{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,25]],"date-time":"2026-04-25T15:22:11Z","timestamp":1777130531468,"version":"3.51.4"},"reference-count":32,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2017,8,17]],"date-time":"2017-08-17T00:00:00Z","timestamp":1502928000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Wireless Pers Commun"],"published-print":{"date-parts":[[2018,1]]},"DOI":"10.1007\/s11277-017-4859-y","type":"journal-article","created":{"date-parts":[[2017,8,17]],"date-time":"2017-08-17T08:08:22Z","timestamp":1502957302000},"page":"119-137","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":13,"title":["A Framework for Recognition and Confronting of Obfuscated Malwares Based on Memory Dumping and Filter Drivers"],"prefix":"10.1007","volume":"98","author":[{"given":"Danial","family":"Javaheri","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mehdi","family":"Hosseinzadeh","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2017,8,17]]},"reference":[{"key":"4859_CR1","unstructured":"AV-Test - Malware statics and trends report, https:\/\/www.av-test.org\/en\/statistics\/malware . Accessed 2016."},{"key":"4859_CR2","doi-asserted-by":"crossref","first-page":"56","DOI":"10.4236\/jis.2014.52006","volume":"5","author":"E Gandotra","year":"2014","unstructured":"Gandotra, E., Bansal, D., & Sofat, S. (2014). Malware analysis and classification: A survey. Journal of Information Security, 5, 56\u201364.","journal-title":"Journal of Information Security"},{"issue":"4","key":"4859_CR3","doi-asserted-by":"crossref","first-page":"1421","DOI":"10.1007\/s11277-013-1258-x","volume":"73","author":"JH Jung","year":"2013","unstructured":"Jung, J. H., Kim, J. Y., Lee, H. C., & Yi, J. H. (2013). Repackaging attack on android banking applications and its countermeasures. Journal of Wireless Personal Communication, 73(4), 1421\u20131437.","journal-title":"Journal of Wireless Personal Communication"},{"issue":"3","key":"4859_CR4","doi-asserted-by":"crossref","first-page":"1591","DOI":"10.1007\/s11277-013-1400-9","volume":"75","author":"H Lu","year":"2013","unstructured":"Lu, H., Zhao, B., Sue, J., & Xie, P. (2013). Generating lightweight behavioral signature for malware detection in people-centric sensing. Journal of Wireless Personal Communication, 75(3), 1591\u20131609.","journal-title":"Journal of Wireless Personal Communication"},{"issue":"1","key":"4859_CR5","doi-asserted-by":"crossref","first-page":"405","DOI":"10.1007\/s11277-014-2136-x","volume":"81","author":"S Gupta","year":"2014","unstructured":"Gupta, S., & Kumar, P. (2014). An immediate system call sequence based approach for detecting malicious program executions in cloud environment. Journal of Wireless Personal Communication, 81(1), 405\u2013425.","journal-title":"Journal of Wireless Personal Communication"},{"key":"4859_CR6","unstructured":"Bayer, U., Kruegel, C., & Kirda, E. (2006). TTAnalyze: A Tool for Analyzing Malware, M.Sc. Thesis, University of Vienna."},{"key":"4859_CR7","doi-asserted-by":"crossref","unstructured":"Schultz, M., Eskin, E., Zadok, F., & Stolfo, S. (2001). Data mining methods for detection of new malicious executables. In Proceedings of 2001 IEEE symposium on security and privacy (pp. 38\u201349). Oakland.","DOI":"10.1109\/SECPRI.2001.924286"},{"key":"4859_CR8","first-page":"48","volume":"6","author":"M Siddiqui","year":"2009","unstructured":"Siddiqui, M., Wang, M. C., & Lee, J. (2009). Detecting internet worms using data mining techniques. Journal of Systemics, Cybernetics and Informatics, 6, 48\u201353.","journal-title":"Journal of Systemics, Cybernetics and