{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,9]],"date-time":"2024-09-09T15:36:31Z","timestamp":1725896191391},"publisher-location":"Berlin, Heidelberg","reference-count":24,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642371851"},{"type":"electronic","value":"9783642371868"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-37186-8_7","type":"book-chapter","created":{"date-parts":[[2013,4,9]],"date-time":"2013-04-09T23:01:39Z","timestamp":1365548499000},"page":"109-125","source":"Crossref","is-referenced-by-count":2,"title":["Learning Attack Features from Static and Dynamic Analysis of Malware"],"prefix":"10.1007","author":[{"given":"Ravinder R.","family":"Ravula","sequence":"first","affiliation":[]},{"given":"Kathy J.","family":"Liszka","sequence":"additional","affiliation":[]},{"given":"Chien-Chung","family":"Chan","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"7_CR1","first-page":"55","volume-title":"AISec 2009: Proceedings of the 2nd ACM Workshop on Security and Artificial Intelligence","author":"F. Ahmed","year":"2009","unstructured":"Ahmed, F., Hameed, H., Shafiq, M.Z., Farooq, M.: Using spatio-temporal information in API calls with machine learning algorithms for malware detection. In: AISec 2009: Proceedings of the 2nd ACM Workshop on Security and Artificial Intelligence, pp. 55\u201362. ACM, New York (2009)"},{"key":"7_CR2","doi-asserted-by":"crossref","unstructured":"Burji, S., Liszka, K.J., Chan, C.-C.: Malware Analysis Using Reverse Engineering and Data Mining Tools. In: The 2010 International Conference on System Science and Engineering (ICSSE 2010), pp. 619\u2013624 (July 2010)","DOI":"10.1109\/ICSSE.2010.5551719"},{"key":"7_CR3","unstructured":"Chan, C.-C., Santhosh, S.: BLEM2: Leaming Bayes\u2019 rules from examples using rough sets. In: Proc. NAFIPS 2003, 22nd Int. Conf. of the North American Fuzzy Information Processing Society, Chicago, Illinois, July 24-26, pp. 187\u2013190 (2003)"},{"issue":"3","key":"7_CR4","first-page":"185","volume":"19","author":"C.-C. Chan","year":"1994","unstructured":"Chan, C.-C., Grzymala-Busse, J.W.: On the two local inductive algorithms: PRISM, and LEM2. Foundations of Computing and Decision Sciences\u00a019(3), 185\u2013203 (1994)","journal-title":"Foundations of Computing and Decision Sciences"},{"key":"7_CR5","doi-asserted-by":"crossref","unstructured":"Christodorescu, M., Jha, S., Kruegel, C.: Mining specifications of malicious behaviour. In: Proc. ESEC\/FS 2007, pp. 5\u201314 (2007)","DOI":"10.1145\/1287624.1287628"},{"key":"7_CR6","unstructured":"Cohen, F.: Computer Viruses. PhD thesis, University of Southern California (1985)"},{"key":"7_CR7","unstructured":"Cohen, W.: Learning Trees and Rules with Set-Valued Features. American Association for Artificial Intelligence, AMI (1996)"},{"key":"7_CR8","doi-asserted-by":"crossref","unstructured":"Islam, R., Tian, R., Batten, L., Versteeg, S.C.: Classification of Malware Based on String and Function Feature Selection. In: 2010 Second Cybercrime and Trustworthy Computing Workshop, Ballarat, Victoria Australia, July 19-July 20 (2010) ISBN: 978-0-7695-4186-0","DOI":"10.1109\/CTC.2010.11"},{"key":"7_CR9","doi-asserted-by":"crossref","unstructured":"Kang, M.G., Poosankam, P., Yin, H.: Renovo: A hidden code extractor for packed executables. In: Proc. Fifth ACM Workshop on Recurring Malcode, WORM 2007 (November 2007)","DOI":"10.1145\/1314389.1314399"},{"key":"7_CR10","doi-asserted-by":"crossref","unstructured":"Kolter, J., Maloof, M.: Learning to detect malicious executables in the wild. In: Proc. KDD 2004, pp. 470\u2013478 (2004)","DOI":"10.1145\/1014052.1014105"},{"key":"7_CR11","volume-title":"Proceedings of the 2010 18th Euromicro Conference on Parallel, Distributed and Network-based Processing, PDP 2010","author":"D. Komashinskiy","year":"2010","unstructured":"Komashinskiy, D., Kotenko, I.V.: