{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,29]],"date-time":"2026-01-29T21:10:20Z","timestamp":1769721020354,"version":"3.49.0"},"reference-count":64,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2022,10,5]],"date-time":"2022-10-05T00:00:00Z","timestamp":1664928000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2022,10,5]],"date-time":"2022-10-05T00:00:00Z","timestamp":1664928000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["U19A2081"],"award-info":[{"award-number":["U19A2081"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Soft Comput"],"published-print":{"date-parts":[[2023,1]]},"DOI":"10.1007\/s00500-022-07546-2","type":"journal-article","created":{"date-parts":[[2022,10,5]],"date-time":"2022-10-05T11:10:10Z","timestamp":1664968210000},"page":"1015-1031","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":11,"title":["DockerWatch: a two-phase hybrid detection of malware using various static features in container cloud"],"prefix":"10.1007","volume":"27","author":[{"given":"Yulong","family":"Wang","sequence":"first","affiliation":[]},{"given":"Qixu","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Xue","family":"Qin","sequence":"additional","affiliation":[]},{"given":"Xingshu","family":"Chen","sequence":"additional","affiliation":[]},{"given":"Bangzhou","family":"Xin","sequence":"additional","affiliation":[]},{"given":"Run","family":"Yang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,10,5]]},"reference":[{"key":"7546_CR1","doi-asserted-by":"crossref","unstructured":"Aafer Y, Du W, Yin H (2013) Droidapiminer: mining api-level features for robust malware detection in android. In: International conference on security and privacy in communication systems, Springer, pp 86\u2013103","DOI":"10.1007\/978-3-319-04283-1_6"},{"key":"7546_CR2","unstructured":"Abadi M, Barham P, Chen J, et\u00a0al (2016) Tensorflow: a system for large-scale machine learning. In: 12th USENIX symposium on operating systems design and implementation (OSDI 16), pp 265\u2013283"},{"key":"7546_CR3","doi-asserted-by":"publisher","unstructured":"Abed AS, Clancy TC, Levy DS (2015) Applying bag of system calls for anomalous behavior detection of applications in linux containers. In: 2015 IEEE globecom workshops (GC Wkshps), pp 1\u20135. https:\/\/doi.org\/10.1109\/GLOCOMW.2015.7414047","DOI":"10.1109\/GLOCOMW.2015.7414047"},{"issue":"5","key":"7546_CR4","doi-asserted-by":"publisher","first-page":"8977","DOI":"10.1109\/JIOT.2019.2925929","volume":"6","author":"H Alasmary","year":"2019","unstructured":"Alasmary H, Khormali A, Anwar A et al (2019) Analyzing and detecting emerging internet of things malware: a graph-based approach. IEEE Internet Things J 6(5):8977\u20138988. https:\/\/doi.org\/10.1109\/JIOT.2019.2925929","journal-title":"IEEE Internet Things J"},{"key":"7546_CR5","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102449","volume":"110","author":"E Amer","year":"2021","unstructured":"Amer E, Zelinka I, El-Sappagh S (2021) A multi-perspective malware detection approach through behavioral fusion of api call sequence. Comput Secur 110:102449","journal-title":"Comput Secur"},{"key":"7546_CR6","doi-asserted-by":"publisher","first-page":"301","DOI":"10.1016\/j.neucom.2020.10.054","volume":"423","author":"M Cai","year":"2021","unstructured":"Cai M, Jiang Y, Gao C et al (2021) Learning features from enhanced function call graphs for android malware detection. Neurocomputing 