{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T14:37:48Z","timestamp":1742913468981,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":25,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642545672"},{"type":"electronic","value":"9783642545689"}],"license":[{"start":{"date-parts":[[2014,1,1]],"date-time":"2014-01-01T00:00:00Z","timestamp":1388534400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2014,1,1]],"date-time":"2014-01-01T00:00:00Z","timestamp":1388534400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-3-642-54568-9_19","type":"book-chapter","created":{"date-parts":[[2014,3,20]],"date-time":"2014-03-20T14:31:35Z","timestamp":1395325895000},"page":"300-315","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Advanced Detection Tool for PDF Threats"],"prefix":"10.1007","author":[{"given":"Quentin","family":"Jerome","sequence":"first","affiliation":[]},{"given":"Samuel","family":"Marchal","sequence":"additional","affiliation":[]},{"given":"Radu","family":"State","sequence":"additional","affiliation":[]},{"given":"Thomas","family":"Engel","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2014,3,21]]},"reference":[{"key":"19_CR1","unstructured":"Adobe: PDF reference sixth edition, adobe portable document format, version 1.7 (2006)"},{"issue":"2","key":"19_CR2","doi-asserted-by":"publisher","first-page":"75","DOI":"10.1007\/s11416-007-0044-2","volume":"3","author":"E Filiol","year":"2007","unstructured":"Filiol, E., Blonce, A., Frayssignes, L.: Portable document format (PDF) security analysis and malware threats. J. Comput. Virol. 3(2), 75\u201386 (2007)","journal-title":"J. Comput. Virol."},{"key":"19_CR3","unstructured":"Daniel, M., Honoroff, J., Miller, C.: Engineering heap overflow exploits with JavaScript. In: Proceedings of the 2nd Conference on USENIX Workshop on Offensive Technologies, WOOT\u201908, pp. 1:1\u20131:6. USENIX Association, Berkeley (2008)"},{"key":"19_CR4","unstructured":"Rahman, M.A.: Getting owned by malicious PDF - analysis. Global Information Assurance Certification Paper (2010)"},{"key":"19_CR5","doi-asserted-by":"crossref","unstructured":"Laskov, P., \u0160rndi\u0107, N.: Static detection of malicious JavaScript-bearing PDF documents. In: Proceedings of the 27th Annual Computer Security Applications Conference. ACSAC \u201911, pp. 373\u2013382. ACM, New York (2011)","DOI":"10.1145\/2076732.2076785"},{"key":"19_CR6","unstructured":"\u0160rndic, N., Laskov, P.: Detection of malicious pdf files based on hierarchical document structure. In: Proceedings of the 20th Annual Network and Distributed System Security Symposium (2013)"},{"issue":"1","key":"19_CR7","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1145\/1656274.1656278","volume":"11","author":"M Hall","year":"2009","unstructured":"Hall, M., Frank, E., Holmes, G., Pfahringer, B., Reutemann, P., Witten, I.: The WEKA data mining software: an update. ACM SIGKDD Explor. Newsl. 11(1), 10\u201318 (2009)","journal-title":"ACM SIGKDD Explor. Newsl."},{"key":"19_CR8","volume-title":"Data Mining: Practical Machine Learning Tools and Techniques","author":"I Witten","year":"2011","unstructured":"Witten, I., Frank, E., Hall, M.: Data Mining: Practical Machine Learning Tools and Techniques. Morgan Kaufmann, Amsterdam (2011)"},{"key":"19_CR9","series-title":"LNCS (LNAI)","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1007\/978-3-540-30115-8_7","volume-title":"ECML 2004","author":"R Akbani","year":"2004","unstructured":"Akbani, R., Kwek, S., Japkowicz, N.: Applying support vector machines to imbalanced datasets. In: Boulicaut, J.-F., Esposito, F., Giannotti, F., Pedreschi, D. (eds.) ECML 2004. LNCS (LNAI), vol. 3201, pp. 39\u201350. Springer, Heidelberg (2004)"},{"key":"19_CR10","first-page":"1871","volume":"9","author":"R Fan","year":"2008","unstructured":"Fan, R., Chang, K., Hsieh, C., Wang, X., Lin, C.: Liblinear: a library for large linear classification. J. Mach. Learn. Res. 9, 1871\u20131874 (2008)","journal-title":"J. Mach. Learn. Res."},{"key":"19_CR11","volume-title":"iText in Action: Creating and Manipulating PDF","author":"B Lowagie","year":"2006","unstructured":"Lowagie, B.: iText in Action: Creating and Manipulating PDF. Dreamtech Press, New Delhi (2006)"},{"key":"19_CR12","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1109\/MSP.2007.45","volume":"5","author":"C Willems","year":"2007","unstructured":"Willems, C., Holz, T., Freiling, F.: Toward automated dynamic malware analysis using CWSandbox. IEEE Secur. Priv. 5, 32\u201339 (2007)","journal-title":"IEEE Secur. Priv."