Malware Detection by Data Mining Techniques Based on Positionally Dependent Features. In: Proceedings of the 2010 18th Euromicro Conference on Parallel, Distributed and Network-based Processing, PDP 2010. IEEE Computer Society, Washington, DC (2010) ISBN: 978-0-7695-3939-3"},{"key":"7_CR12","unstructured":"Mcafee.com (2010a), http:\/\/www.mcafee.com\/us\/resources\/reports\/rp-quarterly-threat-q3-2010.pdf (retrieved)"},{"key":"7_CR13","unstructured":"Mcafee.com (2010b), http:\/\/www.mcafee.com\/us\/resources\/reports\/rp-good-decade-for-cybercrime.pdf (retrieved)"},{"key":"7_CR14","unstructured":"Messagelabs.com (2011), http:\/\/www.messagelabs.com\/mlireport\/MLI_2011_01_January_Final_en-us.pdf (retrieved)"},{"key":"7_CR15","unstructured":"Miller, P.: Hexdump. Online publication (2000), http:\/\/www.pcug.org.au\/millerp\/hexdump.html"},{"issue":"15","key":"7_CR16","first-page":"344","volume":"11","author":"Z. Pawlak","year":"1982","unstructured":"Pawlak, Z.: Rough sets: basic notion. International Journal of Computer and Information Science\u00a011(15), 344\u2013356 (1982)","journal-title":"International Journal of Computer and Information Science"},{"key":"7_CR17","first-page":"369","volume":"64","author":"Z. Pawlak","year":"2005","unstructured":"Pawlak, Z.: Flow graphs and intelligent data analysis. Fundamenta Informaticae\u00a064, 369\u2013377 (2005)","journal-title":"Fundamenta Informaticae"},{"key":"7_CR18","doi-asserted-by":"crossref","unstructured":"Rozinov, K.: Reverse Code Engineering: An In-Depth Analysis of the Bagle Virus. In: Information Assurance Workshop, IAW 2005. Proceedings from the Sixth Annual IEEE SMC, June 15-17, pp. 380\u2013387 (2005)","DOI":"10.1109\/IAW.2005.1495977"},{"key":"7_CR19","doi-asserted-by":"crossref","unstructured":"Schultz, M.G., Eskin, E., Zadok, E., Stolfo, S.J.: Data Mining Methods for Detection of New Malicious Executables. In: Proceedings of the 2001 IEEE Symposium on Security and Privacy, pp. 38\u201349. IEEE Computer Society (2001)","DOI":"10.1109\/SECPRI.2001.924286"},{"key":"7_CR20","unstructured":"Skoudis, E.: Malware: Fighting Malicious Code. Prentice Hall (2004)"},{"key":"7_CR21","doi-asserted-by":"crossref","unstructured":"Sung, A., Xu, J., Chavez, P., Mukkamala, S.: Static analyzer of vicious executables (save). In: Proc. 20th Annu. Comput. Security Appl. Conf., pp. 326\u2013334 (2004)","DOI":"10.1109\/CSAC.2004.37"},{"key":"7_CR22","doi-asserted-by":"crossref","unstructured":"Wang, T.-Y., Wu, C.-H., Hsieh, C.-C.: A Virus Prevention Model Based on Static Analysis and Data Mining Methods. In: Proceedings of the 2008 IEEE 8th International Conference on Computer and Information Technology Workshops, CITWORKSHOPS 2008, pp. 288\u2013293 (2008)","DOI":"10.1109\/CIT.2008.Workshops.102"},{"key":"7_CR23","doi-asserted-by":"crossref","unstructured":"Wang, T.-Y., Wu, C.-H., Hsieh, C.-C.: Detecting Unknown Malicious Executables Using Portable Executable Headers. In: Fifth International Joint Conference on INC, IMS and IDC, pp. 278\u2013284 (2009)","DOI":"10.1109\/NCM.2009.385"},{"key":"7_CR24","unstructured":"Witten, I.H., Frank, E.: Data Mining: Practical Machine Learning Tools and Techniques, 2nd edn. (2005) ISBN: 0-12-088407-0"}],"container-title":["Communications in Computer and Information Science","Knowledge Discovery, Knowledge Engineering and Knowledge Management"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-37186-8_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,2,13]],"date-time":"2022-02-13T07:16:52Z","timestamp":1644736612000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-37186-8_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642371851","9783642371868"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-37186-8_7","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2013]]}}}