423:301\u2013307. https:\/\/doi.org\/10.1016\/j.neucom.2020.10.054","journal-title":"Neurocomputing"},{"issue":"5","key":"7546_CR7","doi-asserted-by":"publisher","first-page":"1079","DOI":"10.1109\/TDSC.2018.2846258","volume":"17","author":"D Chen","year":"2018","unstructured":"Chen D, Zhang N, Cheng N et al (2018) Physical layer based message authentication with secure channel codes. IEEE Trans Dependable Secur Comput 17(5):1079\u20131093","journal-title":"IEEE Trans Dependable Secur Comput"},{"issue":"1","key":"7546_CR8","doi-asserted-by":"publisher","first-page":"467","DOI":"10.1109\/TII.2020.3045161","volume":"18","author":"D Chen","year":"2020","unstructured":"Chen D, Zhao Z, Qin X et al (2020) Magleak: a learning-based side-channel attack for password recognition with multiple sensors in iiot environment. IEEE Trans Ind Inf 18(1):467\u2013476","journal-title":"IEEE Trans Ind Inf"},{"key":"7546_CR9","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2020.3037181","author":"P Chhikara","year":"2020","unstructured":"Chhikara P, Tekchandani R, Kumar N et al (2020) An efficient container management scheme for resource constrained intelligent iot devices. IEEE Internet Things J. https:\/\/doi.org\/10.1109\/JIOT.2020.3037181","journal-title":"IEEE Internet Things J"},{"issue":"5","key":"7546_CR10","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1109\/MCC.2016.100","volume":"3","author":"T Combe","year":"2016","unstructured":"Combe T, Martin A, Di Pietro R (2016) To docker or not to docker: a security perspective. IEEE Cloud Comput 3(5):54\u201362. https:\/\/doi.org\/10.1109\/MCC.2016.100","journal-title":"IEEE Cloud Comput"},{"key":"7546_CR11","doi-asserted-by":"publisher","unstructured":"Cozzi E, Graziano M, Fratantonio Y, et\u00a0al (2018) Understanding linux malware. In: 2018 IEEE symposium on security and privacy (SP), pp 161\u2013175. https:\/\/doi.org\/10.1109\/SP.2018.00054","DOI":"10.1109\/SP.2018.00054"},{"issue":"7","key":"7546_CR12","doi-asserted-by":"publisher","first-page":"3187","DOI":"10.1109\/TII.2018.2822680","volume":"14","author":"Z Cui","year":"2018","unstructured":"Cui Z, Xue F, Cai X et al (2018) Detection of malicious code variants based on deep learning. IEEE Trans Ind Inf 14(7):3187\u20133196. https:\/\/doi.org\/10.1109\/TII.2018.2822680","journal-title":"IEEE Trans Ind Inf"},{"key":"7546_CR13","unstructured":"Ding F, Zhu G, Alazab M, et\u00a0al (2020) Deep-learning-empowered digital forensics for edge consumer electronics in 5g hetnets. IEEE Consum Electron Mag"},{"key":"7546_CR14","doi-asserted-by":"crossref","unstructured":"Du Q, Xie T, He Y (2018) Anomaly detection and diagnosis for container-based microservices with performance monitoring. In: International conference on algorithms and architectures for parallel processing, Springer, pp 560\u2013572","DOI":"10.1007\/978-3-030-05063-4_42"},{"key":"7546_CR15","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1016\/j.cose.2014.07.004","volume":"46","author":"AE Elhadi","year":"2014","unstructured":"Elhadi AE, Maarof MA, Barry BI et al (2014) Enhancing the detection of metamorphic malware using call graphs. Comput Secur 46:62\u201378","journal-title":"Comput Secur"},{"key":"7546_CR16","doi-asserted-by":"publisher","unstructured":"Felter W, Ferreira A, Rajamony R, et\u00a0al (2015) An updated performance comparison of virtual machines and linux containers. In: 2015 IEEE international symposium on performance analysis of systems and software (ISPASS), pp 