{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,21]],"date-time":"2025-05-21T06:56:23Z","timestamp":1747810583002,"version":"3.40.1"},"publisher-location":"Berlin, Heidelberg","reference-count":27,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642275845"},{"type":"electronic","value":"9783642275852"}],"license":[{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-27585-2_5","type":"book-chapter","created":{"date-parts":[[2012,2,7]],"date-time":"2012-02-07T22:38:29Z","timestamp":1328654309000},"page":"55-64","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Efficient and Stealthy Instruction Tracing and Its Applications in Automated Malware Analysis: Open Problems and Challenges"],"prefix":"10.1007","author":[{"given":"Endre","family":"Bangerter","sequence":"first","affiliation":[]},{"given":"Stefan","family":"B\u00fchlmann","sequence":"additional","affiliation":[]},{"given":"Engin","family":"Kirda","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"5_CR1","unstructured":"Bania, P.: Generic unpacking of self-modifying, aggressive, packed binary programs (2009)"},{"key":"5_CR2","unstructured":"Buehlmann, S., Kropp, M.: Extending joebox - a scriptable malware analysis system. In: University of Applied Science Northwestern of Switzerland, Bachelor Thesis (2008)"},{"key":"5_CR3","unstructured":"Bayer, U., Kruegel, C., Kirda, E.: Ttanalyze: A tool for analyzing malware. In: 15th European Institute for Computer Antivirus Research, EICAR 2006 (2006)"},{"key":"5_CR4","doi-asserted-by":"crossref","unstructured":"Caballero, J., Poosankam, P., Song, D., Kreibich, C.: Dispatcher: Enabling active botnet infiltration using automatic protocol reverse-engineering. In: The 16th ACM Conference on Computer and Communications Security, CCS 2009, pp. 621\u2013634. ACM (2009)","DOI":"10.1145\/1653662.1653737"},{"key":"5_CR5","doi-asserted-by":"crossref","unstructured":"Caballero, J., Yin, H., Liang, Z., Song, D.: Polyglot: Automatic extraction of protocol message format using dynamic binary analysis. In: Proceedings of ACM Conference on Computer and Communication Security (2007)","DOI":"10.1145\/1315245.1315286"},{"key":"5_CR6","doi-asserted-by":"crossref","unstructured":"Dinaburg, A., Royal, P., Sharif, M.I., Lee, W.: Ether: malware analysis via hardware virtualization extensions. In: ACM Conference on Computer and Communications Security (2008)","DOI":"10.1145\/1455770.1455779"},{"key":"5_CR7","unstructured":"Egele, M., Kruegel, C., Kirda, E., Yin, H., Song, D.: Dynamic spyware analysis. In: Proceedings of USENIX Annual Technical Conference (2007)"},{"key":"5_CR8","doi-asserted-by":"crossref","unstructured":"Groebert, F., Willems, C., Holz, T.: Automated identification of cryptographic primitives in binary programs. In: The 14th International Symposium on Recent Advances in Intrusion Detection, RAID (2011)","DOI":"10.1007\/978-3-642-23644-0_3"},{"key":"5_CR9","unstructured":"Hex-Rays. Hex-rays decompiler, http:\/\/www.hex-rays.com\/decompiler.shtml"},{"key":"5_CR10","unstructured":"Intel. Intel 64 and ia-32 architectures software developer\u2019s manual. Basic architecture, ch.\u00a05, 5.1.7, vol.\u00a01, pp. 142\u2013143, (2010)"},{"key":"5_CR11","unstructured":"Kruegel, C., Kirda, E., Comparetti, P.M., Wondracek, G.: Automatic network protocol analysis. In: 15th Annual Network and Distributed System Security Symposium, NDSS 2008 (2008)"},{"key":"5_CR12","doi-asserted-by":"publisher","first-page":"190","DOI":"10.1145\/1065010.1065034","volume-title":"Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2005","author":"C.-K. Luk","year":"2005","unstructured":"Luk, C.