{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,1]],"date-time":"2026-02-01T02:26:13Z","timestamp":1769912773357,"version":"3.49.0"},"reference-count":35,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2019,3,22]],"date-time":"2019-03-22T00:00:00Z","timestamp":1553212800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["World Wide Web"],"published-print":{"date-parts":[[2020,3]]},"DOI":"10.1007\/s11280-019-00675-z","type":"journal-article","created":{"date-parts":[[2019,3,22]],"date-time":"2019-03-22T13:02:51Z","timestamp":1553259771000},"page":"991-1010","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":19,"title":["MALDC: a depth detection method for malware based on behavior chains"],"prefix":"10.1007","volume":"23","author":[{"given":"Hao","family":"Zhang","sequence":"first","affiliation":[]},{"given":"Wenjun","family":"Zhang","sequence":"additional","affiliation":[]},{"given":"Zhihan","family":"Lv","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0229-2460","authenticated-orcid":false,"given":"Arun Kumar","family":"Sangaiah","sequence":"additional","affiliation":[]},{"given":"Tao","family":"Huang","sequence":"additional","affiliation":[]},{"given":"Naveen","family":"Chilamkurti","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,3,22]]},"reference":[{"key":"675_CR1","doi-asserted-by":"crossref","unstructured":"Anderson, H.S., Woodbridge, J., Filar, B.: DeepDGA: adversarially-tuned domain generation and detection. In: Proceedings of the 2016 ACM Workshop on Artificial Intelligence and Security (AISec), pp. 13\u201321. ACM (2016)","DOI":"10.1145\/2996758.2996767"},{"issue":"2","key":"675_CR2","doi-asserted-by":"publisher","first-page":"121","DOI":"10.1007\/s10994-010-5188-5","volume":"81","author":"M Barreno","year":"2010","unstructured":"Barreno, M., Nelson, B., Joseph, A.D., Tygar, J.D.: The security of machine learning. Mach. Learn. 81(2), 121\u2013148 (2010)","journal-title":"Mach. Learn."},{"key":"675_CR3","doi-asserted-by":"crossref","unstructured":"Berlin, K., Slater, D., Saxe, J.: Malicious behavior detection using windows audit logs. In: Proceedings of the 8th ACM Workshop on Artificial Intelligence and Security(AISec), pp. 35\u201344. ACM (2015)","DOI":"10.1145\/2808769.2808773"},{"key":"675_CR4","unstructured":"Dullien, T., Rolles, R.: Graph-Based comparison of executable objects (English version). In: Proceedings of the Symposium sur la s\u00e9curit\u00e9 des technologies de l'information et des communications(SSTIC). http:\/\/actes.sstic.org\/SSTIC05\/Analyse_differentielle_de_binaires\/ (2005). Accessed Jan 2019"},{"key":"675_CR5","doi-asserted-by":"crossref","unstructured":"Fan, C., Hsiao, H.W., Chou, C.H., Tseng, Y.F.: Malware detection systems based on API log data mining. In: Proceedings of the IEEE 39th Annual Computer Software and Applications Conference(COMPSAC), pp. 255\u2013260. IEEE (2015)","DOI":"10.1109\/COMPSAC.2015.241"},{"issue":"C","key":"675_CR6","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1016\/j.eswa.2016.01.002","volume":"52","author":"Y Fan","year":"2016","unstructured":"Fan, Y., Ye, Y., Chen, L.: Malicious sequential pattern mining for automatic malware detection. Expert Syst. Appl. 52(C), 16\u201325 (2016)","journal-title":"Expert Syst. Appl."},{"key":"675_CR7","doi-asserted-by":"crossref","unstructured":"Fereidooni, H., Conti, M., Yao, D., Sperduti, A.: ANASTASIA: android malware detection using static analysis of applications. In: Proceedings of the 8th IFIP International Conference on New Technologies, Mobility and Security (NTMS), pp. 1\u20135 (2016)","DOI":"10.1109\/NTMS.2016.7792435"},{"key":"675_CR8","unstructured":"Goodfellow, I.J., Shlens, J., Szegedy, C.: Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572. (2014)"},{"key":"675_CR9","doi-asserted-by":"crossref","unstructured":"Grosse, K., Papernot, N., Manoharan, P., Backes, M., Mcdaniel, P.: Adversarial perturbations against deep neural networks for malware classification. arXiv preprint arXiv:1606.04435. (2016)","DOI":"10.1109\/SP.2016.41"},{"key":"675_CR10","doi-asserted-by":"publisher","first-page":"613","DOI":"10.1007\/978-94-007-2911-7_60","volume":"120","author":"KS Han","year":"2012","unstructured":"Han, K.S., Kim, I.K., Im, E.G.: Malware classification methods using API sequence characteristics. Lecture Notes in Electrical Engineering(LNEE). 120, 613\u2013626 (2012)","journal-title":"Lecture Notes in Electrical Engineering(LNEE)"},{"issue":"1\u20132","key":"675_CR11","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1016\/j.mcm.2011.01.052","volume":"55","author":"L Han","year":"2012","unstructured":"Han, L., Fu, C., Zou, D., Lee, C.H., Jia, W.: Task-based behavior detection of illegal codes. Math. Comput. Model. 