Informatics"},{"key":"4859_CR9","doi-asserted-by":"crossref","unstructured":"Gao, D., Yin, G., Dong, Y., & Kou, L. (2013). A research on the heuristic signature virus detection based on the PE structured. In Proceedings of international conference on electric and electronics (EEIC).","DOI":"10.2991\/eeic-13.2013.16"},{"issue":"3","key":"4859_CR10","first-page":"187","volume":"2","author":"D Javaheri","year":"2014","unstructured":"Javaheri, D., & Parsa, S. (2014). A malware detection method based on static analysis of PE structure. Journal of Advanced Defense Science and Technology, Imam Hossein University, 2(3), 187\u2013201.","journal-title":"Journal of Advanced Defense Science and Technology, Imam Hossein University"},{"key":"4859_CR11","unstructured":"Sikorski, M., & Honig, A. (2012). Practical malware analysis (pp. 21\u201326). William Pollock Publisher."},{"key":"4859_CR12","unstructured":"Ilsun, Y., & Kangbin, Y. (2010). Malware obfuscation techniques: A brief survey. In Proceedings of international conference on broadband, wireless computing, communication and applications (pp. 297\u2013300). Fukuoka, Japan."},{"key":"4859_CR13","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1049\/iet-ifs.2013.0137","volume":"10","author":"X Xie","year":"2016","unstructured":"Xie, X., Lu, B., Gong, D., Luo, X., & Liu, F. (2016). Random table and hash coding-based binary code obfuscation against stack trace analysis. Journal of IET Information Security, 10, 18\u201327.","journal-title":"Journal of IET Information Security"},{"key":"4859_CR14","doi-asserted-by":"publisher","unstructured":"Pang, S., Komosny, D., Zhu, L. Zhang, R., Sharrafzadeh, A., Ban, T., & Inoue, D. (2016). Malicious events grouping via behavior based Darknet traffic flow analysis. Journal of Wireless Personal Communication, 1\u201319. doi: 10.1007\/s11277-016-3744-4 .","DOI":"10.1007\/s11277-016-3744-4"},{"issue":"1","key":"4859_CR15","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1007\/s11277-016-3443-1","volume":"93","author":"HM Jung","year":"2017","unstructured":"Jung, H. M., Lee, H. G., & Choi, J. W. (2017). Efficient malicious packet capture through advanced DNS sinkhole. Journal of Wireless Personal Communication, 93(1),\u00a021\u201334.\u00a0doi: 10.1007\/s11277-016-3443-1 .","journal-title":"Journal of Wireless Personal Communication"},{"key":"4859_CR16","doi-asserted-by":"crossref","unstructured":"Ghiasi, M., Sami, A., Salehi, Z. (2012). Dynamic malware detection using registers values set analysis. In Proceedings of 9th international ISC conference on information security and cryptology (ISCISC) (pp. 54\u201359).","DOI":"10.1109\/ISCISC.2012.6408191"},{"key":"4859_CR17","unstructured":"Zolkipli, M. F., & Jantan, A. (2011). An approach for malware behavior identification and classification. In Proceedings of 3rd international conference on computer research and development (pp. 191\u2013194). Shanghai, China."},{"key":"4859_CR18","doi-asserted-by":"crossref","first-page":"639","DOI":"10.3233\/JCS-2010-0410","volume":"19","author":"K Rieck","year":"2011","unstructured":"Rieck, K., Trinius, P., Willems, C., & Holz, T. (2011). Automatic Analysis of Malware Behavior Using Machine Learning. Journal of Computer Security, 19, 639\u2013668.","journal-title":"Journal of Computer Security"},{"key":"4859_CR19","unstructured":"Tian, R., Islam, M. R., Batten, L., & Versteeg, S. (2010). Differentiating malware from clean wares using behavioral analysis. In Proceedings of 5th international conference on malicious and unwanted software (malware) (pp. 23\u201330). Nancy, France."