{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,24]],"date-time":"2025-12-24T12:32:26Z","timestamp":1766579546476,"version":"3.37.3"},"reference-count":43,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2016,9,23]],"date-time":"2016-09-23T00:00:00Z","timestamp":1474588800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"funder":[{"name":"Dankook University (BK21 Plus)"},{"name":"the National Research Foundation of Korea (NRF) funded by the Ministry of Education","award":["NRF-2015R1D1A1A02061946"],"award-info":[{"award-number":["NRF-2015R1D1A1A02061946"]}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Soft Comput"],"published-print":{"date-parts":[[2018,1]]},"DOI":"10.1007\/s00500-016-2357-x","type":"journal-article","created":{"date-parts":[[2016,9,23]],"date-time":"2016-09-23T02:00:19Z","timestamp":1474596019000},"page":"595-606","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["A software classification scheme using binary-level characteristics for efficient software filtering"],"prefix":"10.1007","volume":"22","author":[{"given":"Yesol","family":"Kim","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9917-0429","authenticated-orcid":false,"given":"Seong-je","family":"Cho","sequence":"additional","affiliation":[]},{"given":"Sangchul","family":"Han","sequence":"additional","affiliation":[]},{"given":"Ilsun","family":"You","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,9,23]]},"reference":[{"key":"2357_CR1","unstructured":"Bayer U, Comparetti PM, Hlauschek C, Kruegel C, Kirda E (2009) Scalable, behavior-based malware clustering. In: Proceedings of symposium on network and distributed system security (NDSS). The Internet Society, Feb 2009"},{"issue":"184\u2013189","key":"2357_CR2","first-page":"79","volume":"2001","author":"J Bergeron","year":"2001","unstructured":"Bergeron J, Debbabi M, Desharnais J, Erhioui MM, Lavoie Y, Tawbi N et al (2001) Static detection of malicious code in executable programs. Int J Requir Eng 2001(184\u2013189):79","journal-title":"Int J Requir Eng"},{"issue":"1","key":"2357_CR3","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1023\/A:1010933404324","volume":"45","author":"L Breiman","year":"2001","unstructured":"Breiman L (2001) Random forests. Mach Learn 45(1):5\u201332","journal-title":"Mach Learn"},{"issue":"5","key":"2357_CR4","doi-asserted-by":"crossref","first-page":"845","DOI":"10.1007\/s00500-011-0777-1","volume":"16","author":"JM Cadenas","year":"2012","unstructured":"Cadenas JM, Garrido MC, Mart\u00ednez R, Bonissone PP (2012) Extending information processing in a fuzzy random forest ensemble. Soft Comput 16(5):845\u2013861","journal-title":"Soft Comput"},{"issue":"1","key":"2357_CR5","doi-asserted-by":"crossref","first-page":"101","DOI":"10.1109\/TIFS.2012.2223685","volume":"8","author":"PPF Chan","year":"2013","unstructured":"Chan PPF, Hui LCK, Yiu SM (2013) Heap graph based software theft detection. IEEE Trans Inf Forensics Secur 8(1):101\u2013110","journal-title":"IEEE Trans Inf Forensics Secur"},{"issue":"4","key":"2357_CR6","doi-asserted-by":"crossref","first-page":"473","DOI":"10.1007\/s12652-015-0257-z","volume":"6","author":"Y-W Chen","year":"2015","unstructured":"Chen Y-W, Wang J-L, Cai Y-Q, Ji-Xiang D (2015) A method for Chinese text classification based on apparent semantics and latent aspects. J Ambient Intell Humaniz Comput 6(4):473\u2013480","journal-title":"J Ambient Intell Humaniz Comput"},{"issue":"5","key":"2357_CR7","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/1387673.1387674","volume":"30","author":"M Dalla Preda","year":"2008","unstructured":"Dalla Preda M, Christodorescu M, Jha S, Debray S (2008) A semantics-based approach to malware detection. ACM Trans Program Lang Syst 30(5):1\u201354","journal-title":"ACM Trans Program Lang