{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,12]],"date-time":"2025-11-12T21:13:18Z","timestamp":1762981998480,"version":"3.40.3"},"publisher-location":"Singapore","reference-count":40,"publisher":"Springer Nature Singapore","isbn-type":[{"type":"print","value":"9789819605668"},{"type":"electronic","value":"9789819605675"}],"license":[{"start":{"date-parts":[[2024,12,3]],"date-time":"2024-12-03T00:00:00Z","timestamp":1733184000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,12,3]],"date-time":"2024-12-03T00:00:00Z","timestamp":1733184000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-981-96-0567-5_20","type":"book-chapter","created":{"date-parts":[[2024,12,2]],"date-time":"2024-12-02T08:38:11Z","timestamp":1733128691000},"page":"273-289","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Exposing the\u00a0Limitations of\u00a0Machine Learning for\u00a0Malware Detection Under Concept Drift"],"prefix":"10.1007","author":[{"given":"Ahmed","family":"Abusnaina","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Afsah","family":"Anwar","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Muhammad","family":"Saad","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Abdulrahman","family":"Alabduljabbar","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rhongho","family":"Jang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Saeed","family":"Salem","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"David","family":"Mohaisen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,12,3]]},"reference":[{"key":"20_CR1","unstructured":"Radare2 (2021). https:\/\/rada.re\/r\/"},{"key":"20_CR2","unstructured":"VirusShare (2021)"},{"key":"20_CR3","unstructured":"VirusTotal (2021). https:\/\/www.virustotal.com"},{"key":"20_CR4","unstructured":"VirusTotal Statistics (2021). https:\/\/www.virustotal.com\/en\/statistics\/"},{"key":"20_CR5","doi-asserted-by":"crossref","unstructured":"Al-Dujaili, A.,\u00a0Huang, A.,\u00a0Hemberg, E.,\u00a0O\u2019Reilly, U.: Adversarial deep learning for robust detection of binary encoded malware. In: IEEE S &P Workshops, pp. 76\u201382 (2018)","DOI":"10.1109\/SPW.2018.00020"},{"issue":"5","key":"20_CR6","doi-asserted-by":"publisher","first-page":"8977","DOI":"10.1109\/JIOT.2019.2925929","volume":"6","author":"H Alasmary","year":"2019","unstructured":"Alasmary, H., et al.: Analyzing and detecting emerging Internet of Things malware: a graph-based approach. IEEE Internet Things J. 6(5), 8977\u20138988 (2019)","journal-title":"IEEE Internet Things J."},{"key":"20_CR7","unstructured":"Alrawi, O., et al.: The circle of life: a large-scale study of the iot malware lifecycle. In USENIX Security (2021)"},{"key":"20_CR8","unstructured":"Anderson, H.S.,\u00a0Roth P.: Ember: an open dataset for training static pe malware machine learning models. arXiv preprint arXiv:1804.04637 (2018)"},{"key":"20_CR9","doi-asserted-by":"crossref","unstructured":"Anwar, A.,\u00a0Alasmary, H.,\u00a0Park, J.,\u00a0Wang, A.,\u00a0Chen, S.,\u00a0Mohaisen, D.: Statically dissecting internet of things malware: analysis, characterization, and detection. In: ICICS (2020)","DOI":"10.1007\/978-3-030-61078-4_25"},{"key":"20_CR10","unstructured":"Bayer, U.,\u00a0Habibi, I.,\u00a0Balzarotti, D.,\u00a0Kirda, E.,\u00a0Kruegel, C.: A view on current malware behaviors. In: LEET (2009)"},{"key":"20_CR11","doi-asserted-by":"crossref","unstructured":"Breunig, M.M., Kriegel, H.-P., Ng, R.T.,\u00a0Sander, J.: Lof: identifying density-based local outliers. In: ACM SIGMOD, pp. 93\u2013104 (2000)","DOI":"10.1145\/342009.335388"},{"issue":"2","key":"20_CR12","first-page":"262","volume":"17","author":"T Chakraborty","year":"2017","unstructured":"Chakraborty, T., Pierazzi, F., Subrahmanian, V.: Ec2: ensemble clustering and classification for predicting android malware families. IEEE TDSC 17(2), 262\u2013277 (2017)","journal-title":"IEEE TDSC"},{"key":"20_CR13","doi-asserted-by":"crossref","unstructured":"Cozzi, E.,\u00a0Graziano, M.,\u00a0Fratantonio, Y.,\u00a0Balzarotti, D.: Understanding Linux malware. In: IEEE S &P Symposium (2018)","DOI":"10.1109\/SP.2018.00054"},{"key":"20_CR14","doi-asserted-by":"crossref","unstructured":"Crandall, J.R., et al.: Temporal search: detecting hidden malware timebombs with virtual machines. In: ACM ASPLOS (2006)","DOI":"10.1145\/1168857.1168862"},{"issue":"7","key":"20_CR15","doi-asserted-by":"publisher","first-page":"3187","DOI":"10.1109\/TII.2018.2822680","volume":"14","author":"Z Cui","year":"2018","unstructured":"Cui, Z., Xue, F., Cai, X., Cao, Y., Wang, G., Chen, J.: Detection of malicious code variants based on deep learning. IEEE Trans. Ind. Inf. 14(7), 3187\u20133196 (2018)","journal-title":"IEEE Trans. Ind. Inf."