{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,27]],"date-time":"2025-12-27T00:06:40Z","timestamp":1766794000272,"version":"3.48.0"},"reference-count":76,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2025,12,27]],"date-time":"2025-12-27T00:00:00Z","timestamp":1766793600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0"},{"start":{"date-parts":[[2025,12,27]],"date-time":"2025-12-27T00:00:00Z","timestamp":1766793600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0"}],"funder":[{"name":"Manipal University Jaipur"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Discov Computing"],"DOI":"10.1007\/s10791-025-09842-5","type":"journal-article","created":{"date-parts":[[2025,12,27]],"date-time":"2025-12-27T00:02:10Z","timestamp":1766793730000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Detecting malware evidences through static and dynamic information using extreme machine learning for forensic analysis"],"prefix":"10.1007","volume":"28","author":[{"given":"Rijvan","family":"Beg","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"R. K.","family":"Pateriya","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Deepak Singh","family":"Tomar","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Surendra","family":"Solanki","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,12,27]]},"reference":[{"key":"9842_CR1","volume-title":"Computer viruses and malware","author":"J Aycock","year":"2016","unstructured":"Aycock J. Computer viruses and malware. Cham: Springer; 2016."},{"key":"9842_CR2","first-page":"23","volume-title":"Malware forensics field guide for windows systems","author":"CH Malin","year":"2012","unstructured":"Malin CH, Casey E, Aquilina JM. Intro- duction to malware forensics. In: Malin CH, Casey E, Aquilina JM, editors. Malware forensics field guide for windows systems. Boston: Syngress; 2012. p. 23\u201338."},{"key":"9842_CR3","unstructured":"Chapter\u00a06. Analysis of a malware specimen\u2014malware forensics field guide for windows systems [Book]."},{"key":"9842_CR4","doi-asserted-by":"publisher","DOI":"10.15394\/jdfsl.2010.1082","author":"M Brand","year":"2010","unstructured":"Brand M, Valli C, Woodward A. Malware forensics: discovery of the intent of deception. J Dig Forensics Sec Law. 2010. https:\/\/doi.org\/10.15394\/jdfsl.2010.1082.","journal-title":"J Dig Forensics Sec Law"},{"issue":"2","key":"9842_CR5","first-page":"379","volume":"8","author":"S Rahman","year":"2015","unstructured":"Rahman S, Khan MNA. Review of live forensic analysis techniques. Int J Hybrid Inf Technol. 2015;8(2):379\u201388.","journal-title":"Int J Hybrid Inf Technol"},{"issue":"10","key":"9842_CR6","first-page":"9","volume":"4","author":"M Rafique","year":"2013","unstructured":"Rafique M, Khan MNA. Exploring static and live digital forensics: methods. Practic Tools. 2013;4(10):9.","journal-title":"Practic Tools"},{"key":"9842_CR7","doi-asserted-by":"publisher","DOI":"10.5121\/ijnsa.2020.12203","author":"S Talukder","year":"2020","unstructured":"Talukder S, Talukder Z. A survey on malware detection and analysis tools. Int J Netw Sec Appl. 2020. https:\/\/doi.org\/10.5121\/ijnsa.2020.12203.","journal-title":"Int J Netw Sec Appl"},{"key":"9842_CR8","doi-asserted-by":"publisher","first-page":"7","DOI":"10.1007\/978-3-319-73951-9_2","volume":"70","author":"A Shalaginov","year":"2018","unstructured":"Shalaginov A, Banin S, Dehghantanha A, Franke K. Machine learning aided static malware analysis: a survey and tutorial. Cyber Threat Intell. 2018;70:7\u201345.","journal-title":"Cyber Threat Intell"},{"key":"9842_CR9","doi-asserted-by":"crossref","unstructured":"Christodorescu M, Jha S, Kruegel C. Mining specifications of malicious behavior. In: Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering. ESEC-FSE \u201907. Association for Computing Machinery: New York. 2007. Pp. 5\u201314","DOI":"10.1145\/1287624.1287628"},{"key":"9842_CR10","unstructured":"Christodorescu M, Jha S. Static analysis of executables to detect malicious patterns. 