Syst"},{"key":"2357_CR8","doi-asserted-by":"crossref","unstructured":"Firdausi I, Lim C, Erwin A, Nugroho AS (2010) Analysis of machine learning techniques used in behavior-based malware detection. In: 2010 second international conference on advances in computing, control and telecommunication technologies (ACT). IEEE, pp 201\u2013203","DOI":"10.1109\/ACT.2010.33"},{"key":"2357_CR9","doi-asserted-by":"crossref","unstructured":"Gandotra E, Bansal D, Sofat S (2014) Malware analysis and classification: a survey. J Inf Secur 5:56\u201364","DOI":"10.4236\/jis.2014.52006"},{"key":"2357_CR10","unstructured":"Gantz JF, Vavra T, Howard J, Rodolfo R, Lee R, Satidkanitkul A, Taori HN, Sharma R, Villate R, Florean A et\u00a0al (2013) The dangerous world of counterfeit and pirated software. IDC White Paper"},{"key":"2357_CR11","unstructured":"Gantz JF, Florean A, Lee R, Lim V, Sikdar B, Lakshmi SKS, Madhavan L, Nagappan M (2014) The link between pirated software and cyber security breaches. IDC White Paper"},{"key":"2357_CR12","unstructured":"Gupta DL, Malviya AK, Singh S (2012) Performance analysis of classification tree learning algorithms. Int J Comput Appl 55(6) 39\u201344"},{"key":"2357_CR13","doi-asserted-by":"crossref","unstructured":"Hall M, Frank E, Holmes G, Pfahringer B, Reutemann P, Witten HI (2009) The WEKA data mining software: an update. SIGKDD Explor 11(1):10\u201318","DOI":"10.1145\/1656274.1656278"},{"key":"2357_CR14","doi-asserted-by":"crossref","unstructured":"Han KS, Kang B, Im EG (2011) Malware classification using instruction frequencies. In: Proceedings of the 2011 ACM symposium on research in applied computation (RACS). ACM, pp 298\u2013300","DOI":"10.1145\/2103380.2103441"},{"key":"2357_CR15","doi-asserted-by":"crossref","unstructured":"Jang M, Kim D (2013) Filtering illegal android application based on feature information. In: Proceedings of the 2013 research in adaptive and convergent systems. ACM, pp 357\u2013358","DOI":"10.1145\/2513228.2513328"},{"key":"2357_CR16","doi-asserted-by":"crossref","unstructured":"Kang SW, Shim H, Cho S, Park M, Han S (2014) A robust and efficient birthmark-based android application filtering system. In: Proceedings of the 2014 conference on research in adaptive and convergent systems. ACM, pp 253\u2013257","DOI":"10.1145\/2663761.2664231"},{"issue":"7","key":"2357_CR17","doi-asserted-by":"crossref","first-page":"939","DOI":"10.1016\/j.jss.2005.06.044","volume":"79","author":"S Kawaguchi","year":"2006","unstructured":"Kawaguchi S, Garg PK, Matsushita M, Inoue K (2006) Mudablue: an automatic categorization system for open source repositories. J Syst Softw 79(7):939\u2013953","journal-title":"J Syst Softw"},{"key":"2357_CR18","volume-title":"Analyzing document collections via context-aware term extraction","author":"DA Keim","year":"2009","unstructured":"Keim DA, Oelke D, Rohrdantz C (2009) Analyzing document collections via context-aware term extraction. Springer, Berlin"},{"key":"2357_CR19","doi-asserted-by":"crossref","unstructured":"Kim Y, Park J, Cho S, Nah Y, Han S, Park M (2015) Machine learning-based software classification scheme for efficient program similarity analysis. In: Proceedings of the 2015 conference on research in adaptive and convergent systems. ACM, pp 114\u2013118","DOI":"10.1145\/2811411.2811549"},{"issue":"5","key":"2357_CR20","doi-asserted-by":"crossref","first-page":"1821","DOI":"10.1007\/s00500-015-1678-5","volume":"20","author":"D Kim","year":"2016","unstructured":"Kim D, Kim Y, Cho S, Park M, Han S, Lee G, Hwang Y (2016) An effective and intelligent windows application filtering system using software similarity. Soft Comput 20(5):1821\u20131827","journal-title":"Soft Comput"},{"key":"2357_CR21","first-page":"2721","volume":"7","author":"JZ Kolter","year":"2006","unstructured":"Kolter JZ, Maloof MA (2006) Learning to detect and classify malicious executables in the wild. J Mach Learn Res 7:2721\u20132744","journal-title":"J Mach Learn Res"},{"key":"2357_CR22","unstructured":"Lanzi A, Sharif M, Lee W (2009) K-tracer: a system for extracting kernel malware behavior. In: Proceedings of symposium on network and distributed system security (NDSS). The Internet Society, Feb 2009"},{"key":"2357_CR23","unstructured":"Lee T, Mody JJ (2006) Behavioral classification. In: Proceedings of annual conference of the European Institute for Computer Antivirus Research (EICAR), pp 1\u201317, Apr 2006"},{"key":"2357_CR24","doi-asserted-by":"crossref","unstructured":"Linn C, Debray S (2003) Obfuscation of executable code to improve resistance to static disassembly. In: Proceedings of the 10th ACM conference on computer and communications security. ACM, pp 290\u2013299","DOI":"10.1145\/948109.948149"},{"key":"2357_CR25","doi-asserted-by":"crossref","unstructured":"Litvak M, Last M, Kandel A (2013) Degext: a language-independent keyphrase extractor. J Ambient Intell Humaniz Comput 4(3) 377\u2013387","DOI":"10.1007\/s12652-012-0109-z"},{"key":"2357_CR26","doi-asserted-by":"crossref","unstructured":"McMillan C, Linares-Vasquez M, Poshyvanyk D, Grechanik M (2011) Categorizing software applications for maintenance. In: Proceedings of the 27th IEEE international conference on software maintenance (ICSM 2011), Williamsburg, VA, USA, pp 343\u2013352. IEEE, Sept 2011","DOI":"10.1109\/ICSM.2011.6080801"},{"key":"2357_CR27","doi-asserted-by":"crossref","unstructured":"Moser A, Kruegel C, Kirda E (2007) Limits of static analysis for malware detection. In: Twenty-third annual computer security applications conference, 2007. ACSAC 2007. IEEE, pp 421\u2013430","DOI":"10.1109\/ACSAC.2007.21"},{"issue":"1","key":"2357_CR28","doi-asserted-by":"crossref","first-page":"343","DOI":"10.1007\/s00500-014-1511-6","volume":"20","author":"FA Narudin","year":"2016","unstructured":"Narudin FA, Feizollah A, Anuar NB, Gani A (2016) Evaluation of machine learning classifiers for mobile malware detection. Soft Comput 20(1):343\u2013357","journal-title":"Soft Comput"},{"key":"2357_CR29","doi-asserted-by":"crossref","unstructured":"Oshiro TM, Perez PS, Baranauskas JA (2012) How many trees in a random forest? In: MLDM. Springer, pp 154\u2013168","DOI":"10.1007\/978-3-642-31537-4_13"},{"issue":"1","key":"2357_CR30","doi-asserted-by":"crossref","first-page":"615","DOI":"10.1016\/j.asoc.2012.08.045","volume":"13","author":"F Palmien","year":"2013","unstructured":"Palmien F, Fiore U, Castiglionec A, De Santis A (2013) On the detection of card-sharing traffic through wavelet analysis and support vector machines. Appl Soft Comput 13(1):615\u2013627","journal-title":"Appl Soft Comput"},{"key":"2357_CR31","doi-asserted-by":"crossref","unstructured":"Rieck K, Holz T, Willems C, D\u00fcssel P, Laskov P (2008) Learning and classification of malware behavior. In: Proceedings of conference on detection of intrusions and malware, and vulnerability assessment (DIMVA). Springer, pp 108\u2013125","DOI":"10.1007\/978-3-540-70542-0_6"},{"issue":"4","key":"2357_CR32","doi-asserted-by":"crossref","first-page":"639","DOI":"10.3233\/JCS-2010-0410","volume":"19","author":"K Rieck","year":"2011","unstructured":"Rieck K, Trinius P, Willems C, Holz T (2011) Automatic analysis of malware behavior using machine learning. J Comput Secur 19(4):639\u2013668","journal-title":"J Comput Secur"},{"issue":"11","key":"2357_CR33","doi-asserted-by":"crossref","first-page":"613","DOI":"10.1145\/361219.361220","volume":"18","author":"G Salton","year":"1975","unstructured":"Salton G, Wong A, Yang C-S (1975) A vector space model for automatic indexing. Commun ACM 18(11):613\u2013620","journal-title":"Commun ACM"},{"key":"2357_CR34","doi-asserted-by":"crossref","unstructured":"Schultz