171\u2013172. https:\/\/doi.org\/10.1109\/ISPASS.2015.7095802","DOI":"10.1109\/ISPASS.2015.7095802"},{"key":"7546_CR17","doi-asserted-by":"crossref","unstructured":"Flora J, Antunes N (2019) Studying the applicability of intrusion detection to multi-tenant container environments. In: 2019 15th european dependable computing conference (EDCC), IEEE, pp 133\u2013136","DOI":"10.1109\/EDCC.2019.00033"},{"key":"7546_CR18","doi-asserted-by":"crossref","unstructured":"Gantikow H, Z\u00f6hner T, Reich C (2020) Container anomaly detection using neural networks analyzing system calls. In: 2020 28th euromicro international conference on parallel. Distributed and network-based processing (PDP), IEEE, pp 408\u2013412","DOI":"10.1109\/PDP50117.2020.00069"},{"key":"7546_CR19","doi-asserted-by":"publisher","unstructured":"Gao X, Gu Z, Kayaalp M, et\u00a0al (2017) Containerleaks: Emerging security threats of information leakages in container clouds. In: 2017 47th Annual IEEE\/IFIP international conference on dependable systems and networks (DSN), pp 237\u2013248, https:\/\/doi.org\/10.1109\/DSN.2017.49","DOI":"10.1109\/DSN.2017.49"},{"issue":"1","key":"7546_CR20","doi-asserted-by":"publisher","first-page":"174","DOI":"10.1109\/TDSC.2018.2879605","volume":"18","author":"X Gao","year":"2021","unstructured":"Gao X, Steenkamer B, Gu Z et al (2021) A study on the security implications of information leakages in container clouds. IEEE Trans Dependable Secur Comput 18(1):174\u2013191. https:\/\/doi.org\/10.1109\/TDSC.2018.2879605","journal-title":"IEEE Trans Dependable Secur Comput"},{"key":"7546_CR21","doi-asserted-by":"crossref","unstructured":"Guo Z, Yu K, Jolfaei A, et\u00a0al (2021) Fuz-spam: Label smoothing-based fuzzy detection of spammers in internet of things. IEEE Trans Fuzzy Syst","DOI":"10.1109\/TFUZZ.2021.3130311"},{"issue":"1","key":"7546_CR22","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s10207-014-0242-0","volume":"14","author":"KS Han","year":"2015","unstructured":"Han KS, Lim JH, Kang B et al (2015) Malware analysis using visualized images and entropy graphs. Int J Inf Secur 14(1):1\u201314","journal-title":"Int J Inf Secur"},{"key":"7546_CR23","doi-asserted-by":"publisher","first-page":"610","DOI":"10.1109\/TSMC.1973.4309314","volume":"6","author":"RM Haralick","year":"1973","unstructured":"Haralick RM, Shanmugam K, Dinstein IH (1973) Textural features for image classification. IEEE Trans Syst Man Cybern 6:610\u2013621","journal-title":"IEEE Trans Syst Man Cybern"},{"key":"7546_CR24","unstructured":"Ioffe S, Szegedy C (2015) Batch normalization: accelerating deep network training by reducing internal covariate shift. In: International conference on machine learning, PMLR, pp 448\u2013456"},{"key":"7546_CR25","doi-asserted-by":"crossref","unstructured":"Ji S, Ye K, Xu CZ (2019) Cmonitor: a monitoring and alarming platform for container-based clouds. In: International conference on cloud computing, Springer, pp 324\u2013339","DOI":"10.1007\/978-3-030-23502-4_23"},{"key":"7546_CR26","doi-asserted-by":"crossref","unstructured":"Kang B, Yerima SY, McLaughlin K, et\u00a0al (2016) N-opcode analysis for android malware classification and categorization. In: 2016 International conference on cyber security and protection of digital services (cyber security), IEEE, pp 1\u20137","DOI":"10.1109\/CyberSecPODS.2016.7502343"},{"issue":"3","key":"7546_CR27","doi-asserted-by":"publisher","first-page":"674","DOI":"10.1109\/TPDS.2020.3029088","volume":"32","author":"RR Karn","year":"2021","unstructured":"Karn RR, Kudva P, Huang H et al (2021) Cryptomining