12th USENIX security symposium (USENIX Security 03).2003."},{"key":"9842_CR11","doi-asserted-by":"crossref","unstructured":"Kruegel C, Robertson W, Vigna G. Detecting kernel-level rootkits through binary analysis. In 20th annual computer security applications conference, 2004. 91\u2013100","DOI":"10.1109\/CSAC.2004.19"},{"key":"9842_CR12","first-page":"51","volume":"2006","author":"D Bilar","year":"2016","unstructured":"Bilar D, College C. Statistical structures: fingerprinting malware for classification and analysis. Proceed Black Hat Federal. 2016;2006:51.","journal-title":"Proceed Black Hat Federal"},{"issue":"8","key":"9842_CR13","first-page":"127","volume":"9","author":"JH Yang","year":"2015","unstructured":"Yang JH, Ryu Y. Design and development of a command-line tool for portable executable file analysis and malware detection in IoT devices. Int J Sec Appl. 2015;9(8):127\u201336.","journal-title":"Int J Sec Appl."},{"key":"9842_CR14","doi-asserted-by":"crossref","unstructured":"Subedi KP, Budhathoki DR, Dasgupta D. Forensic analysis of ransomware families using static and dynamic analysis. In: 2018 IEEE security and privacy workshops (SPW). 2018. 180\u2013185","DOI":"10.1109\/SPW.2018.00033"},{"key":"9842_CR15","doi-asserted-by":"crossref","unstructured":"Wan TL, Ban T, Lee YT, Cheng SM, Isawa R, Takahashi T, Inoue D. IoT-malware detection based on byte sequences of executable files. In: 2020 15th Asia joint conference on information security (AsiaJCIS). 2020. 143\u2013150.","DOI":"10.1109\/AsiaJCIS50894.2020.00033"},{"key":"9842_CR16","doi-asserted-by":"crossref","unstructured":"Sun Z, Rao Z, Chen J, Xu R, He D, Yang H, Liu J. An opcode sequences analysis method for unknown malware detection. In: proceedings of the 2019 2nd international conference on geoinformatics and data analysis, ICGDA 2019. Association for Computing Machinery: New York. 2019. Pp. 15\u201319.","DOI":"10.1145\/3318236.3318255"},{"key":"9842_CR17","doi-asserted-by":"crossref","unstructured":"Alazab M, Venkataraman S, Watters P. Towards understanding malware behaviour by the extraction of API Calls. In: 2010 second cybercrime and trustworthy computing workshop. 2010. Pp. 52\u201359","DOI":"10.1109\/CTC.2010.8"},{"key":"9842_CR18","doi-asserted-by":"crossref","unstructured":"McLaughlin N, Martinez del Rincon J, Kang B, Yerima S, Miller P, Sezer S, Safaei Y, Trickel E, Zhao Z, Doup\u00e9 A, Joon Ahn G. Deep android malware detection. In: Proceedings of the seventh ACM on conference on data and application security and privacy, CO- DASPY \u201917. Association for Computing Machinery: New York. 2017. Pp. 301\u2013308.","DOI":"10.1145\/3029806.3029823"},{"key":"9842_CR19","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101760","volume":"92","author":"E Amer","year":"2020","unstructured":"Amer E, Zelinka I. A dynamic Windows malware detection and prediction method based on contextual understanding of API call sequence. Comput Secur. 2020;92:101760.","journal-title":"Comput Secur"},{"issue":"2","key":"9842_CR20","doi-asserted-by":"publisher","first-page":"239","DOI":"10.3390\/app9020239","volume":"9","author":"B Ndibanje","year":"2019","unstructured":"Ndibanje B, Kim KH, Kang YJ, Kim HH, Kim TY, Lee HJ. Cross-method-based analysis and classification of malicious behavior by API calls extraction. Appl Sci. 2019;9(2):239.","journal-title":"Appl Sci"},{"key":"9842_CR21","volume-title":"The art of computer virus research and defense: ART COMP VIRUS RES DEFENSE _p1","author":"P Szor","year":"2005","unstructured":"Szor P. The art of computer virus research and defense: ART COMP VIRUS RES DEFENSE _p1. London: Pearson Education; 2005."},{"key":"9842_CR22","doi-asserted-by":"crossref","unstructured":"Moser A, Kruegel C, Kirda E. Limits of Static Analysis for Malware Detection. In: Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007). 