{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,29]],"date-time":"2026-05-29T21:58:28Z","timestamp":1780091908326,"version":"3.54.0"},"publisher-location":"Singapore","reference-count":23,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819688913","type":"print"},{"value":"9789819688920","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,7,12]],"date-time":"2025-07-12T00:00:00Z","timestamp":1752278400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,7,12]],"date-time":"2025-07-12T00:00:00Z","timestamp":1752278400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-981-96-8892-0_10","type":"book-chapter","created":{"date-parts":[[2025,7,11]],"date-time":"2025-07-11T08:07:40Z","timestamp":1752221260000},"page":"116-127","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["RANsomCheck: A CNN-Transformer Model for\u00a0Malware Detection Based on\u00a0API Call Sequences"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5444-2029","authenticated-orcid":false,"given":"Sheng-Shan","family":"Chen","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Yi-Xuan","family":"Wu","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ying-Xuan","family":"Ho","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Pang-Po","family":"Cheng","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1034-8628","authenticated-orcid":false,"given":"Chin-Yu","family":"Sun","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2025,7,12]]},"reference":[{"key":"10_CR1","unstructured":"FortiGuard Labs. Global Threat Landscape Report: A Semiannual Report by FortiGuard Labs (2023). https:\/\/www.fortinet.com\/content\/dam\/fortinet\/assets\/threat-reports\/threat-report-1h-2023.pdf. Accessed 12 Feb 2024"},{"key":"10_CR2","doi-asserted-by":"publisher","first-page":"40698","DOI":"10.1109\/ACCESS.2023.3268535","volume":"11","author":"S Razaulla","year":"2023","unstructured":"Razaulla, S., et al.: The age of ransomware: a survey on the evolution, taxonomy, and research directions. IEEE Access 11, 40698\u201340723 (2023). https:\/\/doi.org\/10.1109\/ACCESS.2023.3268535","journal-title":"IEEE Access"},{"key":"10_CR3","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2023.103704","volume":"218","author":"P Maniriho","year":"2023","unstructured":"Maniriho, P., Mahmood, A.N., Chowdhury, M.: API-MalDetect: automated malware detection framework for windows based on API calls and deep learning techniques. J. Netw. Comput. Appl. 218, 103704 (2023)","journal-title":"J. Netw. Comput. Appl."},{"key":"10_CR4","unstructured":"Sgandurra, D., Mu\u00f1oz-Gonz\u00e1lez, L., Mohsen, R., Lupu, E.C.: Automated dynamic analysis of ransomware: benefits, limitations and use for detection. arXiv preprint arXiv:1609.03020 (2016)"},{"key":"10_CR5","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.future.2021.11.030","volume":"130","author":"P Maniriho","year":"2022","unstructured":"Maniriho, P., Mahmood, A.N., Chowdhury, M.: A study on malicious software behaviour analysis and detection techniques: taxonomy, current trends and challenges. Futur. Gener. Comput. Syst. 130, 1\u201318 (2022)","journal-title":"Futur. Gener. Comput. Syst."},{"key":"10_CR6","doi-asserted-by":"publisher","unstructured":"Agrawal, R., Stokes, J.W., Selvaraj, K., Marinescu, M.: Attention in recurrent neural networks for ransomware detection. In: 2019 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), ICASSP 2019, Brighton, UK, pp. 3222\u20133226 (2019). https:\/\/doi.org\/10.1109\/ICASSP.2019.8682899","DOI":"10.1109\/ICASSP.2019.8682899"},{"key":"10_CR7","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2020.102753","volume":"167","author":"YA Ahmed","year":"2020","unstructured":"Ahmed, Y.A., Ko\u00e7er, B., Huda, S., Al-rimy, B., Hassan, M.M.: A system call refinement-based enhanced Minimum Redundancy Maximum Relevance method for ransomware early detection. J. Netw. Comput. Appl. 167, 102753 (2020)","journal-title":"J. Netw. Comput. Appl."},{"key":"10_CR8","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102490","volume":"111","author":"C Beaman","year":"2021","unstructured":"Beaman, C., Barkworth, A., Akande, T.D., Hakak, S., Khan, M.K.: Ransomware: recent advances, analysis, challenges and future research directions. Comput. Secur. 111, 102490 (2021)","journal-title":"Comput. Secur."},{"key":"10_CR9","unstructured":"National Applied Research Laboratories. (n.d.). *Malware Knowledge Base* Retrieved July 2024. https:\/\/owl.nchc.org.tw\/"},{"key":"10_CR10","doi-asserted-by":"publisher","unstructured":"Li, C., Lv, Q., Li, N., Wang, Y., Sun, D., Qiao, Y.: A novel deep framework for dynamic malware detection based on API sequence intrinsic features. Comput. Secur. 116(C) (2022). https:\/\/doi.org\/10.1016\/j.cose.2022.102686","DOI":"10.1016\/j.cose.2022.102686"},{"key":"10_CR11","doi-asserted-by":"publisher","first-page":"116363","DOI":"10.1109\/ACCESS.2020.3002842","volume":"8","author":"Y Pan","year":"2020","unstructured":"Pan, Y., Ge, X., Fang, C., Fan, Y.: A systematic literature review of Android malware detection using static analysis. IEEE Access 8, 116363\u2013116379 (2020)","journal-title":"IEEE Access"},{"issue":"3","key":"10_CR12","doi-asserted-by":"publisher","first-page":"786","DOI":"10.1080\/09540091.2021.1889977","volume":"33","author":"G D\u2019Angelo","year":"2021","unstructured":"D\u2019Angelo, G., Palmieri, F., Robustelli, A., Castiglione, A.: Effective classification of Android malware families through dynamic features and neural networks. Connect. Sci. 33(3), 786\u2013801 (2021)","journal-title":"Connect. Sci."