detection in container clouds using system calls and explainable machine learning. IEEE Trans Parallel Distrib Syst 32(3):674\u2013691. https:\/\/doi.org\/10.1109\/TPDS.2020.3029088","journal-title":"IEEE Trans Parallel Distrib Syst"},{"issue":"3","key":"7546_CR28","doi-asserted-by":"publisher","first-page":"48","DOI":"10.1109\/MWC.2017.1600427","volume":"24","author":"K Kaur","year":"2017","unstructured":"Kaur K, Dhand T, Kumar N et al (2017) Container-as-a-service at the edge: trade-off between energy efficiency and service availability at fog nano data centers. IEEE Wirel Commun 24(3):48\u201356. https:\/\/doi.org\/10.1109\/MWC.2017.1600427","journal-title":"IEEE Wirel Commun"},{"issue":"3","key":"7546_CR29","doi-asserted-by":"publisher","first-page":"773","DOI":"10.1109\/TIFS.2018.2866319","volume":"14","author":"T Kim","year":"2019","unstructured":"Kim T, Kang B, Rho M et al (2019) A multimodal deep learning method for android malware detection using various features. IEEE Trans Inf Forensics Secur 14(3):773\u2013788. https:\/\/doi.org\/10.1109\/TIFS.2018.2866319","journal-title":"IEEE Trans Inf Forensics Secur"},{"key":"7546_CR30","doi-asserted-by":"crossref","unstructured":"Kwon I, Im EG (2017) Extracting the representative api call patterns of malware families using recurrent neural network. In: Proceedings of the international conference on research in adaptive and convergent systems, pp 202\u2013207","DOI":"10.1145\/3129676.3129712"},{"issue":"7553","key":"7546_CR31","doi-asserted-by":"publisher","first-page":"436","DOI":"10.1038\/nature14539","volume":"521","author":"Y LeCun","year":"2015","unstructured":"LeCun Y, Bengio Y, Hinton G (2015) Deep learning. Nature 521(7553):436\u2013444","journal-title":"Nature"},{"key":"7546_CR32","doi-asserted-by":"crossref","unstructured":"Lin X, Lei L, Wang Y, et\u00a0al (2018) A measurement study on linux container security: attacks and countermeasures. In: Proceedings of the 34th annual computer security applications conference, pp 418\u2013429","DOI":"10.1145\/3274694.3274720"},{"key":"7546_CR33","unstructured":"Mikolov T, Sutskever I, Chen K, et\u00a0al (2013) Distributed representations of words and phrases and their compositionality. In: Advances in neural information processing systems, pp 3111\u20133119"},{"key":"7546_CR34","doi-asserted-by":"crossref","unstructured":"Nataraj L, Karthikeyan S, Jacob G, et\u00a0al (2011) Malware images: visualization and automatic classification. In: Proceedings of the 8th international symposium on visualization for cyber security, pp 1\u20137","DOI":"10.1145\/2016904.2016908"},{"key":"7546_CR35","doi-asserted-by":"crossref","unstructured":"Nix R, Zhang J (2017) Classification of android apps and malware using deep neural networks. In: 2017 International joint conference on neural networks (IJCNN), IEEE, pp 1871\u20131878","DOI":"10.1109\/IJCNN.2017.7966078"},{"key":"7546_CR36","doi-asserted-by":"crossref","unstructured":"Ojala T, Pietik\u00e4inen M, M\u00e4enp\u00e4\u00e4 T (2000) Gray scale and rotation invariant texture classification with local binary patterns. In: European conference on computer vision, Springer, pp 404\u2013420","DOI":"10.1007\/3-540-45054-8_27"},{"issue":"7","key":"7546_CR37","doi-asserted-by":"publisher","first-page":"971","DOI":"10.1109\/TPAMI.2002.1017623","volume":"24","author":"T Ojala","year":"2002","unstructured":"Ojala T, Pietikainen M, Maenpaa T (2002) Multiresolution gray-scale and rotation invariant texture classification with