2007. 421\u2013430.","DOI":"10.1109\/ACSAC.2007.21"},{"key":"9842_CR23","unstructured":"Bayer U, Kruegel C, Kirda E. TTAnalyze: a tool for analyzing malware\u00a0(Doctoral dissertation, Technische Universit\u00e4t Wien). 2005.12."},{"issue":"1","key":"9842_CR24","doi-asserted-by":"publisher","first-page":"67","DOI":"10.1007\/s11416-006-0012-2","volume":"2","author":"U Bayer","year":"2006","unstructured":"Bayer U, Moser A, Kruegel C, Kirda E. Dynamic analysis of malicious code. J Comput Virol. 2006;2(1):67\u201377.","journal-title":"J Comput Virol"},{"key":"9842_CR25","doi-asserted-by":"crossref","unstructured":"Moser A, Kruegel C, Kirda E. Exploring Multiple Execution Paths for Malware Analysis. In: 2007 IEEE symposium on security and privacy (SP \u201907). 2007. 231\u2013245.","DOI":"10.1109\/SP.2007.17"},{"key":"9842_CR26","doi-asserted-by":"crossref","unstructured":"Talukder S. Tools and techniques for malware detection and analysis, June 2020. arXiv:2002.06819 [cs].","DOI":"10.5121\/ijnsa.2020.12203"},{"key":"9842_CR27","unstructured":"What is GRR?\u2014GRR documentation."},{"key":"9842_CR28","doi-asserted-by":"crossref","unstructured":"Park SH, Yun SW, Jeon SE, Park NE, Shim HY, Lee YR, Lee SJ, Park TR, Shin NY, Kang MJ, Lee IG. Performance evaluation of open source endpoint detection and response combining google rapid response and Osquery for threat detection. IEEE Access. 10:20259\u2013 20269, 2022. Conference Name: IEEE Access.","DOI":"10.1109\/ACCESS.2022.3152574"},{"key":"9842_CR29","unstructured":"REMnux\u00ae . SANS Institute."},{"key":"9842_CR30","doi-asserted-by":"crossref","unstructured":"Qbeitah MA, Aldwairi M. Dynamic malware analysis of phishing emails. In: 2018 9th international conference on information and communication systems (ICICS). 2018. 18\u201324","DOI":"10.1109\/IACS.2018.8355435"},{"key":"9842_CR31","unstructured":"Cuckoo Sandbox\u2014automated malware analysis."},{"key":"9842_CR32","doi-asserted-by":"crossref","unstructured":"Darshan SS, Kumara MA, Jaidhar CD. Windows malware detection based on cuckoo sandbox generated report using machine learning algorithm. In: 2016 11th international conference on industrial and information systems (ICIIS). 2016. 534\u2013539","DOI":"10.1109\/ICIINFS.2016.8262998"},{"key":"9842_CR33","unstructured":"Welcome to YARA\u2019s documentation!\u2014yara 4.2.0 documentation."},{"key":"9842_CR34","doi-asserted-by":"crossref","unstructured":"Naik N, Jenkins P, Cooke R, Gillett J, Jin Y. Evaluating automatically generated YARA rules and enhancing their effectiveness. In: 2020 IEEE symposium series on computational intelligence (SSCI). 2020. 1146\u20131153.","DOI":"10.1109\/SSCI47803.2020.9308179"},{"key":"9842_CR35","first-page":"13","volume":"2","author":"D Bem","year":"2007","unstructured":"Bem D, Huebner E. Computer forensic analysis in a virtual environment. Int J Dig Evid. 2007;2:13.","journal-title":"Int J Dig Evid"},{"key":"9842_CR36","first-page":"663","volume":"2","author":"SV Khangar","year":"2012","unstructured":"Khangar SV, Dharaskar RV. Digital forensic investigation for virtual machines. Int J Model Opt. 2012;2:663\u20136.","journal-title":"Int J Model Opt."},{"key":"9842_CR37","unstructured":"Alazab M, Watters P. Digital forensic techniques for static analysis of NTFS images. September 2015."},{"key":"9842_CR38","doi-asserted-by":"crossref","unstructured":"Kim YS, Lee SS, Hong D. Suspects\u2019 data hiding at remaining registry values of uninstalled programs. In Proceed- ings of the 1st international conference on Forensic applications and techniques in telecommunications, information, and multimedia and workshop, e-Forensics \u201908. Brussels: ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering). 2008. 1\u20134.","DOI":"10.4108\/e-forensics.2008.33"},{"key":"9842_CR39","volume-title":"Investigating the implications of virtualization for digital forensics","author":"Z Song","year":"2010","unstructured":"Song Z, Jin B, Zhu Y, Sun Y. Investigating the implications of virtualization for digital forensics. Berlin: Springer; 2010."