MG, Eskin E, Zadok E, Stolfo SJ (2001) Data mining methods for detection of new malicious executables. In: Proceedings of IEEE symposium on security and privacy. IEEE, pp 38\u201349, May 2001","DOI":"10.1109\/SECPRI.2001.924286"},{"key":"2357_CR35","unstructured":"SourceForge. \n                        http:\/\/sourceforge.net"},{"issue":"1","key":"2357_CR36","doi-asserted-by":"crossref","first-page":"11","DOI":"10.1108\/eb026526","volume":"28","author":"K Sparck Jones","year":"1972","unstructured":"Sparck Jones K (1972) A statistical interpretation of term specificity and its application in retrieval. J Doc 28(1):11\u201321","journal-title":"J Doc"},{"key":"2357_CR37","doi-asserted-by":"crossref","unstructured":"Suh GE, Lee JW, Zhang D, Devadas S (2004) Secure program execution via dynamic information flow tracking. In: ACM Sigplan Notices, vol 39. ACM, pp 85\u201396","DOI":"10.1145\/1024393.1024404"},{"issue":"16","key":"2357_CR38","doi-asserted-by":"crossref","first-page":"2077","DOI":"10.1016\/j.patrec.2012.06.012","volume":"33","author":"H Tak\u00e7\u0131","year":"2012","unstructured":"Tak\u00e7\u0131 H, G\u00fcng\u00f6r T (2012) A high performance centroid-based classification approach for language identification. Pattern Recognit Lett 33(16):2077\u20132084","journal-title":"Pattern Recognit Lett"},{"key":"2357_CR39","doi-asserted-by":"crossref","unstructured":"Tian K, Revelle M, Poshyvanyk D (2009) Using latent Dirichlet allocation for automatic categorization of software. In: Proceedings of the 6th IEEE international working conference on mining software repositories (MSR\u201909), Vancouver, Canada. IEEE, pp 163\u2013166, May","DOI":"10.1109\/MSR.2009.5069496"},{"key":"2357_CR40","doi-asserted-by":"crossref","unstructured":"Ugurel S, Krovetz R, Giles CL (2002) What\u2019s the code? Automatic classification of source code archives. In: Proceedings of the eighth ACM SIGKDD international conference on knowledge discovery and data mining. ACM, pp 632\u2013638","DOI":"10.1145\/775047.775141"},{"issue":"2","key":"2357_CR41","first-page":"209","volume":"29","author":"D Wang","year":"2013","unstructured":"Wang D, Zhang H (2013) Inverse-category-frequency based supervised term weighting schemes for text categorization. J Inf Sci Eng 29(2):209\u2013225","journal-title":"J Inf Sci Eng"},{"issue":"2","key":"2357_CR42","doi-asserted-by":"crossref","first-page":"32","DOI":"10.1109\/MSP.2007.45","volume":"5","author":"C Willems","year":"2007","unstructured":"Willems C, Holz T, Freiling F (2007) Cwsandbox: towards automated dynamic binary analysis. IEEE Secur Priv 5(2):32\u201339","journal-title":"IEEE Secur Priv"},{"key":"2357_CR43","unstructured":"Yang C-Z, Tu M-H (2012) Lacta: an enhanced automatic software categorization on the native code of android applications. In: Proceedings of the international multiconference of engineers and computer scientists (IMECS 2012), vol 1, Hong Kong, Mar 2012"}],"container-title":["Soft Computing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00500-016-2357-x\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00500-016-2357-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00500-016-2357-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2018,1,20]],"date-time":"2018-01-20T01:42:16Z","timestamp":1516412536000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00500-016-2357-x"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,9,23]]},"references-count":43,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2018,1]]}},"alternative-id":["2357"],"URL":"https:\/\/doi.org\/10.1007\/s00500-016-2357-x","relation":{},"ISSN":["1432-7643","1433-7479"],"issn-type":[{"type":"print","value":"1432-7643"},{"type":"electronic","value":"1433-7479"}],"subject":[],"published":{"date-parts":[[2016,9,23]]}}}