{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T09:36:48Z","timestamp":1743154608700,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":20,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642236433"},{"type":"electronic","value":"9783642236440"}],"license":[{"start":{"date-parts":[[2011,1,1]],"date-time":"2011-01-01T00:00:00Z","timestamp":1293840000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-23644-0_4","type":"book-chapter","created":{"date-parts":[[2012,2,11]],"date-time":"2012-02-11T00:06:20Z","timestamp":1328918780000},"page":"61-80","source":"Crossref","is-referenced-by-count":12,"title":["Shellzer: A Tool for the Dynamic Analysis of Malicious Shellcode"],"prefix":"10.1007","author":[{"given":"Yanick","family":"Fratantonio","sequence":"first","affiliation":[]},{"given":"Christopher","family":"Kruegel","sequence":"additional","affiliation":[]},{"given":"Giovanni","family":"Vigna","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"4_CR1","unstructured":"Immunity debugger, \n                    \n                      http:\/\/www.immunityinc.com\/products-immdbg.shtml"},{"key":"4_CR2","unstructured":"Ms debugging tools, \n                    \n                      http:\/\/www.microsoft.com\/whdc\/devtools\/debugging\/"},{"key":"4_CR3","unstructured":"Libemu (2007), \n                    \n                      http:\/\/libemu.carnivore.it"},{"key":"4_CR4","unstructured":"Anubis (2008), \n                    \n                      http:\/\/anubis.iseclab.org"},{"key":"4_CR5","unstructured":"Wepawet (2008), \n                    \n                      http:\/\/wepawet.cs.ucsb.edu\/"},{"key":"4_CR6","unstructured":"Threat expert (2009), \n                    \n                      http:\/\/www.threatexpert.com"},{"key":"4_CR7","unstructured":"Amiri, P.: Pydbg (2005), \n                    \n                      http:\/\/pedram.redhive.com\/PyDbg\/"},{"key":"4_CR8","unstructured":"Bellard, F.: Qemu (2005), \n                    \n                      http:\/\/www.qemu.org"},{"key":"4_CR9","doi-asserted-by":"crossref","unstructured":"Borders, K., Prakash, A., Zielinski, M.: Spector: Automatically analyzing shell code. In: Proceeding of the Annual Computer Security Applications Conference, ACSAC (2007)","DOI":"10.1109\/ACSAC.2007.11"},{"key":"4_CR10","doi-asserted-by":"crossref","unstructured":"Cova, M., Kruegel, C., Vigna, G.: Detection and Analysis of Drive-by-Download Attacks and Malicious JavaScript Code. In: Proceedings of the World Wide Web Conference, WWW (2010)","DOI":"10.1145\/1772690.1772720"},{"key":"4_CR11","doi-asserted-by":"crossref","unstructured":"Gu, B., Bai, X., Yang, Z., Champion, A.C., Xuan, D.: Malicious shellcode detection with virtual memory snapshots. In: Proceedings of the IEEE International Conference on Computer Communications, INFOCOM (2010)","DOI":"10.1109\/INFCOM.2010.5461950"},{"key":"4_CR12","unstructured":"Hex-Rays: Ida pro disassembler and debugger, \n                    \n                      http:\/\/www.hex-rays.com\/idapro\/"},{"key":"4_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/11506881_2","volume-title":"Intrusion and Malware Detection and Vulnerability Assessment","author":"U. Payer","year":"2005","unstructured":"Payer, U., Teufl, P., Lamberger, M.: Hybrid engine for polymorphic shellcode detection. In: Julisch, K., Kr\u00fcgel, C. (eds.) DIMVA 2005. LNCS, vol.\u00a03548, pp. 19\u201331. Springer, Heidelberg (2005)"},{"key":"4_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"54","DOI":"10.1007\/11790754_4","volume-title":"Detection of Intrusions and Malware & Vulnerability Assessment","author":"M. Polychronakis","year":"2006","unstructured":"Polychronakis, M., Anagnostakis, K., Markatos, E.: Network-level polymorphic shellcode detection using emulation. In: B\u00fcschkes, R., Laskov, P. (eds.) DIMVA 2006. LNCS, vol.\u00a04064, pp. 54\u201373. Springer, Heidelberg (2006)"},{"key":"4_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"87","DOI":"10.1007\/978-3-540-74320-0_5","volume-title":"Recent Advances in Intrusion Detection","author":"M. Polychronakis","year":"2007","unstructured":"Polychronakis, M., Anagnostakis, K., Markatos, E.: Emulation-based detection of non-self-contained polymorphic shellcode. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol.\u00a04637, pp. 87\u2013106. Springer, Heidelberg (2007)"},{"key":"4_CR16","doi-asserted-by":"crossref","unstructured":"Polychronakis, M., Anagnostakis, K., Markatos, E.: Comprehensive shellcode detection using runtime heuristics. In: Proceeding of the Annual Computer Security Applications Conference, ACSAC (2010)","DOI":"10.1145\/1920261.1920305"},{"key":"4_CR17","unstructured":"Shields, T.: Anti-debugging - a developers view"},{"key":"4_CR18","volume-title":"Identifying Malicious Code Through Reverse Engineering","author":"A. Singh","year":"2009","unstructured":"Singh, A.: Identifying Malicious Code Through Reverse Engineering. Springer, Heidelberg (2009)"},{"key":"4_CR19","unstructured":"Skape: Understanding windows shellcode, \n                    \n                      http:\/\/www.hick.org\/code\/skape\/papers\/win32-shellcode.pdf"},{"key":"4_CR20","unstructured":"Yuschuk, O.: Ollydbg (2005), \n                    \n                      http:\/\/www.ollydbg.de\/"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-23644-0_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,4,27]],"date-time":"2019-04-27T12:05:54Z","timestamp":1556366754000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-23644-0_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642236433","9783642236440"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-23644-0_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2011]]}}}