},{"key":"19_CR13","unstructured":"Trinius, P., Willems, C., Holz, T., Rieck, K.: A malware instruction set for behavior-based analysis. In: Proceedings of the Conference Sicherheit Schutz und Zuverlssigkeit SICHERHEIT (TR-2009-07), pp. 1\u201311 (2011)"},{"key":"19_CR14","doi-asserted-by":"crossref","unstructured":"Tzermias, Z., Sykiotakis, G., Polychronakis, M., Markatos, E.P.: Combining static and dynamic analysis for the detection of malicious documents. In: Proceedings of the Fourth European Workshop on System Security. EUROSEC \u201911, pp. 4:1\u20134:6. ACM, New York (2011)","DOI":"10.1145\/1972551.1972555"},{"key":"19_CR15","doi-asserted-by":"crossref","unstructured":"Schmitt, F., Gassen, J., Gerhards-Padilla, E.: Pdf scrutinizer: detecting javascript-based attacks in pdf documents. In: 2012 Tenth Annual International Conference on Privacy, Security and Trust (PST), pp. 104\u2013111. IEEE(2012)","DOI":"10.1109\/PST.2012.6297926"},{"key":"19_CR16","doi-asserted-by":"crossref","unstructured":"Rieck, K., Krueger, T., Dewald, A.: Cujo: Efficient detection and prevention of drive-by-download attacks. In: Proceedings of the 26th Annual Computer Security Applications Conference, pp. 31\u201339. ACM (2010)","DOI":"10.1145\/1920261.1920267"},{"key":"19_CR17","doi-asserted-by":"crossref","unstructured":"Smutz, C., Stavrou, A.: Malicious PDF detection using metadata and structural features. In: Proceedings of the 28th Annual Computer Security Applications Conference, pp. 239\u2013248. ACM (2012)","DOI":"10.1145\/2420950.2420987"},{"key":"19_CR18","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-20757-0_1","volume-title":"NETWORKING 2011, Part I","author":"J Fran\u00e7ois","year":"2011","unstructured":"Fran\u00e7ois, J., Wang, S., State, R., Engel, T.: BotTrack: tracking botnets using NetFlow and PageRank. In: Domingo-Pascual, J., Manzoni, P., Palazzo, S., Pont, A., Scoglio, C. (eds.) NETWORKING 2011, Part I. LNCS, vol. 6640, pp. 1\u201314. Springer, Heidelberg (2011)"},{"key":"19_CR19","doi-asserted-by":"crossref","unstructured":"Wagner, C., Wagener, G., State, R., Engel, T.: Malware analysis with graph kernels and support vector machines. In: 2009 4th International Conference on Malicious and Unwanted Software (MALWARE), pp. 63\u201368. IEEE (2009)","DOI":"10.1109\/MALWARE.2009.5403018"},{"key":"19_CR20","series-title":"LNCS","first-page":"372","volume-title":"RAID 2008","author":"HJ Abdelnur","year":"2008","unstructured":"Abdelnur, H.J., State, R., Festor, O.: Advanced network fingerprinting. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol. 5230, pp. 372\u2013389. Springer, Heidelberg (2008)"},{"key":"19_CR21","first-page":"2721","volume":"7","author":"J Kolter","year":"2006","unstructured":"Kolter, J., Maloof, M.: Learning to detect and classify malicious executables in the wild. J. Mach. Learn. Res. 7, 2721\u20132744 (2006)","journal-title":"J. Mach. Learn. Res."},{"key":"19_CR22","unstructured":"Li, W., Wang, K., Stolfo, S., Herzog, B.: Fileprints: identifying file types by n-gram analysis. In: Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop. IAW\u201905, pp. 64\u201371. IEEE (2005)"},{"key":"19_CR23","unstructured":"Stolfo, S.J., Wang, K., Li, W.J.: Fileprint analysis for malware detection. ACM CCS WORM (2005)"},{"key":"19_CR24","doi-asserted-by":"crossref","unstructured":"Li, W., Stolfo, S., Stavrou, A., Androulaki, E., Keromytis, A.: A study of malcode-bearing documents. Detection of Intrusions and Malware, and Vulnerability, Assessment, pp. 231\u2013250 (2007)","DOI":"10.1007\/978-3-540-73614-1_14"},{"key":"19_CR25","doi-asserted-by":"publisher","first-page":"67","DOI":"10.1007\/s11416-006-0012-2","volume":"1","author":"U Bayer","year":"2006","unstructured":"Bayer, U., Moser, A., Kruegel, C., Kirda, E.: Dynamic analysis of malicious code. J. Comput. Virol. 1, 67\u201377 (2006)","journal-title":"J. Comput. Virol."}],"container-title":["Lecture Notes in Computer Science","Data Privacy Management and Autonomous Spontaneous Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-54568-9_19","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,2,19]],"date-time":"2023-02-19T22:55:18Z","timestamp":1676847318000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-642-54568-9_19"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014]]},"ISBN":["9783642545672","9783642545689"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-54568-9_19","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2014]]},"assertion":[{"value":"21 March 2014","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}