55(1\u20132), 80\u201386 (2012)","journal-title":"Math. Comput. Model."},{"key":"675_CR12","doi-asserted-by":"crossref","unstructured":"Hansen, S.S., Larsen, T.M.T., Stevanovic, M., Pedersen, J.M.: An approach for detection and family classification of malware based on behavioral analysis. In: Proceedings of the International Conference on Computing, Networking and Communications (ICNC), pp.1\u20135 (2016)","DOI":"10.1109\/ICCNC.2016.7440587"},{"key":"675_CR13","doi-asserted-by":"crossref","unstructured":"Hou, S., Saas, A., Chen, L., Ye, Y.: Deep4MalDroid: a deep learning framework for android malware detection based on Linux kernel system call graphs. In: Proceedings of the 2016 IEEE\/WIC\/ACM International Conference on Web Intelligence Workshops (WIW), pp. 104\u2013111. IEEE (2016)","DOI":"10.1109\/WIW.2016.040"},{"key":"675_CR14","doi-asserted-by":"crossref","unstructured":"Hou, S., Ye, Y., Song, Y.: HinDroid: an intelligent android malware detection system based on structured heterogeneous information network. In: Proceedings of the 23rd ACM SIGKDD International Conference, pp. 13\u201317. ACM (2017)","DOI":"10.1145\/3097983.3098026"},{"key":"675_CR15","doi-asserted-by":"crossref","unstructured":"Huang, J., Swindlehurst, A.L: Secure communications via cooperative jamming in two-hop relay systems. In: IEEE Globecom, pp. 1\u20135 (2010)","DOI":"10.1109\/GLOCOM.2010.5683240"},{"key":"675_CR16","unstructured":"Idika, N., Mathur, A.P.: A Survey of Malware Detection Techniques. Purdue University (2007)"},{"issue":"1","key":"675_CR17","first-page":"373","volume":"9","author":"F Karbalaie","year":"2012","unstructured":"Karbalaie, F., Sami, A., Ahmadi, M.: Semantic malware detection by deploying graph mining. International Journal of Computer Science Issues (IJCSI). 9(1), 373\u2013379 (2012)","journal-title":"International Journal of Computer Science Issues (IJCSI)"},{"key":"675_CR18","doi-asserted-by":"crossref","unstructured":"Kolosnjaji, B., Zarras, A., Webster, G., Eckert, C.: Deep learning for classification of malware system call sequences. In: Proceedings of the Australasian Joint Conference on Artificial Intelligence, pp. 137\u2013149. Springer (2016)","DOI":"10.1007\/978-3-319-50127-7_11"},{"key":"675_CR19","doi-asserted-by":"crossref","unstructured":"Li, Z., Zou, D., Xu, S., Jin, H., Hu, J.: VulPecker: an automated vulnerability detection system based on code similarity analysis. In: Proceedings of the 32nd Annual Conference on Computer Security Applications, pp. 201\u2013213. ACM (2016)","DOI":"10.1145\/2991079.2991102"},{"key":"675_CR20","doi-asserted-by":"crossref","unstructured":"Li, Z., Zou, D., Xu, S., Ou, X., Jin, H., Wang, S., Deng, Z., Zhong, Y.: Vuldeepecker: a deep learning-based system for vulnerability detection. In: Proceedings of the 25th Annual Network and Distributed Systems Security Symposium (NDSS\u20192018) (2018)","DOI":"10.14722\/ndss.2018.23158"},{"key":"675_CR21","unstructured":"MIT Technology Review. Machine-Learning Algorithm Combs the Darknet for Zero Day Exploits, and Finds Them. MIT Technology Review. https:\/\/www.technologyreview.com\/s\/602115\/machine-learning-algorithm-combs-the-darknet-for-zero-day-exploits-and-finds-them\/ (2016). Accessed Jan 2019"},{"key":"675_CR22","doi-asserted-by":"crossref","unstructured":"Mosli, R., Li, R., Yuan, B., Pan, Y.: Automated malware detection using artifacts in forensic memory images. In: Technologies for Homeland Security (HST), pp. 1\u20136. IEEE (2016)","DOI":"10.1109\/THS.2016.7568881"},{"key":"675_CR23","doi-asserted-by":"crossref","unstructured":"Parampalli, C., Sekar, R., Johnson, R.: A practical mimicry attack against powerful system-call monitors. In: Proceedings of the 2008 ACM symposium on Information, Computer and Communications Security, pp. 156\u2013167. ACM (2008)","DOI":"10.1145\/1368310.1368334"},{"issue":"7","key":"675_CR24","doi-asserted-by":"publisher","first-page":"1165","DOI":"10.1016\/j.infsof.2013.01.008","volume":"55","author":"D Rattan","year":"2013","unstructured":"Rattan, D., Bhatia, R., Singh, M.: Software clone detection: a systematic review. Inf. Softw. Technol. 55(7), 1165\u20131199 (2013)","journal-title":"Inf. Softw. Technol."},{"issue":"9","key":"675_CR25","first-page":"23","volume":"9","author":"K Rieck","year":"2008","unstructured":"Rieck, K., Laskov, P.: Linear-time computation of similarity measures for sequential data. J. Mach. Learn. Res. 9(9), 23\u201348 (2008)","journal-title":"J. Mach. Learn. Res."