local binary patterns. IEEE Trans Pattern Anal Mach Intell 24(7):971\u2013987","journal-title":"IEEE Trans Pattern Anal Mach Intell"},{"key":"7546_CR38","doi-asserted-by":"crossref","unstructured":"Pascanu R, Stokes JW, Sanossian H et al (2015) Malware classification with recurrent networks. In: 2015 IEEE international conference on acoustics. Speech and signal processing (ICASSP), IEEE, pp 1916\u20131920","DOI":"10.1109\/ICASSP.2015.7178304"},{"key":"7546_CR39","unstructured":"Quigley D, Sipek J, Wright CP, et\u00a0al (2006) Unionfs: User-and community-oriented development of a unification filesystem. In: Proceedings of the 2006 linux symposium, pp 349\u2013362"},{"key":"7546_CR40","doi-asserted-by":"publisher","first-page":"64","DOI":"10.1016\/j.ins.2011.08.020","volume":"231","author":"I Santos","year":"2013","unstructured":"Santos I, Brezo F, Ugarte-Pedrero X et al (2013) Opcode sequences as representation of executables for data-mining-based unknown malware detection. Inf Sci 231:64\u201382","journal-title":"Inf Sci"},{"issue":"1","key":"7546_CR41","doi-asserted-by":"publisher","first-page":"83","DOI":"10.1109\/TDSC.2016.2536605","volume":"15","author":"A Saracino","year":"2018","unstructured":"Saracino A, Sgandurra D, Dini G et al (2018) Madam: effective and efficient behavior-based android malware detection and prevention. IEEE Trans Dependable Secur Comput 15(1):83\u201397. https:\/\/doi.org\/10.1109\/TDSC.2016.2536605","journal-title":"IEEE Trans Dependable Secur Comput"},{"issue":"3","key":"7546_CR42","doi-asserted-by":"publisher","first-page":"379","DOI":"10.1002\/j.1538-7305.1948.tb01338.x","volume":"27","author":"CE Shannon","year":"1948","unstructured":"Shannon CE (1948) A mathematical theory of communication. Bell Syst Tech J 27(3):379\u2013423","journal-title":"Bell Syst Tech J"},{"key":"7546_CR43","doi-asserted-by":"crossref","unstructured":"Sharma A, Dash SK (2014) Mining api calls and permissions for android malware detection. In: International conference on cryptology and network security, Springer, pp 191\u2013205","DOI":"10.1007\/978-3-319-12280-9_13"},{"key":"7546_CR44","doi-asserted-by":"publisher","unstructured":"Shoshitaishvili Y, Wang R, Salls C, et\u00a0al (2016) Sok: (state of) the art of war: offensive techniques in binary analysis. In: 2016 IEEE symposium on security and privacy (SP), pp 138\u2013157, https:\/\/doi.org\/10.1109\/SP.2016.17","DOI":"10.1109\/SP.2016.17"},{"key":"7546_CR45","doi-asserted-by":"crossref","unstructured":"Srinivasan S, Kumar A, Mahajan M, et\u00a0al (2018) Probabilistic real-time intrusion detection system for docker containers. In: International symposium on security in computing and communication, Springer, pp 336\u2013347","DOI":"10.1007\/978-981-13-5826-5_26"},{"issue":"1","key":"7546_CR46","first-page":"1929","volume":"15","author":"N Srivastava","year":"2014","unstructured":"Srivastava N, Hinton G, Krizhevsky A et al (2014) Dropout: a simple way to prevent neural networks from overfitting. J Mach Learn Res 15(1):1929\u20131958","journal-title":"J Mach Learn Res"},{"issue":"1","key":"7546_CR47","doi-asserted-by":"publisher","first-page":"283","DOI":"10.1109\/TDSC.2018.2884928","volume":"18","author":"G Sun","year":"2021","unstructured":"Sun G, Qian Q (2021) Deep learning and visualization for identifying malware families. IEEE Trans Dependable Secur Comput 18(1):283\u2013295. https:\/\/doi.org\/10.1109\/TDSC.2018.2884928","journal-title":"IEEE Trans Dependable Secur