},{"key":"20_CR16","unstructured":"Evans, L.P.G., Adams, N.M.,\u00a0Anagnostopoulos, C.: Estimating optimal active learning via model retraining improvement. CoRR arxiv:1502.01664 (2015)"},{"key":"20_CR17","unstructured":"Graziano, M., et\u00a0al.: Needles in a haystack: mining information from public dynamic analysis sandboxes for malware intelligence. In: USENIX Security, pp. 1057\u20131072 (2015)"},{"key":"20_CR18","doi-asserted-by":"publisher","first-page":"88","DOI":"10.1016\/j.future.2018.03.007","volume":"85","author":"H HaddadPajouh","year":"2018","unstructured":"HaddadPajouh, H., Dehghantanha, A., Khayami, R., Choo, K.-K.R.: A deep recurrent neural network based approach for internet of things malware threat hunting. Futur. Gener. Comput. Syst. 85, 88\u201396 (2018)","journal-title":"Futur. Gener. Comput. Syst."},{"key":"20_CR19","unstructured":"Jordaney, R.,\u00a0Sharad, K., et\u00a0al.: Transcend: detecting concept drift in malware classification models. In: USENIX Security (2017)"},{"issue":"6","key":"20_CR20","doi-asserted-by":"publisher","DOI":"10.1155\/2015\/479174","volume":"11","author":"H Kang","year":"2015","unstructured":"Kang, H., Jang, J.-W., Mohaisen, A., Kim, H.K.: Detecting and classifying android malware using static analysis along with creator information. Int. J. Distrib. Sens. Netw. 11(6), 479174 (2015)","journal-title":"Int. J. Distrib. Sens. Netw."},{"key":"20_CR21","doi-asserted-by":"crossref","unstructured":"Kantchelian, A.,\u00a0Afroz, S., et\u00a0al.: Approaches to adversarial drift. In:\u00a0Sadeghi, A.,\u00a0Nelson, B.,\u00a0Dimitrakakis, C.,\u00a0Shi, E. (eds.) AISec, pp. 99\u2013110. ACM (2013)","DOI":"10.1145\/2517312.2517320"},{"key":"20_CR22","doi-asserted-by":"crossref","unstructured":"Lee, D., Song, I.S., Kim, K.J., Jeong, J.-H.: A study on malicious codes pattern analysis using visualization. In: ICISA, pp. 1\u20135 (2011)","DOI":"10.1109\/ICISA.2011.5772330"},{"key":"20_CR23","doi-asserted-by":"crossref","unstructured":"Li, B., Roundy, K.A., Gates, C.S.,\u00a0Vorobeychik, Y.: Large-scale identification of malicious singleton files. In: CODASPY, pp. 227\u2013238. ACM (2017)","DOI":"10.1145\/3029806.3029815"},{"key":"20_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"185","DOI":"10.1007\/978-3-030-01216-8_12","volume-title":"Computer Vision \u2013 ECCV 2018","author":"D Mahajan","year":"2018","unstructured":"Mahajan, D., et al.: Exploring the limits of weakly supervised pretraining. In: Ferrari, V., Hebert, M., Sminchisescu, C., Weiss, Y. (eds.) ECCV 2018. LNCS, vol. 11206, pp. 185\u2013201. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-01216-8_12"},{"key":"20_CR25","doi-asserted-by":"crossref","unstructured":"Mercaldo, F.,\u00a0Santone, A.: Deep learning for image-based mobile malware detection. J. Comput. Virol. Hack. Techn., 1\u201315 (2020)","DOI":"10.1007\/s11416-019-00346-7"},{"key":"20_CR26","doi-asserted-by":"crossref","unstructured":"Nataraj, L.,\u00a0Karthikeyan, S.,\u00a0Jacob, G.,\u00a0Manjunath, B.: Malware images: visualization and automatic classification. In: VizSec, p.\u00a04 (2011)","DOI":"10.1145\/2016904.2016908"},{"key":"20_CR27","doi-asserted-by":"publisher","first-page":"871","DOI":"10.1016\/j.cose.2018.04.005","volume":"77","author":"S Ni","year":"2018","unstructured":"Ni, S., Qian, Q., Zhang, R.: Malware identification using visualization images and deep learning. Comput. Secur. 77, 871\u2013885 (2018)","journal-title":"Comput. Secur."