{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,24]],"date-time":"2026-02-24T18:41:32Z","timestamp":1771958492390,"version":"3.50.1"},"publisher-location":"Singapore","reference-count":25,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819655656","type":"print"},{"value":"9789819655663","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-981-96-5566-3_17","type":"book-chapter","created":{"date-parts":[[2025,6,13]],"date-time":"2025-06-13T20:22:52Z","timestamp":1749846172000},"page":"329-343","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Reinterpreting System Calls for\u00a0Enhanced IoT Malware Analysis Using Function Call Graphs"],"prefix":"10.1007","author":[{"given":"Wei-Jen","family":"Liao","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9616-3212","authenticated-orcid":false,"given":"Tao","family":"Ban","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9796-0643","authenticated-orcid":false,"given":"Shin-Ming","family":"Cheng","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6477-7770","authenticated-orcid":false,"given":"Takeshi","family":"Takahashi","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,6,14]]},"reference":[{"key":"17_CR1","unstructured":"ThreatLabz, Z.: 2023 enterprise IoT and OT threat report. https:\/\/info.zscaler.com\/resources-industry-reports-threatlabz-2023-enterprise-ioT-ot-threat-report (2023)"},{"issue":"6","key":"17_CR2","doi-asserted-by":"publisher","DOI":"10.1002\/spy2.444","volume":"7","author":"S Kumar","year":"2024","unstructured":"Kumar, S., Ahlawat, P., Sahni, J.: Iot malware detection using static and dynamic analysis techniques: a systematic literature review. Secur. Priv. 7(6), e444 (2024)","journal-title":"Secur. Priv."},{"key":"17_CR3","unstructured":"A specification and style guide for yara rules (2024). https:\/\/github.com\/Neo23x0\/YARA-Style-Guide"},{"key":"17_CR4","volume-title":"Engineering a Compiler","author":"KD Cooper","year":"2022","unstructured":"Cooper, K.D., Torczon, L.: Engineering a Compiler, 3rd edn. Elsevier, Amsterdam (2022)","edition":"3"},{"key":"17_CR5","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.103060","volume":"125","author":"CY Wu","year":"2023","unstructured":"Wu, C.Y., Ban, T., Cheng, S.M., Takahashi, T., Inoue, D.: IoT malware classification based on reinterpreted function-call graphs. Comput. Secur. 125, 103060 (2023)","journal-title":"Comput. Secur."},{"key":"17_CR6","doi-asserted-by":"crossref","unstructured":"Lin, G.Y., Lin, M.H., Hong, B.K., Cheng, S.M.: Hash-based function call graph fusion method for IoT malware detection. In: Proceedings of IEEE WPMC 2023, pp. 159\u2013164 (2023)","DOI":"10.1109\/WPMC59531.2023.10338981"},{"key":"17_CR7","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101740","volume":"92","author":"B Yuan","year":"2020","unstructured":"Yuan, B., Wang, J., Liu, D., Guo, W., Wu, P., Bao, X.: Byte-level malware classification based on markov images and deep learning. Comput. Secur. 92, 101740 (2020)","journal-title":"Comput. Secur."},{"key":"17_CR8","doi-asserted-by":"crossref","unstructured":"Lee, Y.T., et al.: Cross platform IoT-malware family classification based on printable strings. In: 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 775\u2013784 (2020)","DOI":"10.1109\/TrustCom50675.2020.00106"},{"key":"17_CR9","doi-asserted-by":"crossref","unstructured":"Hamad, S.A., Sheng, Q.Z., Zhang, W.E., et\u00a0al.: Bertdeep-ware: a cross-architecture malware detection solution for iot systems. In: 2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 927\u2013934 (2021)","DOI":"10.1109\/TrustCom53373.2021.00130"},{"key":"17_CR10","doi-asserted-by":"publisher","first-page":"18855","DOI":"10.1109\/ACCESS.2023.3247344","volume":"11","author":"H Lee","year":"2023","unstructured":"Lee, H., Kim, S., Baek, D., Kim, D., Hwang, D.: Robust iot malware detection and classification using opcode category features on machine learning. IEEE Access 11, 18855\u201318867 (2023)","journal-title":"IEEE Access"},{"key":"17_CR11","doi-asserted-by":"crossref","unstructured":"Hassen, M., Chan, P.K.: Scalable function call graph-based malware classification. In: Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, pp. 239\u2013248 (2017)","DOI":"10.1145\/3029806.3029824"},{"key":"17_CR12","doi-asserted-by":"publisher","first-page":"301","DOI":"10.1016\/j.neucom.2020.10.054","volume":"423","author":"M Cai","year":"2021","unstructured":"Cai, M., Jiang, Y., Gao, C., Li, H., Yuan, W.: Learning features from enhanced function call graphs for android malware detection. Neurocomputing 423, 301\u2013307 (2021)","journal-title":"Neurocomputing"},{"key":"17_CR13","doi-asserted-by":"crossref","unstructured":"Ling, X., et al.: Malgraph: hierarchical graph neural networks for robust windows malware detection. In: IEEE INFOCOM 2022-IEEE Conference on Computer Communications, pp. 1998\u20132007 (2022)","DOI":"10.1109\/INFOCOM48880.2022.9796786"},{"key":"17_CR14","doi-asserted-by":"crossref","unstructured":"Herath, J.D., Wakodikar, P.P., Yang, P., Yan, G.: Cfgexplainer: explaining graph neural network-based malware classification from control flow graphs. In: 2022 52nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 172\u2013184 (2022)","DOI":"10.1109\/DSN53405.2022.00028"},{"key":"17_CR15","doi-asserted-by":"crossref","unstructured":"Chen, Y.H., Lin, S.C., Huang, S.C., Lei, C.L., Huang, C.Y.: Guided malware sample analysis based on graph neural networks. IEEE Trans. Inf. Forensics Secur. (2023)","DOI":"10.1109\/TIFS.2023.3283913"},{"key":"17_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"309","DOI":"10.1007\/978-3-030-22038-9_15","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"L Massarelli","year":"2019","unstructured":"Massarelli, L., Di Luna, G.A., Petroni, F., Baldoni, R., Querzoni, L.: SAFE: self-attentive function embeddings for binary similarity. In: Perdisci, R., Maurice, C., Giacinto, G., Almgren, M. (eds.) DIMVA 2019. LNCS, vol. 11543, pp. 309\u2013329. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-22038-9_15"},{"key":"17_CR17","unstructured":"Narayanan, A., Chandramohan, M., Venkatesan, R., Chen, L., Liu, Y., Jaiswal, S.: graph2vec: learning distributed representations of graphs. arXiv preprint arXiv:1707.05005 (2017)"},{"issue":"5","key":"17_CR18","doi-asserted-by":"publisher","first-page":"567","DOI":"10.1007\/s10207-019-00475-6","volume":"19","author":"HT Nguyen","year":"2020","unstructured":"Nguyen, H.T., Ngo, Q.D., Le, V.H.: A novel graph-based approach for iot botnet detection. Int. J. Inf. Secur. 19(5), 567\u2013577 (2020)","journal-title":"Int. J. Inf. Secur."},{"key":"17_CR19","doi-asserted-by":"publisher","DOI":"10.1016\/j.compeleceng.2022.107703","volume":"98","author":"AG Kakisim","year":"2022","unstructured":"Kakisim, A.G., Gulmez, S., Sogukpinar, I.: Sequential opcode embedding-based malware detection method. Comput. Electr. Eng. 98, 107703 (2022)","journal-title":"Comput. Electr. Eng."},{"key":"17_CR20","unstructured":"Radare2. https:\/\/github.com\/radareorg\/radare2"},{"key":"17_CR21","unstructured":"Juszkiewicz, M.: Linux system calls table for all architectures (2024). https:\/\/gpages.juszkiewicz.com.pl\/syscalls-table\/syscalls.html"},{"key":"17_CR22","doi-asserted-by":"crossref","unstructured":"Reimers, N., Gurevych, I.: Sentence-BERT: sentence embeddings using siamese BERT-networks. In: Proceedings of the 2019 Conference on Empirical Methods in Natural Language Processing and the 9th International Joint Conference on Natural Language Processing (EMNLP-IJCNLP), pp. 3982\u20133992 (2019)","DOI":"10.18653\/v1\/D19-1410"},{"key":"17_CR23","unstructured":"Hamilton, W., Ying, Z., Leskovec, J.: Inductive representation learning on large graphs. Adv. Neural Inf. Process. Syst. 30 (2017)"},{"key":"17_CR24","unstructured":"Virustotal. https:\/\/www.virustotal.com"},{"key":"17_CR25","doi-asserted-by":"crossref","unstructured":"Aghakhani, H., et al.: When malware is packin\u2019 heat; limits of machine learning classifiers based on static analysis features. In: Network and Distributed Systems Security (NDSS) Symposium 2020 (2020)","DOI":"10.14722\/ndss.2020.24310"}],"container-title":["Lecture Notes in Computer Science","Information Security and Cryptology \u2013 ICISC 2024"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-96-5566-3_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,13]],"date-time":"2025-06-13T20:22:57Z","timestamp":1749846177000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-96-5566-3_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9789819655656","9789819655663"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/978-981-96-5566-3_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"14 June 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICISC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Security and Cryptology","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Seoul","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Korea (Republic of)","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 November 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 November 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icisc2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.icisc.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}