{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,6]],"date-time":"2024-09-06T11:20:03Z","timestamp":1725621603169},"publisher-location":"Berlin, Heidelberg","reference-count":15,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642244025"},{"type":"electronic","value":"9783642244032"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-24403-2_14","type":"book-chapter","created":{"date-parts":[[2011,10,17]],"date-time":"2011-10-17T07:56:27Z","timestamp":1318838187000},"page":"166-175","source":"Crossref","is-referenced-by-count":0,"title":["A Layered Detection Method for Malware Identification"],"prefix":"10.1007","author":[{"given":"Ting","family":"Liu","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiaohong","family":"Guan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yu","family":"Qu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yanan","family":"Sun","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"14_CR1","unstructured":"Gostev, A.: Kaspersky Security Bulletin. In: Statistics 2008 (2009)"},{"key":"14_CR2","doi-asserted-by":"crossref","unstructured":"Lo, R., Kerchen, P., Crawford, R., Ho, W., Crossley, J., Fink, G., Levitt, K., Olsson, R., Archer, M.: Towards a testbed for malicious code detection. In: Compcon Spring 1991, Digest of Papers, pp. 160\u2013166 (1991)","DOI":"10.1109\/CMPCON.1991.128800"},{"key":"14_CR3","unstructured":"Wang, X., Yu, W., Champion, A., Fu, X., Xuan, D.: Detecting worms via mining dynamic program execution. In: Third International Conference on Security and Privacy in Communications Networks and the Workshops, SecureComm (2007)"},{"key":"14_CR4","doi-asserted-by":"crossref","unstructured":"Jiang, X., Wang, X., Xu, D.: Stealthy malware detection and monitoring through VMM-based \"out-of-the-box\" semantic view reconstruction. ACM Transactions on Information and System Security\u00a013 (2010)","DOI":"10.1145\/1698750.1698752"},{"key":"14_CR5","unstructured":"Wenke, L., Stolfo, S.J., Mok, K.W.: A data mining framework for building intrusion detection models.: Security and Privacy. In: Proceedings of the 1999 IEEE Symposium on Security and Privacy, pp. 120\u2013132 (1999)"},{"key":"14_CR6","doi-asserted-by":"publisher","first-page":"43","DOI":"10.1145\/1456377.1456389","volume-title":"Proceedings of the 1st ACM Workshop on AISec","author":"J.L. Berral","year":"2008","unstructured":"Berral, J.L., Poggi, N., Alonso, J., Gavald, R., Torres, J., Parashar, M.: Adaptive distributed mechanism against flooding network attacks based on machine learning. In: Proceedings of the 1st ACM Workshop on AISec, pp. 43\u201350. ACM, Alexandria (2008)"},{"key":"14_CR7","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1145\/1456377.1456395","volume-title":"Proceedings of the 1st ACM Workshop on AISec","author":"M. Kloft","year":"2008","unstructured":"Kloft, M., Brefeld, U., Pessel, D., Gehl, C., Laskov, P.: Automatic feature selection for anomaly detection. In: Proceedings of the 1st ACM Workshop on AISec, pp. 71\u201376. ACM, Alexandria (2008)"},{"key":"14_CR8","doi-asserted-by":"crossref","unstructured":"Renchao, Q., Tao, L., Yu, Z.: An immune inspired model for obfuscated virus detection. In: 2009 International Conference on Industrial Mechatronics and Automation, ICIMA 2009, Chengdu, China, pp. 228\u2013231 (2009)","DOI":"10.1109\/ICIMA.2009.5156602"},{"key":"14_CR9","unstructured":"Windows: Windows API Reference: http:\/\/msdn.microsoft.com\/en-us\/library\/aa383749(VS.85).aspx"},{"key":"14_CR10","doi-asserted-by":"crossref","unstructured":"Landis, J.R., Koch, G.G.: The measurement of observer agreement for categorical data. Biometrics 33 (1977)","DOI":"10.2307\/2529310"},{"key":"14_CR11","doi-asserted-by":"crossref","first-page":"63","DOI":"10.1023\/A:1022631118932","volume":"11","author":"R.C. Holte","year":"1993","unstructured":"Holte, R.C.: Very simple classification rules perform well on most commonly used data-sets. Mach. Learn. 11, 63-91 (1993)","journal-title":"Mach. Learn."},{"key":"14_CR12","doi-asserted-by":"publisher","first-page":"4544","DOI":"10.1016\/j.csda.2008.01.028","volume":"52","author":"R. Moskovitch","year":"2008","unstructured":"Moskovitch, R., Elovici, Y., Rokach, L.: Detection of unknown computer worms based on behavioral classification of the host. Computational Statistics and Data Analysis\u00a052, 4544\u20134566 (2008)","journal-title":"Computational Statistics and Data Analysis"},{"key":"14_CR13","unstructured":"Witten, I.H., Frank, E.: Data Mining: Practical Machine Learning Tools and Techniques, 2nd edn. Morgan Kaufmann, San Francisco (2005)"},{"key":"14_CR14","volume-title":"Pattern Classification","author":"R.O. Duda","year":"2000","unstructured":"Duda, R.O., Hart, P.E., Stork, D.G.: Pattern Classification, 2nd edn. Wiley-Interscience, Hoboken (2000)","edition":"2"},{"key":"14_CR15","unstructured":"Gostev, A.: Rustock and All That (2008)"}],"container-title":["Lecture Notes in Computer Science","Network and Parallel Computing"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-24403-2_14.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,5,3]],"date-time":"2021-05-03T07:30:04Z","timestamp":1620027004000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-24403-2_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642244025","9783642244032"],"references-count":15,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-24403-2_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2011]]}}}