Comput"},{"key":"7546_CR48","doi-asserted-by":"publisher","unstructured":"Tunde-Onadele O, He J, Dai T, et\u00a0al (2019) A study on container vulnerability exploit detection. In: 2019 ieee international conference on cloud engineering (IC2E), pp 121\u2013127. https:\/\/doi.org\/10.1109\/IC2E.2019.00026","DOI":"10.1109\/IC2E.2019.00026"},{"key":"7546_CR49","unstructured":"VirusShare (2011) Analyze suspicious files, domains, ips and urls to detect malware and other breaches, automatically share them with the security community. [EB\/OL], https:\/\/virusshare.com\/ Accessed July 09, 2021"},{"key":"7546_CR50","unstructured":"VirusTotal (2004) A repository of malware samples to provide security researchers. [EB\/OL], https:\/\/www.virustotal.com\/gui\/ Accessed July 09, 2021"},{"key":"7546_CR51","doi-asserted-by":"crossref","unstructured":"Wang Q, Chen X, Jin X, et\u00a0al (2021) Enhancing trustworthiness of internet of vehicles in space-air-ground integrated networks: attestation approach. IEEE Internet Things J","DOI":"10.1109\/JIOT.2021.3084449"},{"issue":"5","key":"7546_CR52","doi-asserted-by":"publisher","first-page":"3327","DOI":"10.1109\/TII.2020.3047416","volume":"18","author":"Y Wang","year":"2022","unstructured":"Wang Y, Wang Q, Chen X et al (2022) Containerguard: a real-time attack detection system in container-based big data platform. IEEE Trans Ind Inf 18(5):3327\u20133336. https:\/\/doi.org\/10.1109\/TII.2020.3047416","journal-title":"IEEE Trans Ind Inf"},{"issue":"10","key":"7546_CR53","doi-asserted-by":"publisher","first-page":"4712","DOI":"10.1109\/TII.2018.2851241","volume":"14","author":"L Yin","year":"2018","unstructured":"Yin L, Luo J, Luo H (2018) Tasks scheduling and resource allocation in fog computing based on containers for smart manufacturing. IEEE Trans Ind Inf 14(10):4712\u20134721. https:\/\/doi.org\/10.1109\/TII.2018.2851241","journal-title":"IEEE Trans Ind Inf"},{"issue":"10","key":"7546_CR54","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1109\/MCOM.101.2001126","volume":"59","author":"K Yu","year":"2021","unstructured":"Yu K, Tan L, Mumtaz S et al (2021) Securing critical infrastructures: deep-learning-based threat detection in iiot. IEEE Commun Mag 59(10):76\u201382","journal-title":"IEEE Commun Mag"},{"key":"7546_CR55","doi-asserted-by":"crossref","unstructured":"Yu K, Tan L, Yang C, et\u00a0al (2021b) A blockchain-based shamir\u2019s threshold cryptography scheme for data protection in industrial internet of things settings. IEEE Internet Things J","DOI":"10.1145\/3477084.3484951"},{"key":"7546_CR56","doi-asserted-by":"crossref","unstructured":"Yuan Z, Lu Y, Wang Z, et\u00a0al (2014) Droid-sec: deep learning in android malware detection. In: Proceedings of the 2014 ACM conference on SIGCOMM, pp 371\u2013372","DOI":"10.1145\/2619239.2631434"},{"key":"7546_CR57","doi-asserted-by":"crossref","unstructured":"Zhang J, Qin Z, Yin H, et\u00a0al (2016a) Irmd: malware variant detection using opcode image recognition. In: 2016 IEEE 22nd international conference on parallel and distributed systems (ICPADS), IEEE, pp 1175\u20131180","DOI":"10.1109\/ICPADS.2016.0155"},{"key":"7546_CR58","doi-asserted-by":"crossref","unstructured":"Zhang J, Qin Z, Yin H, et\u00a0al (2016b) Malware variant detection using opcode image recognition with small training sets. In: 2016 25th International conference on computer communication and networks (ICCCN), IEEE, pp 1\u20139","DOI":"10.1109\/ICCCN.2016.7568542"},{"key":"7546_CR59","doi-asserted-by":"publisher","first-page":"376","DOI":"10.1016\/j.cose.2019.04.005","volume":"84","author":"J