-K., Cohn, R., Muth, R., Patil, H., Klauser, A., Lowney, G., Wallace, S., Reddi, V.J., Hazelwood, K.: Pin: building customized program analysis tools with dynamic instrumentation. In: Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2005, pp. 190\u2013200. ACM, New York (2005), http:\/\/doi.acm.org\/10.1145\/1065010.1065034"},{"key":"5_CR13","unstructured":"Lin, Z., Jiang, X., Xu, D., Zhang, X.: Automatic protocol format reverse engineering through conectect-aware monitored execution. In: 15th Symposium on Network and Distributed System Security, NDSS (2008)"},{"key":"5_CR14","unstructured":"Lutz, N.: Towards revealing attackers intent by automatically decrypting network traffic. Master\u2019s thesis, ETH Zuerich (2008)"},{"key":"5_CR15","unstructured":"Leder, F., Werner, T.: Know your enemy: Containing conficker - to tame a malware. In: Know Your Enemy Series of the Honeynet Project (2009)"},{"key":"5_CR16","doi-asserted-by":"crossref","unstructured":"Moser, A., Kruegel, C., Kirda, E.: Limits of static analysis for malware detection. In: 23rd Annual Computer Security Applications Conference, ACSAC (2007)","DOI":"10.1109\/ACSAC.2007.21"},{"key":"5_CR17","doi-asserted-by":"crossref","unstructured":"Martignoni, L., Paleari, R., Roglia, G.F., Bruschi, D.: Testing cpu emulators. In: ISSTA (2009)","DOI":"10.1145\/1572272.1572303"},{"key":"5_CR18","unstructured":"Newsome, J., Song, D.: Dynamic taint analysis: Automatic detection, analysis, and signature generation of exploit attacks on commodity software. In: Proceedings of the Network and Distributed Systems Security Symposium (2005)"},{"key":"5_CR19","unstructured":"Porras, P., Saidi, H., Yegneswaran, V.: A foray into conficker\u2019s logic and rendezvous points. In: Proceedings of the 2nd USENIX Conference on Large-Scale Exploits and Emergent Threats, LEET 2009 (2009)"},{"key":"5_CR20","doi-asserted-by":"crossref","unstructured":"Quist, D.A., Liebrock, L.M.: Visualizing compiled executables for malware analysis. In: 6th International Workshop on Visualization for Cyber Security, VizSec 2009 (2009)","DOI":"10.1109\/VIZSEC.2009.5375539"},{"key":"5_CR21","doi-asserted-by":"crossref","unstructured":"Quist, D., Liebrock, L., Neil, J.: Visualizing compiled executables for malware analysis. Journal in Computer Virology (2009)","DOI":"10.1109\/VIZSEC.2009.5375539"},{"key":"5_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-89862-7_1","volume-title":"Information Systems Security","author":"D. Song","year":"2008","unstructured":"Song, D., Brumley, D., Yin, H., Caballero, J., Jager, I., Kang, M.G., Liang, Z., Newsome, J., Poosankam, P., Saxena, P.: BitBlaze: A New Approach to Computer Security via Binary Analysis. In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol.\u00a05352, pp. 1\u201325. Springer, Heidelberg (2008)"},{"key":"5_CR23","doi-asserted-by":"crossref","unstructured":"Skaletsky, A., Devor, T., Chachmon, N., Cohn, R.S., Hazelwood, K.M., Vladimirov, V., Bach, M.: Dynamic program analysis of microsoft windows applications. In: ISPASS (2010)","DOI":"10.1109\/ISPASS.2010.5452079"},{"key":"5_CR24","doi-asserted-by":"crossref","unstructured":"Vasudevan, A., Yerraballi, R.: Cobra: Fine-grained malware analysis using stealth localized-executions. In: IEEE Symposium on Security and Privacy (2006)","DOI":"10.1109\/SP.2006.9"},{"key":"5_CR25","doi-asserted-by":"crossref","unstructured":"Willems, C., Holz, T., Freiling, F.: Toward automated dynamic malware analysis using cwsandbox (2007)","DOI":"10.1109\/MSP.2007.45"},{"key":"5_CR26","unstructured":"Yin, H., Song, D.: Temu: Binary code analysis via whole-system layered annotative execution (2010)"},{"key":"5_CR27","doi-asserted-by":"crossref","unstructured":"Jiang, X., Wang, Z., Cui, W., Wang, X.: Reformat: Automatic reverse engineering of encrypted messages. In: Technical report, NC State University (2008)","DOI":"10.1007\/978-3-642-04444-1_13"}],"container-title":["Lecture Notes in Computer Science","Open Problems in Network Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-27585-2_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,20]],"date-time":"2025-03-20T01:39:18Z","timestamp":1742434758000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-27585-2_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642275845","9783642275852"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-27585-2_5","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2012]]},"assertion":[{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}