{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T17:32:07Z","timestamp":1743096727985,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":36,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642331664"},{"type":"electronic","value":"9783642331671"}],"license":[{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-33167-1_45","type":"book-chapter","created":{"date-parts":[[2012,8,18]],"date-time":"2012-08-18T06:07:05Z","timestamp":1345270025000},"page":"788-805","source":"Crossref","is-referenced-by-count":3,"title":["Scalable Telemetry Classification for Automated Malware Detection"],"prefix":"10.1007","author":[{"given":"Jack W.","family":"Stokes","sequence":"first","affiliation":[]},{"given":"John C.","family":"Platt","sequence":"additional","affiliation":[]},{"given":"Helen J.","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Joe","family":"Faulhaber","sequence":"additional","affiliation":[]},{"given":"Jonathan","family":"Keller","sequence":"additional","affiliation":[]},{"given":"Mady","family":"Marinescu","sequence":"additional","affiliation":[]},{"given":"Anil","family":"Thomas","sequence":"additional","affiliation":[]},{"given":"Marius","family":"Gheorghescu","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"45_CR1","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1145\/1273496.1273501","volume-title":"Proc. of the 24th International Conference on Machine Learning (ICML), Corvalis, OR","author":"G. Andrew","year":"2007","unstructured":"Andrew, G., Gao, J.: Scalable training of l1-regularized log-linear models. In: Proc. of the 24th International Conference on Machine Learning (ICML), Corvalis, OR, pp. 33\u201340. ACM, New York (2007)"},{"key":"45_CR2","unstructured":"Bayer, U., Habibi, I., Balzarotti, D., Kirda, E., Kruegel, C.: A view on current malware behaviors. In: Proc. of 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), Boston, MA, USA (2009)"},{"key":"45_CR3","unstructured":"Bayer, U., Comparetti, P.M., Hlauschek, C., Kruegel, C., Kirda, E.: Scalable, behavior-based malware clustering. In: Proc. of the 16th Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA (February 2009)"},{"key":"45_CR4","unstructured":"Bayer, U., Kruegel, C., Kirda, E.: TTAnalyze: A tool for analyzing malware. In: Proc. of 15th Annual Conference of the European Institute for Computer Antivirus Research, EICAR (2006)"},{"key":"45_CR5","unstructured":"Bishop, C.: Pattern Recognition and Machine Learning. Springer (2006)"},{"key":"45_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"463","DOI":"10.1007\/978-3-642-22110-1_37","volume-title":"Computer Aided Verification","author":"D. Brumley","year":"2011","unstructured":"Brumley, D., Jager, I., Avgerinos, T., Schwartz, E.J.: BAP: A Binary Analysis Platform. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol.\u00a06806, pp. 463\u2013469. Springer, Heidelberg (2011)"},{"key":"45_CR7","unstructured":"Nachenberg, C., Seshadri, V., Ramzan, Z.: An analysis of real-world effectiveness of reputation-based security. In: Proc. of Virus Bulletin Conference, VB, pp. 178\u2013183 (2010)"},{"key":"45_CR8","doi-asserted-by":"crossref","unstructured":"Chau, D.H., Nachenberg, C., Wilhelm, J., Wright, A., Faloutsos, C.: Polonium: Tera-scale graph mining and inference for malware detection. In: Proc. of SIAM International Conference on Data Mining, SDM (2011)","DOI":"10.1137\/1.9781611972818.12"},{"key":"45_CR9","doi-asserted-by":"crossref","unstructured":"Christodorescu, M., Jha, S., Kruegel, C.: Mining specifications of malicious behavior. In: Proc. of the 6th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC\/FSE), pp. 5\u201314 (2007)","DOI":"10.1145\/1287624.1287628"},{"key":"45_CR10","unstructured":"Edelman, B.: Adverse selection in online \u201ctrust\u201d certifications. In: Fifth Workshop on the Economics of Information Security, pp. 26\u201328 (2006)"},{"key":"45_CR11","doi-asserted-by":"crossref","unstructured":"Freund, Y., Schapire, R.: Large margin classification using the perceptron algorithm. Machine Learning, 277\u2013296 (1999)","DOI":"10.1023\/A:1007662407062"},{"key":"45_CR12","doi-asserted-by":"crossref","unstructured":"Friedman, J.: Greedy function approximation: a gradient boosting machine. Annals of Statistics, 1189\u20131232 (2001)","DOI":"10.1214\/aos\/1013203451"},{"key":"45_CR13","unstructured":"Group, A.P.W.: Phishing activity trends report, 3rd quarter 2009 (2010), \n                    \n                      http:\/\/www.antiphishing.org\/reports\/apwg_report_Q3_2009.pdf"},{"key":"45_CR14","unstructured":"Haber, J.: Smartscreen application reputation in ie9 (2011), \n                    \n                      http:\/\/blogs.msdn.com\/b\/ie\/archive\/2011\/05\/17\/smartscreen-174-application-reputation-in-ie9.aspx"},{"key":"45_CR15","unstructured":"Hu, W., Liao, Y., Vemuri, V.R.: Robust support vector machines for anomaly detection. In: Proc. 2003 International Conference on Machine Learning and Applications (ICMLA), pp. 23\u201324 (2003)"},{"key":"45_CR16","unstructured":"Idika, N., Mathur, A.: A survey of malware detection techniques. Tech. rep., Purdue Univ. (February 2007), \n                    \n                      http:\/\/www.eecs.umich.edu\/techreports\/cse\/2007\/CSE-TR-530-07.pdf"},{"key":"45_CR17","unstructured":"Iseclab: Anubis, analyzing unknown binaries, \n                    \n                      http:\/\/anubis.iseclab.org"},{"key":"45_CR18","doi-asserted-by":"crossref","unstructured":"Jacob, G., Comparetti, P.M., Neugschwandtner, M., Kruegel, C., Vigna, G.: A static, packer-agnostic filter to detect similar malware samples. In: Conference on Detection of Intrusions and Malware & Vulnerability Assessment, DIMVA (2012)","DOI":"10.1007\/978-3-642-37300-8_6"},{"key":"45_CR19","doi-asserted-by":"crossref","unstructured":"Jang, J., Brumley, D., Venkataraman, S.: Bitshred: feature hashing malware for scalable triage and semantic analysis. In: Proc. of the 18th ACM Conference on Computer and Communications Security (CCS), pp. 309\u2013320 (2011)","DOI":"10.1145\/2046707.2046742"},{"key":"45_CR20","doi-asserted-by":"crossref","unstructured":"Jiang, X., Wang, X., Xu, D.: Stealthy malware detection through vmm-based \u201dout-of-the-box\u201d semantic view reconstruction. In: Proc. of the ACM Conference on Computer and Communications Security (CCS), pp. 128\u2013138 (2007)","DOI":"10.1145\/1315245.1315262"},{"key":"45_CR21","unstructured":"Kirda, E., Kruegel, C., Banks, G., Vigna, G., Kemmerer, R.A.: Behavior based spyware detection. In: Proc. of the 15th USENIX Security Symposium, pp. 273\u2013288 (2006)"},{"key":"45_CR22","unstructured":"Kolter, J., Maloof, M.: Learning to detect and classify malicious executables in the wild. Journal of Machine Learning Research (JMLR), 2721\u20132744 (2006)"},{"key":"45_CR23","doi-asserted-by":"crossref","unstructured":"Manning, C.D., Raghavan, P., Sch\u00fctze, H.: An Introduction to Information Retrieval. Cambridge University Press (2009)","DOI":"10.1017\/CBO9780511809071"},{"key":"45_CR24","unstructured":"Microsoft: Microsoft security intelligence report (July-December 2010) (2011), \n                    \n                      http:\/\/www.microsoft.com\/security\/sir\/default.aspx"},{"key":"45_CR25","doi-asserted-by":"crossref","unstructured":"Moser, A., Kruegel, C., Kirda, E.: Limits of static analysis for malware detection. In: Proc. of the 23rd Annual Computer Security Applications Conference (ACSAC), pp. 421\u2013430 (2007)","DOI":"10.1109\/ACSAC.2007.21"},{"key":"45_CR26","doi-asserted-by":"crossref","unstructured":"Neugschwandtner, M., Comparetti, P.M., Jacob, G., Kruegel, C.: Forecast \u2013 skimming off the malware cream. In: 27th Annual Computer Security Applications Conference, ACSAC (2011)","DOI":"10.1145\/2076732.2076735"},{"key":"45_CR27","unstructured":"Oberheide, J., Cooke, E., Jahanian, F.: Cloudav: N-version antivirus in the network cloud. In: Proc. of the 17th Conference on Security Symposium, pp. 91\u2013106 (2008)"},{"key":"45_CR28","doi-asserted-by":"crossref","unstructured":"Perdisci, R., Lanzi, A., Lee, W.: Mcboost: Boosting scalability in malware collection and analysis using statistical classification of executables. In: Proc. of the 2008 Annual Computer Security Applications Conference (ACSAC), pp. 301\u2013310 (2008)","DOI":"10.1109\/ACSAC.2008.22"},{"key":"45_CR29","doi-asserted-by":"crossref","unstructured":"Preda, M., Christodorescu, M., Jha, S., Debray, S.: A semantics-based approach to malware detection. In: Proc. of the 34th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 377\u2013388 (2007)","DOI":"10.1145\/1190216.1190270"},{"key":"45_CR30","first-page":"38","volume-title":"Proc. of the 2001 IEEE Symposium on Security and Privacy (SP)","author":"M. Schultz","year":"2001","unstructured":"Schultz, M., Eskin, E., Zadok, E., Stolfo, S.: Data mining methods of detection of new malicious executables. In: Proc. of the 2001 IEEE Symposium on Security and Privacy (SP), pp. 38\u201349. IEEE Press, New York (2001)"},{"key":"45_CR31","doi-asserted-by":"publisher","first-page":"807","DOI":"10.1145\/1273496.1273598","volume-title":"Proc. of the 24th International Conference on Machine Learning (ICML), Corvalis, OR","author":"S. Shalev-Shwartz","year":"2007","unstructured":"Shalev-Shwartz, S., Singer, Y., Srebro, N.: Pegasos: Primal estimated sub-gradient solver for svm. In: Proc. of the 24th International Conference on Machine Learning (ICML), Corvalis, OR, pp. 807\u2013814. ACM, New York (2007)"},{"key":"45_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-89862-7_1","volume-title":"Information Systems Security","author":"D. Song","year":"2008","unstructured":"Song, D., Brumley, D., Yin, H., Caballero, J., Jager, I., Kang, M.G., Liang, Z., Newsome, J., Poosankam, P., Saxena, P.: BitBlaze: A New Approach to Computer Security via Binary Analysis. In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol.\u00a05352, pp. 1\u201325. Springer, Heidelberg (2008)"},{"key":"45_CR33","unstructured":"Stolfo, S., Wang, K., Li, W.: Towards stealthy malware detection. In: Christodorescu, M., Jha, S., Maughan, D., Song, D., Wang, C. (eds.) Malware Detection. Springer (2007)"},{"key":"45_CR34","unstructured":"Wicherski, G.: pehash: A novel approach to fast malware clustering. In: USENIX Workshop Large-Scale Exploits and Emergent Threats, LEET (2009)"},{"key":"45_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"468","DOI":"10.1007\/978-3-540-73547-2_48","volume-title":"Autonomic and Trusted Computing","author":"B. Zhang","year":"2007","unstructured":"Zhang, B., Yin, J., Hao, J., Zhang, D., Wang, S.: Malicious Codes Detection Based on Ensemble Learning. In: Xiao, B., Yang, L.T., Ma, J., Muller-Schloer, C., Hua, Y. (eds.) ATC 2007. LNCS, vol.\u00a04610, pp. 468\u2013477. Springer, Heidelberg (2007)"},{"key":"45_CR36","unstructured":"Zhang, J., Jin, R., Yang, Y., Hauptmann, A.G.: Modified logistic regression: An approximation to svm and its applications in large-scale text categorization. In: Proc. of the 20th International Conference on Machine Learning (ICML), Menlo Park, pp. 888\u2013895 (2003)"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2012"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-33167-1_45","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,2]],"date-time":"2019-06-02T20:39:57Z","timestamp":1559507997000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-33167-1_45"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642331664","9783642331671"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-33167-1_45","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2012]]}}}