},{"key":"10_CR13","doi-asserted-by":"crossref","unstructured":"Moser, A., Kruegel, C., Kirda, E.: Limits of static analysis for malware detection. In: Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007), pp. 421\u2013430. IEEE (2007)","DOI":"10.1109\/ACSAC.2007.21"},{"key":"10_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"122","DOI":"10.1007\/978-3-030-04212-7_11","volume-title":"Neural Information Processing","author":"F Al Shamsi","year":"2018","unstructured":"Al Shamsi, F., Woon, W.L., Aung, Z.: Discovering similarities in malware behaviors by clustering of API call sequences. In: Cheng, L., Leung, A., Ozawa, S. (eds.) ICONIP 2018. LNCS, vol. 11304, pp. 122\u2013133. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-04212-7_11"},{"key":"10_CR15","doi-asserted-by":"publisher","first-page":"26","DOI":"10.1016\/j.jpdc.2019.11.001","volume":"137","author":"G D\u2019Angelo","year":"2020","unstructured":"D\u2019Angelo, G., Ficco, M., Palmieri, F.: Malware detection in mobile environments based on Autoencoders and API-images. J. Parallel Distrib. Comput. 137, 26\u201333 (2020)","journal-title":"J. Parallel Distrib. Comput."},{"key":"10_CR16","doi-asserted-by":"crossref","unstructured":"Ficco, M.: Detecting IoT malware by Markov chain behavioral models. In: 2019 IEEE International Conference on Cloud Engineering (IC2E), pp. 229\u2013234. IEEE (2019)","DOI":"10.1109\/IC2E.2019.00037"},{"key":"10_CR17","doi-asserted-by":"crossref","unstructured":"Takeuchi, Y., Sakai, K., Fukumoto, S.: Detecting ransomware using support vector machines. In: Workshop Proceedings of the 47th International Conference on Parallel Processing, pp. 1\u20136 (2018)","DOI":"10.1145\/3229710.3229726"},{"key":"10_CR18","doi-asserted-by":"crossref","unstructured":"AlSobeh, A.M., Gaber, K., Hammad, M.M., Nuser, M., Shatnawi, A.: Android malware detection using time-aware machine learning approach. Cluster Comput. 1\u201322 (2024)","DOI":"10.1007\/s10586-024-04484-6"},{"key":"10_CR19","doi-asserted-by":"crossref","unstructured":"Ren, K., Qiang, W., Wu, Y., Zhou, Y., Zou, D., Jin, H.: An empirical study on the effects of obfuscation on static machine learning-based malicious JavaScript detectors. In: Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, pp. 1420\u20131432 (2023)","DOI":"10.1145\/3597926.3598146"},{"key":"10_CR20","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101760","volume":"92","author":"E Amer","year":"2020","unstructured":"Amer, E., Zelinka, I.: A dynamic Windows malware detection and prediction method based on contextual understanding of API call sequence. Comput. Secur. 92, 101760 (2020)","journal-title":"Comput. Secur."},{"issue":"5","key":"10_CR21","doi-asserted-by":"publisher","first-page":"963","DOI":"10.3390\/electronics13050963","volume":"13","author":"M Kim","year":"2024","unstructured":"Kim, M., Kim, H.: A dynamic analysis data preprocessing technique for malicious code detection with TF-IDF and sliding windows. Electronics 13(5), 963 (2024)","journal-title":"Electronics"},{"key":"10_CR22","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"72","DOI":"10.1007\/978-981-15-0310-8_5","volume-title":"Software Engineering and Methodology for Emerging Domains","author":"Y Liu","year":"2019","unstructured":"Liu, Y., Li, G., Jin, Z.: Call graph based Android malware detection with CNN. In: Li, Z., Jiang, H., Li, G., Zhou, M., Li, M. (eds.) NASAC 2017-2018. CCIS, vol. 861, pp. 72\u201382. Springer, Singapore (2019). https:\/\/doi.org\/10.1007\/978-981-15-0310-8_5"},{"key":"10_CR23","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2024.103972","volume":"144","author":"SS Chen","year":"2024","unstructured":"Chen, S.S., Hwang, R.H., Ali, A., Lin, Y.D., Wei, Y.C., Pai, T.W.: Improving quality of indicators of compromise using STIX graphs. Comput. Secur. 144, 103972 (2024)","journal-title":"Comput. Secur."}],"container-title":["Lecture Notes in Computer Science","Advances and Trends in Artificial Intelligence. Theory and Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-96-8892-0_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,22]],"date-time":"2026-04-22T18:57:22Z","timestamp":1776884242000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-96-8892-0_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,7,12]]},"ISBN":["9789819688913","9789819688920"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-981-96-8892-0_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,7,12]]},"assertion":[{"value":"12 July 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"IEA\/AIE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Industrial, Engineering and Other Applications of Applied Intelligent Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Kytakyushu","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Japan","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1 July 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 July 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"38","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ieaaie2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.i-somet.org\/iea-aie2025\/committees.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}