},{"key":"675_CR26","doi-asserted-by":"crossref","unstructured":"Rndic, N., Laskov, P.: Practical evasion of a learning-based classifier: a case study. In: Proceedings of the 2014 IEEE Symposium on Security and Privacy, pp. 197\u2013211. IEEE (2014)","DOI":"10.1109\/SP.2014.20"},{"key":"675_CR27","doi-asserted-by":"crossref","unstructured":"Salehi, Z., Ghiasi, M., Sami, A.: A miner for malware detection based on API function calls and their arguments. In: Proceedings of the 16th CSI International Symposium on Artificial Intelligence and Signal Processing (AISP 2012), pp. 563\u2013568. IEEE (2012)","DOI":"10.1109\/AISP.2012.6313810"},{"key":"675_CR28","doi-asserted-by":"crossref","unstructured":"Saxe, J., Berlin, K.: Deep neural network based malware detection using two dimensional binary program features. In: Proceedings of the 10th International Conference on Malicious and Unwanted Software, pp. 11\u201320. IEEE (2015)","DOI":"10.1109\/MALWARE.2015.7413680"},{"issue":"5","key":"675_CR29","doi-asserted-by":"publisher","first-page":"1103","DOI":"10.1109\/TIFS.2016.2646641","volume":"12","author":"M Sun","year":"2017","unstructured":"Sun, M., Li, X., Lui, J.C.S., Ma, R.T.B., Liang, Z.: Monet: a user-oriented behaviour-based malware variants detection system for android. IEEE Transactions on Information Forensics and Security. 12(5), 1103\u20131112 (2017)","journal-title":"IEEE Transactions on Information Forensics and Security."},{"key":"675_CR30","doi-asserted-by":"crossref","unstructured":"Tian, R., Islam, R., Batten, L., Versteeg, S.: Differentiating malware from cleanware using behavioural analysis. In: Proceedings of the 5th International Conference on Malicious and Unwanted Software(MALWARE), pp. 23\u201330. IEEE (2010)","DOI":"10.1109\/MALWARE.2010.5665796"},{"key":"675_CR31","doi-asserted-by":"crossref","unstructured":"Uppal, D., Sinha, R., Mehra, V., Jain V.: Malware detection and classification bases on extraction of API sequences. In: Proceedings of the International Conference on Advances in Computing, Communications and Informatics(ICACCI), pp. 2337\u20132342. IEEE (2014)","DOI":"10.1109\/ICACCI.2014.6968547"},{"key":"675_CR32","unstructured":"Wang, Z., Pierce, K., McFarling, S.: BMAT\u2014a binary matching tool for stale profile propagation. The Journal of Instruction-Level Parallelism(JILP). 10(2), 23\u201325 (2000)"},{"issue":"2","key":"675_CR33","doi-asserted-by":"publisher","first-page":"378","DOI":"10.3724\/SP.J.1001.2012.03953","volume":"23","author":"R Wang","year":"2012","unstructured":"Wang, R., Feng, D.G., Yang, Y., Su, P.R.: Semantics-based malware behavior signature extraction and detection method. Journal of Software. 23(2), 378\u2013393 (2012)","journal-title":"Journal of Software."},{"key":"675_CR34","unstructured":"Matt Wolff Andrew Davis: Deep learning on disassembly data. https:\/\/www.blackhat.com\/docs\/us-15\/materials\/us-15-Davis-Deep-Learning-On-Disassembly.pdf (2015). Accessed Jan 2019"},{"issue":"4","key":"675_CR35","doi-asserted-by":"publisher","first-page":"371","DOI":"10.1145\/2740070.2631434","volume":"44","author":"Z Yuan","year":"2014","unstructured":"Yuan, Z., Lu, Y., Wang, Z., Xue, Y.: Droid-sec: deep learning in android malware detection. Acm Sigcomm Computer Communication Review. 44(4), 371\u2013372 (2014)","journal-title":"Acm Sigcomm Computer Communication Review."}],"container-title":["World Wide Web"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11280-019-00675-z.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11280-019-00675-z\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11280-019-00675-z.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,9,14]],"date-time":"2022-09-14T06:04:29Z","timestamp":1663135469000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11280-019-00675-z"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,3,22]]},"references-count":35,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2020,3]]}},"alternative-id":["675"],"URL":"https:\/\/doi.org\/10.1007\/s11280-019-00675-z","relation":{},"ISSN":["1386-145X","1573-1413"],"issn-type":[{"value":"1386-145X","type":"print"},{"value":"1573-1413","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,3,22]]},"assertion":[{"value":"8 September 2018","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"18 February 2019","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"25 February 2019","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"22 March 2019","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}