},{"key":"9842_CR40","doi-asserted-by":"crossref","unstructured":"Wang L, Zhang R, Zhang S. A model of computer live forensics based on physical memory analysis. In: 2009 first international conference on information science and engineering. 2009. 4647\u20134649","DOI":"10.1109\/ICISE.2009.69"},{"key":"9842_CR41","doi-asserted-by":"crossref","unstructured":"Mrdovic S, Huseinovic A. Forensic analysis of encrypted volumes using hibernation file. In: 2011 19thtelecommunications forum (FOR) proceedings of papers. 2011. 1277\u20131280.","DOI":"10.1109\/TELFOR.2011.6143785"},{"key":"9842_CR42","doi-asserted-by":"crossref","unstructured":"Zhang L, Zhang D, Wang L. Live digital forensics in a virtual machine. In 2010 international conference on computer application and system modelling (ICCASM 2010). 2010. 4: V4\u2013328\u2013V4\u2013332.","DOI":"10.1109\/ICCASM.2010.5620364"},{"issue":"2","key":"9842_CR43","doi-asserted-by":"publisher","first-page":"56","DOI":"10.1145\/1113034.1113069","volume":"49","author":"BD Carrier","year":"2006","unstructured":"Carrier BD. Risks of live digital forensic analysis. Commun ACM. 2006;49(2):56\u201361.","journal-title":"Commun ACM"},{"issue":"1","key":"9842_CR44","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s11416-015-0261-z","volume":"13","author":"A Damodaran","year":"2017","unstructured":"Damodaran A, Di Troia F, Visaggio CA, Austin TH, Stamp M. A comparison of static, dynamic, and hybrid analysis for malware detection. J Comput Virol Hacking Tech. 2017;13(1):1\u201312.","journal-title":"J Comput Virol Hacking Tech"},{"key":"9842_CR45","doi-asserted-by":"crossref","unstructured":"De Paola A, Gaglio S, Re GL, Morana M. A hybrid system for malware detection on big data. In: IEEE INFOCOM 2018\u2014IEEE conference on computer communications workshops (INFOCOM WKSHPS). 45\u201350. 2018.","DOI":"10.1109\/INFCOMW.2018.8406963"},{"key":"9842_CR46","doi-asserted-by":"crossref","unstructured":"Martinelli F, Mercaldo F, Saracino A, Visaggio CA. I find your behavior disturbing: static and dynamic app behavioral analysis for detection of Android malware. In 2016 14th annual conference on privacy, security and trust (PST). 2016. 129\u2013136.","DOI":"10.1109\/PST.2016.7906947"},{"key":"9842_CR47","first-page":"63","volume":"8","author":"R Kaur","year":"2016","unstructured":"Kaur R, Singh M. Hybrid real-time zero-day malware analysis and reporting system. Int J Inform Technol Comput Sci. 2016;8:63\u201373.","journal-title":"Int J Inform Technol Comput Sci"},{"key":"9842_CR48","doi-asserted-by":"publisher","first-page":"193","DOI":"10.1016\/j.future.2017.12.037","volume":"83","author":"S Huda","year":"2018","unstructured":"Huda S, Islam R, Abawajy J, Yearwood J, Hassan M-H, Fortino G. A hybrid-multi filter-wrapper framework to identify run-time behaviour for fast mal- ware detection. Future Gener Comput Syst. 2018;83:193\u2013207.","journal-title":"Future Gener Comput Syst"},{"issue":"4","key":"9842_CR49","doi-asserted-by":"publisher","DOI":"10.1002\/ett.4899","volume":"35","author":"T Vaiyapuri","year":"2024","unstructured":"Vaiyapuri T, Shankar K, Rajendran S, Kumar S, Gaur V, Gupta D, et al. Automated cyberattack detection using optimal ensemble deep learning model. Trans Emerg Telecommun Technol. 2024;35(4):e4899.","journal-title":"Trans Emerg Telecommun Technol"},{"key":"9842_CR50","doi-asserted-by":"crossref","unstructured":"Manimaran A, Kartheesan L, Kumutha D, Surendran R. An optimized hybrid deep learning framework for monitoring botnet attacks in IoT networks. In: Proc. 2024 International conference on IoT based control networks and intelligent systems (ICICNIS) (ICICNIS). 