NDSS 2008, San Diego, California, USA (2008)"},{"key":"14_CR18","doi-asserted-by":"crossref","unstructured":"Stoltz, E., Wolfe, M., Gerlek, M.P.: Constant propagation: A fresh, demand-driven look. In: Symposium on Applied Computing. ACM SIGAPP, pp. 400\u2013404 (1994)","DOI":"10.1145\/326619.326791"},{"key":"14_CR19","doi-asserted-by":"publisher","first-page":"594","DOI":"10.1145\/322261.322273","volume":"28","author":"R.E. Tarjan","year":"1981","unstructured":"Tarjan, R.E.: Fast algorithms for solving path problems. Journal of the ACM\u00a028, 594\u2013614 (1981)","journal-title":"Journal of the ACM"},{"key":"14_CR20","doi-asserted-by":"crossref","first-page":"414","DOI":"10.1145\/224538.224648","volume-title":"Proc. 9th International Conference on Supercomputing (ICS 1995)","author":"P. Tu","year":"1995","unstructured":"Tu, P., Padua, D.: Gated SSA-based demand-driven symbolic analysis for parallelizing compilers. In: Proc. 9th International Conference on Supercomputing (ICS 1995), pp. 414\u2013423. ACM Press, Barcelona (1995)"}],"container-title":["Lecture Notes in Computer Science","Advances in Information and Computer Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-16825-3_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,5]],"date-time":"2019-06-05T20:59:56Z","timestamp":1559768396000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-16825-3_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642168246","9783642168253"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-16825-3_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2010]]}}}