Zhang","year":"2019","unstructured":"Zhang J, Qin Z, Yin H et al (2019) A feature-hybrid malware variants detection using cnn based opcode embedding and bpnn based api embedding. Comput Secur 84:376\u2013392","journal-title":"Comput Secur"},{"issue":"6","key":"7546_CR60","doi-asserted-by":"publisher","first-page":"59","DOI":"10.1109\/MCOM.2015.7120046","volume":"53","author":"N Zhang","year":"2015","unstructured":"Zhang N, Cheng N, Gamage AT et al (2015) Cloud assisted hetnets toward 5g wireless networks. IEEE Commun Mag 53(6):59\u201365","journal-title":"IEEE Commun Mag"},{"key":"7546_CR61","doi-asserted-by":"publisher","unstructured":"Zhang X, Zhang Y, Zhong M, et\u00a0al (2020) Enhancing state-of-the-art classifiers with api semantics to detect evolved android malware. In: Proceedings of the 2020 ACM SIGSAC conference on computer and communications security. Association for computing machinery, New York, NY, USA, CCS \u201920, p 757\u2013770. https:\/\/doi.org\/10.1145\/3372297.3417291,","DOI":"10.1145\/3372297.3417291,"},{"key":"7546_CR62","doi-asserted-by":"publisher","first-page":"638","DOI":"10.1016\/j.neucom.2017.07.030","volume":"272","author":"HJ Zhu","year":"2018","unstructured":"Zhu HJ, You ZH, Zhu ZX et al (2018) Droiddet: effective and robust detection of android malware using static analysis along with rotation forest model. Neurocomputing 272:638\u2013646","journal-title":"Neurocomputing"},{"key":"7546_CR63","doi-asserted-by":"publisher","DOI":"10.1109\/TCC.2019.2935724","author":"Z Zou","year":"2019","unstructured":"Zou Z, Xie Y, Huang K et al (2019) A docker container anomaly monitoring system based on optimized isolation forest. IEEE Trans Cloud Comput. https:\/\/doi.org\/10.1109\/TCC.2019.2935724","journal-title":"IEEE Trans Cloud Comput"},{"key":"7546_CR64","unstructured":"Zou Z, Xie Y, Huang K, et\u00a0al (2019b) A docker container anomaly monitoring system based on optimized isolation forest. IEEE Trans Cloud Comput"}],"container-title":["Soft Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s00500-022-07546-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s00500-022-07546-2\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s00500-022-07546-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,12]],"date-time":"2023-01-12T12:23:50Z","timestamp":1673526230000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s00500-022-07546-2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,5]]},"references-count":64,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2023,1]]}},"alternative-id":["7546"],"URL":"https:\/\/doi.org\/10.1007\/s00500-022-07546-2","relation":{},"ISSN":["1432-7643","1433-7479"],"issn-type":[{"value":"1432-7643","type":"print"},{"value":"1433-7479","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,10,5]]},"assertion":[{"value":"22 April 2022","order":1,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"5 October 2022","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors of this article declare that they have no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"The authors of this article declare that this article does not contain any studies with human participants or animals.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethical approval"}},{"value":"Informed consent was obtained from all individual participants included in the study.","order":4,"name":"Ethics","group":{"name":"EthicsHeading","label":"Informed consent"}}]}}