2024, pp. 487\u2013492.","DOI":"10.1109\/ICICNIS64247.2024.10823344"},{"key":"9842_CR51","doi-asserted-by":"publisher","first-page":"3866","DOI":"10.54364\/AAIML.2025.52219","volume":"5","author":"WY Chen","year":"2025","unstructured":"Chen WY, Pao TL, Kao Y. Malware traffic and ransomware anomaly detection based on wavelet time-frequency analysis and deep learning. Adv Artif Intell Mach Learn. 2025;5:3866\u201382. https:\/\/doi.org\/10.54364\/AAIML.2025.52219.","journal-title":"Adv Artif Intell Mach Learn"},{"key":"9842_CR52","doi-asserted-by":"crossref","unstructured":"Swaminathan A, Ramakrishnan B. Prediction of cyber-attacks and criminality using machine learning algorithms. In: 2022 international conference on innovation and intelligence for informatics, computing, and technologies (3ICT). IEEE. 2022. 547\u2013552.","DOI":"10.1109\/3ICT56508.2022.9990652"},{"issue":"9","key":"9842_CR53","first-page":"636","volume":"7","author":"F Sibarani","year":"2025","unstructured":"Sibarani F, Chan P. A comparative study of machine learning and deep learning algorithms for malware detection. J Comput Sci Technol Stud. 2025;7(9):636\u201351.","journal-title":"J Comput Sci Technol Stud"},{"issue":"4","key":"9842_CR54","doi-asserted-by":"publisher","first-page":"999","DOI":"10.1080\/09720529.2022.2072422","volume":"25","author":"S Gowri","year":"2022","unstructured":"Gowri S, Surendran R, Jabez J, Srinivasulud S. IoT forensics: what kind of personal data can be found on discarded, recycled, or re-sold IoT devices. J Discrete Math Sci Cryptogr. 2022;25(4):999\u20131008.","journal-title":"J Discrete Math Sci Cryptogr"},{"key":"9842_CR55","doi-asserted-by":"crossref","unstructured":"Ding C, He X, Zha H, Simon HD. Adaptive dimension reduction for clustering high dimensional data. In 2002 IEEE international conference on data mining, 2002. Proceedings. 2002. Pp. 147\u2013154","DOI":"10.1109\/ICDM.2002.1183897"},{"issue":"1","key":"9842_CR56","doi-asserted-by":"publisher","first-page":"489","DOI":"10.1016\/j.neucom.2005.12.126","volume":"70","author":"GB Huang","year":"2006","unstructured":"Huang GB, Zhu QY, Siew CK. Extreme learning machine: theory and applications. Neurocomputing. 2006;70(1):489\u2013501.","journal-title":"Neurocomputing"},{"key":"9842_CR57","doi-asserted-by":"publisher","DOI":"10.1007\/s11042-021-11007-7","author":"J Wang","year":"2021","unstructured":"Wang J, Lu S, Wang S-H, Zhang Y-D. A review on extreme learning machine. Multimedia Tools Appl. 2021. https:\/\/doi.org\/10.1007\/s11042-021-11007-7.","journal-title":"Multimedia Tools Appl"},{"key":"9842_CR58","volume-title":"Cuckoo malware analysis","author":"D Oktavianto","year":"2013","unstructured":"Oktavianto D, Muhardianto I. Cuckoo malware analysis. Birmingham: Packt Publishing Ltd; 2013."},{"key":"9842_CR59","unstructured":"Cuckoo sandbox book\u2014cuckoo sandbox v2.0.7 book."},{"key":"9842_CR60","unstructured":"L T Gutierrez. Malware sandbox deployment, analysis and development. PhD thesis. 2020."},{"key":"9842_CR61","unstructured":"A view on current malware behaviors."},{"key":"9842_CR62","first-page":"139","volume":"47","author":"M Ali","year":"2019","unstructured":"Ali M, Shiaeles S, Clarke N, Kontogeorgis D. A proactive malicious software identification approach for digital forensic examiners. J Inf Secur Appl. 2019;47:139\u201355.","journal-title":"J Inf Secur Appl"},{"key":"9842_CR63","volume-title":"Windows registry forensics: advanced digital forensic analysis of the windows registry","author":"H Carvey","year":"2011","unstructured":"Carvey H. Windows registry forensics: advanced digital forensic analysis of the windows registry. Amsterdam: Elsevier; 2011."