},{"key":"4859_CR20","doi-asserted-by":"crossref","first-page":"376","DOI":"10.1016\/j.future.2014.06.001","volume":"55","author":"S Huda","year":"2016","unstructured":"Huda, S., Abawajy, J., Alazab, M., Abdollalihian, M., Islam, R., & Yearwood, J. (2016). Hybrids of support vector machine wrapper and filter based framework for malware detection. Journal of Future Generation Computer Systems, 55, 376\u2013390.","journal-title":"Journal of Future Generation Computer Systems"},{"key":"4859_CR21","unstructured":"Russinovich, M., Solomon, D., & Ionescu, A. (2012). Windows internals part 1 (6th ed., pp. 133\u2013138). Microsoft Press."},{"key":"4859_CR22","unstructured":"Hoglund, G., & Butler, J. (2005). Rootkits: Subverting the windows kernel (pp. 82\u201383, 270\u2013274). Addison Wesley Professional."},{"key":"4859_CR23","unstructured":"Priyadarshi, S. (2011). Metamorphic detection via emulation, M.Sc. Thesis, Jose State University."},{"key":"4859_CR24","unstructured":"Mohammadzadeh Lajevardi, A. (2013). Design and implementation of a behavior-based method for malware detection, M.Sc. Thesis, Iran University of Science and Technology, Tehran, Iran."},{"key":"4859_CR25","unstructured":"Gooran Ourimi, A. (2014). Propose an optimal and transparent framework for automatic malware analysis, M.Sc. Thesis, Iran University of Science and Technology, Tehran, Iran."},{"key":"4859_CR26","unstructured":"Ball, T., Bounimova, E., Cook, B., Levin, V., Lichtenberg, J., McGarvey, C., Ondrusek, B., Rajamani, S., & Ustuner, A. (2006). Thorough static analysis of device drivers, \u2018ACM SIGOPS operating systems review\u2019. In Proceedings of ACM SIGOPS\/EuroSys European conference on computer systems (Vol. 40, Issue No. 4, pp. 73\u201385). New York, USA."},{"key":"4859_CR27","unstructured":"Virus Sign Malware Data Base, http:\/\/www.virussign.com . Accessed 2014."},{"key":"4859_CR28","unstructured":"Adminus Malware Database, http:\/\/www.adminus.net . Accessed 2015."},{"key":"4859_CR29","unstructured":"Virus Share Malware Database, http:\/\/www.virusshare.com . Accessed 2015."},{"key":"4859_CR30","unstructured":"Reeves, R. D. (2010). Windows 7 Device Driver (pp. 106\u2013110). Addison-Wesley Publisher."},{"key":"4859_CR31","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/978-3-540-89862-7_1","volume":"5352","author":"D Song","year":"2008","unstructured":"Song, D., Heng Yin, D., Caballero, J., Jager, I., Kang, M. G., Liang, Z., et al. (2008). BitBlaze: A new approach to computer security via binary analysis. Journal of Information Systems Security, Springer, 5352, 1\u201325.","journal-title":"Journal of Information Systems Security, Springer"},{"key":"4859_CR32","unstructured":"Blunden, B. (2012). The Rootkit Arsenal: Escape and evasion in the dark corners of the system (2nd ed., pp. 240\u2013245). Jones and Bartlett Publishers."}],"container-title":["Wireless Personal Communications"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11277-017-4859-y\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11277-017-4859-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11277-017-4859-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,2]],"date-time":"2019-10-02T10:10:39Z","timestamp":1570011039000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11277-017-4859-y"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,8,17]]},"references-count":32,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2018,1]]}},"alternative-id":["4859"],"URL":"https:\/\/doi.org\/10.1007\/s11277-017-4859-y","relation":{},"ISSN":["0929-6212","1572-834X"],"issn-type":[{"value":"0929-6212","type":"print"},{"value":"1572-834X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017,8,17]]}}}