{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,9]],"date-time":"2026-07-09T15:24:46Z","timestamp":1783610686297,"version":"3.55.0"},"reference-count":26,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2006,5,16]],"date-time":"2006-05-16T00:00:00Z","timestamp":1147737600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["J Comput Virol"],"published-print":{"date-parts":[[2006,8]]},"DOI":"10.1007\/s11416-006-0012-2","type":"journal-article","created":{"date-parts":[[2006,5,15]],"date-time":"2006-05-15T10:57:11Z","timestamp":1147690631000},"page":"67-77","source":"Crossref","is-referenced-by-count":210,"title":["Dynamic Analysis of Malicious Code"],"prefix":"10.1007","volume":"2","author":[{"given":"Ulrich","family":"Bayer","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Andreas","family":"Moser","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Christopher","family":"Kruegel","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Engin","family":"Kirda","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2006,5,16]]},"reference":[{"key":"12_CR1","unstructured":"Bellard, F. Qemu, a fast and portable dynamic translator. In: Usenix Annual Technical Conference, 2005"},{"key":"12_CR2","unstructured":"Christodorescu, M., Jha, S. Static analysis of executables to detect malicious patterns. In: Usenix Security Symposium, 2003"},{"key":"12_CR3","doi-asserted-by":"crossref","unstructured":"Christodorescu, M., Jha, S., Seshia, S., Song, D., Bryant, R. Semantics-aware malware detection. In: IEEE Symposium on Security and Privacy, 2005","DOI":"10.1109\/SP.2005.20"},{"key":"12_CR4","doi-asserted-by":"crossref","unstructured":"Collberg, C., Thomborson, C., Low, D. Manufacturing cheap, resilient, and stealthy opaque constructs. In: Conference on Principles of Programming Languages (POPL), 1998","DOI":"10.1145\/268946.268962"},{"key":"12_CR5","unstructured":"Computer Economics. Malware report 2005: the impact of malicious code attacks, 2006. http:\/\/www.computereconomics.com\/ article.cfm?id=1090"},{"key":"12_CR6","unstructured":"Hunt, G., Brubacher, D. Detours: binary interception of Win32 functions. In: 3rd USENIX Windows NT Symposium, 1999"},{"key":"12_CR7","unstructured":"Kaspersky Lab: antivirus software, 2006. http:\/\/www. kaspersky.com\/"},{"key":"12_CR8","unstructured":"Kruegel, C., Robertson, W., Vigna, G. Detecting Kernel-level rootkits through binary analysis. In: Annual Computer Security Application Conference (ACSAC), 2004"},{"key":"12_CR9","doi-asserted-by":"crossref","unstructured":"Linn, C., Debray, S. Obfuscation of executable code to improve resistance to static disassembly. In: ACM Conference on Computer and Communications Security (CCS), 2003","DOI":"10.1145\/948109.948149"},{"key":"12_CR10","unstructured":"Windows Device Driver Kit 2003, 2006. http:\/\/www.microsoft.com\/whdc\/devtools\/ddk\/"},{"key":"12_CR11","unstructured":"Microsoft IFS KIT, 2006. http:\/\/www.microsoft.com\/whdc\/ devtools\/ifskit"},{"key":"12_CR12","unstructured":"Microsoft PECOFF. Microsoft Portable Executable and Common Object File Format Specification, 2006. http:\/\/www.microsoft.com\/ whdc\/system\/platform\/firmware\/PECOFF.mspx"},{"key":"12_CR13","unstructured":"Microsoft Platform SDK, 2006. http:\/\/www.microsoft.com\/ msdownload\/platformsdk\/"},{"key":"12_CR14","volume-title":"Windows NT\/2000 Native API Reference","author":"G. Nebbett","year":"2000","unstructured":"Nebbett G. (2000) Windows NT\/2000 Native API Reference. New Riders Publishing, indianapolis"},{"key":"12_CR15","unstructured":"Neitzel, M.St. Analysis of win32\/sober.y, 2005. http:\/\/www. eset.com\/msgs\/sobery.htm"},{"key":"12_CR16","unstructured":"Oberhumer, M., Molnar, L. UPX: Ultimate Packer for eXecutables, 2004. http:\/\/upx.sourceforge.net\/"},{"key":"12_CR17","doi-asserted-by":"crossref","unstructured":"Robin, J., Irvine, C. Analysis of the Intel Pentium\u2019s ability to support a secure virtual machine monitor. In: Usenix Annual Technical Conference, 2000","DOI":"10.21236\/ADA423654"},{"key":"12_CR18","unstructured":"Russinovich, M., Cogswell, B. Freeware Sysinternals, 2006. http:\/\/www.sysinternals.com\/"},{"key":"12_CR19","volume-title":"Microsoft Windows Internals: Windows Server 2003, Windows XP, and Windows 2000","author":"M. Russinovich","year":"2004","unstructured":"Russinovich M., Solomon D. (2004) Microsoft Windows Internals: Windows Server 2003, Windows XP, and Windows 2000. Microsoft Press, Bellevue"},{"key":"12_CR20","unstructured":"Rutkowska, J. Red pill... or how to detect VMM using (almost) one CPU instruction, 2006. http:\/\/invisiblethings.org\/ papers\/redpill.html"},{"key":"12_CR21","unstructured":"Symantec. Internet security threat report, 2005. http:\/\/www. symantec.com\/enterprise\/threatreport\/index.jsp"},{"key":"12_CR22","volume-title":"The Art of Computer Virus Research and Defense","author":"P. Szor","year":"2005","unstructured":"Szor P. (2005) The Art of Computer Virus Research and Defense. Addison Wesley, Reading"},{"key":"12_CR23","unstructured":"Vasudevan, A., Yerraballi, R. Stealth breakpoints. In: 21st Annual Computer Security Applications Conference, 2005"},{"key":"12_CR24","unstructured":"VMware: server and desktop virtualization, 2006. http:\/\/www. vmware.com\/"},{"key":"12_CR25","unstructured":"Wang, C. A security architecture for survivability mechanisms. PhD Thesis, University of Virginia (2001)"},{"key":"12_CR26","unstructured":"Yetiser, T. Polymorphic Viruses \u2013 Implementation, detection, and protection, 1993. http:\/\/vx.netlux.org\/lib\/ayt01.html"}],"container-title":["Journal in Computer Virology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-006-0012-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11416-006-0012-2\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-006-0012-2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,4,14]],"date-time":"2020-04-14T21:39:37Z","timestamp":1586900377000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11416-006-0012-2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006,5,16]]},"references-count":26,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2006,8]]}},"alternative-id":["12"],"URL":"https:\/\/doi.org\/10.1007\/s11416-006-0012-2","relation":{},"ISSN":["1772-9890","1772-9904"],"issn-type":[{"value":"1772-9890","type":"print"},{"value":"1772-9904","type":"electronic"}],"subject":[],"published":{"date-parts":[[2006,5,16]]}}}