},{"key":"9842_CR64","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1016\/j.dss.2014.01.007","volume":"61","author":"G Horsman","year":"2014","unstructured":"Horsman G, Laing C, Vickers P. A case-based reasoning method for locating evidence during digital forensic device triage. Decis Support Syst. 2014;61:69\u201378.","journal-title":"Decis Support Syst"},{"key":"9842_CR65","doi-asserted-by":"crossref","unstructured":"Spensky C, Hu H, Leach K. LO-PHI: Low observable physical host instrumentation for malware analysis. In: Proceedings 2016 network and distributed system security symposium. Internet Society: San Diego, 2016.","DOI":"10.14722\/ndss.2016.23121"},{"key":"9842_CR66","unstructured":"Shaaban A, Sapronov K. Practical windows forensics. Packt Publishing Ltd, June 2016. Google-Books-ID: S_1vDQAAQBAJ."},{"key":"9842_CR67","doi-asserted-by":"crossref","unstructured":"Rezaei T, Hamze A. An efficient approach for malware detection using PE header specifications. In 2020 6th international conference on web research (ICWR). 2020. 234\u2013239.","DOI":"10.1109\/ICWR49608.2020.9122312"},{"key":"9842_CR68","doi-asserted-by":"crossref","unstructured":"Keyes DS, Li B, Kaur G, Lashkari AH, Gagnon F, Massicotte F. EntropLyzer: android malware classification and characterization using entropy analysis of dynamic characteristics. In: 2021 reconciling data analytics, automation, privacy, and security: a big data challenge (RDAAPS). 2021. 1\u201312.","DOI":"10.1109\/RDAAPS48126.2021.9452002"},{"key":"9842_CR69","unstructured":"sophos-xg-block-lists\/malware-domain-list.txt at master austinheap\/sophos-xg-block-lists."},{"key":"9842_CR70","unstructured":"Malicious URLs dataset."},{"key":"9842_CR71","doi-asserted-by":"crossref","unstructured":"Messabi KA, Aldwairi M, Yousif AA, Thoban A, Belqasmi F. Malware detection using DNS records and domain name features. In Proceedings of the 2nd international conference on future networks and distributed systems, ICFNDS \u201918. New York: Association for Computing Machinery. 2018. 1\u20137.","DOI":"10.1145\/3231053.3231082"},{"issue":"9","key":"9842_CR72","doi-asserted-by":"publisher","first-page":"9","DOI":"10.1016\/S1361-3723(14)70531-7","volume":"2014","author":"Z Salehi","year":"2014","unstructured":"Salehi Z, Sami A, Ghiasi M. Using feature generation from API calls for malware detection. Comput Fraud Secur. 2014;2014(9):9\u201318.","journal-title":"Comput Fraud Secur"},{"key":"9842_CR73","unstructured":"Malware.lu\u2014Home. Malware.lu. https:\/\/malware.lu\/. Accessed 8 Sept 2024."},{"key":"9842_CR74","unstructured":"VirusSign\u2014open malware database & repository. VirusSign. https:\/\/www.virussign.com\/. Accessed 10 Sept 2024."},{"key":"9842_CR75","unstructured":"MalwareTips Community. MalwareTips. https:\/\/malwaretips.com\/. Accessed 10 Sept 2024."},{"key":"9842_CR76","unstructured":"Dansimp. Malware names\u2014Windows security."}],"container-title":["Discover Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10791-025-09842-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10791-025-09842-5","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10791-025-09842-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,27]],"date-time":"2025-12-27T00:02:16Z","timestamp":1766793736000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10791-025-09842-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,12,27]]},"references-count":76,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2025,12]]}},"alternative-id":["9842"],"URL":"https:\/\/doi.org\/10.1007\/s10791-025-09842-5","relation":{},"ISSN":["2948-2992"],"issn-type":[{"value":"2948-2992","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,12,27]]},"assertion":[{"value":"10 June 2025","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"27 November 2025","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"27 December 2025","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"Not applicable.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethics approval and consent to participate"}},{"value":"Not applicable.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Consent for publication"}},{"value":"The authors declare no competing interests.","order":4,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"329"}}