},{"key":"20_CR28","volume-title":"Learning Linux Binary Analysis","author":"RE O\u2019Neill","year":"2016","unstructured":"O\u2019Neill, R.E.: Learning Linux Binary Analysis. Packt Publishing, Birmingham (2016)"},{"key":"20_CR29","unstructured":"Pendlebury, F.,\u00a0Pierazzi, F., et\u00a0al.: TESSERACT: eliminating experimental bias in malware classification across space and time. In: USENIX Security, pp. 729\u2013746 (2019)"},{"key":"20_CR30","doi-asserted-by":"crossref","unstructured":"Saxe, J.,\u00a0Berlin, K.: Deep neural network based malware detection using two dimensional binary program features. In: MALWARE, pp. 11\u201320 (2015)","DOI":"10.1109\/MALWARE.2015.7413680"},{"key":"20_CR31","doi-asserted-by":"crossref","unstructured":"Sun, C.,\u00a0Shrivastava, A.,\u00a0Singh, S.,\u00a0Gupta, A.: Revisiting unreasonable effectiveness of data in deep learning era. In: IEEE ICCV, pp. 843\u2013852 (2017)","DOI":"10.1109\/ICCV.2017.97"},{"key":"20_CR32","doi-asserted-by":"crossref","unstructured":"Thomas, K.,\u00a0Grier, C.,\u00a0Ma, J.,\u00a0Paxson, V.,\u00a0Song, D.: Design and evaluation of a real-time url spam filtering service. In: IEEE S &P, pp. 447\u2013462 (2011)","DOI":"10.1109\/SP.2011.25"},{"key":"20_CR33","doi-asserted-by":"crossref","unstructured":"Thomas, K.,\u00a0Grier, C.,\u00a0Ma, J.,\u00a0Paxson, V.,\u00a0Song, D.: Design and evaluation of a real-time URL spam filtering service. In: IEEE Symposium S &P, pp. 447\u2013462 (2011)","DOI":"10.1109\/SP.2011.25"},{"key":"20_CR34","doi-asserted-by":"crossref","unstructured":"Vasan, D.,\u00a0Alazab, M.,\u00a0Wassan, S.,\u00a0Safaei, B.,\u00a0Zheng, Q.: Image-based malware classification using ensemble of cnn architectures (imcec). Comput. Secur. (2020)","DOI":"10.1016\/j.cose.2020.101748"},{"key":"20_CR35","doi-asserted-by":"crossref","unstructured":"Wang, Q., et al.: Adversary resistant deep neural networks with an application to malware detection. In: ACM KDD, pp. 1145\u20131153 (2017)","DOI":"10.1145\/3097983.3098158"},{"key":"20_CR36","doi-asserted-by":"crossref","unstructured":"Xu, K.,\u00a0Li, Y., Deng, R.H.,\u00a0Chen, K.,\u00a0Xu, J.: Droidevolver: self-evolving android malware detection system. In: IEEE EuroS &P, pp. 47\u201362. IEEE (2019)","DOI":"10.1109\/EuroSP.2019.00014"},{"key":"20_CR37","doi-asserted-by":"crossref","unstructured":"Xu, Y.,\u00a0Sun, F.,\u00a0Zhang, X.: Literature survey of active learning in multimedia annotation and retrieval. In: ICIMCS, pp. 237\u2013242. ACM (2013)","DOI":"10.1145\/2499788.2499794"},{"key":"20_CR38","doi-asserted-by":"crossref","unstructured":"Yang, L.,\u00a0Ciptadi, A.,\u00a0Laziuk, I.,\u00a0Ahmadzadeh, A.,\u00a0Wang, G.: Bodmas: an open dataset for learning based temporal analysis of pe malware. In: DL and Security Workshop (2021)","DOI":"10.1109\/SPW53761.2021.00020"},{"key":"20_CR39","doi-asserted-by":"crossref","unstructured":"Zhang, J.,\u00a0Qin, Z.,\u00a0Yin, H.,\u00a0Ou, L.,\u00a0Hu, Y.: IRMD: malware variant detection using opcode image recognition. In: IEEE ICPADS, pp. 1175\u20131180 (2016)","DOI":"10.1109\/ICPADS.2016.0155"},{"key":"20_CR40","doi-asserted-by":"crossref","unstructured":"Zhang, X., et al.: Enhancing state-of-the-art classifiers with api semantics to detect evolved android malware. In: ACM CCS, pp. 757\u2013770 (2020)","DOI":"10.1145\/3372297.3417291"}],"container-title":["Lecture Notes in Computer Science","Web Information Systems Engineering \u2013 WISE 2024"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-96-0567-5_20","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,12,2]],"date-time":"2024-12-02T09:08:06Z","timestamp":1733130486000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-96-0567-5_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,3]]},"ISBN":["9789819605668","9789819605675"],"references-count":40,"URL":"https:\/\/doi.org\/10.1007\/978-981-96-0567-5_20","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024,12,3]]},"assertion":[{"value":"3 December 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"WISE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Web Information Systems Engineering","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Doha","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Qatar","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2 December 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5 December 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"wise2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/wise2024-qatar.com\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}