{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,1,10]],"date-time":"2025-01-10T05:14:40Z","timestamp":1736486080350,"version":"3.32.0"},"reference-count":51,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2006,6,15]],"date-time":"2006-06-15T00:00:00Z","timestamp":1150329600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["J Comput Virol"],"published-print":{"date-parts":[[2006,8]]},"DOI":"10.1007\/s11416-006-0016-y","type":"journal-article","created":{"date-parts":[[2006,6,14]],"date-time":"2006-06-14T08:12:10Z","timestamp":1150272730000},"page":"51-65","source":"Crossref","is-referenced-by-count":8,"title":["How to Assess the Effectiveness of your Anti-virus?"],"prefix":"10.1007","volume":"2","author":[{"given":"S\u00e9bastien","family":"Josse","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2006,6,15]]},"reference":[{"issue":"6","key":"16_CR1","doi-asserted-by":"crossref","first-page":"333","DOI":"10.1145\/360825.360855","volume":"18","author":"A.V. Aho","year":"1975","unstructured":"Aho A.V., Corasick M.J. (1975). Efficient string matching: an aid to bibliographic search. Commun. ACM 18(6):333\u2013340","journal-title":"Commun. ACM"},{"key":"16_CR2","unstructured":"Aycock, A., DeGraaf, R., Jacobson, M.: Anti-disassembly using Cryptographic Hash Functions. In: Proceedings of the 15th EICAR Conference (2005)"},{"key":"16_CR3","doi-asserted-by":"crossref","unstructured":"Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S., Yang, K.: On the (im)possibility of obfuscating programs. In: Advances in Cryptology \u2013 CRYPTO \u201801, vol. 2139 of Lecture Notes in Computer Science, pp. 1\u201318, Santa Barbara (2001)","DOI":"10.1007\/3-540-44647-8_1"},{"key":"16_CR4","unstructured":"Bayer, U.: TTAnalyze: a tool for analyzing malware. Master\u2019s Thesis, Technical University of Vienna (2005)"},{"key":"16_CR5","unstructured":"Bellard, F.: QEMU, a fast and portable dynamic translator. In: Proceedings of USENIX 2005 Annual Technical Conference, pp. 41\u201346 (2005)"},{"key":"16_CR6","unstructured":"Brubacher, D., Hunt, G.: Detours: binary interception of Win32 functions. In: Proceedings of the 3rd USENIX Windows NT Symposium, pp. 135\u2013143, Seattle (1999)"},{"key":"16_CR7","unstructured":"CCEVS: US Government Protection Profile Anti-Virus Applications for Workstations in Basic Robustness Environments. Version 1.0. (2005) http:\/\/niap.nist.gov\/cc-scheme\/pp\/PP_VID10053-PP.html"},{"key":"16_CR8","unstructured":"Chavez, P., Mukkamala, S., Sung, A.H., Xu, J.: Static analyzer of vicious executables (SAVE). In: Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC\u201904), pp. 326\u2013334 (2004)"},{"key":"16_CR9","unstructured":"Christodorescu, M., Jha, S.: Static analysis of executables to detect malicious patterns. In: Proceedings of the 12th Usenix Security Symposium, pp. 169\u2013186 (2003)"},{"key":"16_CR10","unstructured":"ClamAV (2006) http:\/\/www.clamav.net\/"},{"key":"16_CR11","unstructured":"Cloakware (2006) http:\/\/www.cloakware.com\/"},{"key":"16_CR12","unstructured":"Cogswell, B., Russinovich, M.: Sysinternals. (2006) http:\/\/www.sysinternals.com\/"},{"key":"16_CR13","volume-title":"Computer viruses","author":"F. Cohen","year":"1986","unstructured":"Cohen F. (1986). Computer viruses. Doctoral dissertation, University of Southern California, California"},{"key":"16_CR14","unstructured":"Common Vulnerabilities and Exposures (2006) http:\/\/www. cve.mitre.org\/"},{"key":"16_CR15","doi-asserted-by":"crossref","unstructured":"Cunningham, R.K., Khazan, R.I., Lewandowski, S.M., Rabek, J.C.: Detection of injected, dynamically generated, and obfuscated malicious code. In: Proceedings of the 2003 ACM Workshop on Rapid Malcode (WORM), Washington, DC, pp. 76\u201382 (2003)","DOI":"10.1145\/948187.948201"},{"key":"16_CR16","unstructured":"Dagon, D., Kolesnikov, O., Lee, W.: Advanced Polymorphic Worms: Evading IDS by Blending in with Normal Traffic. Georgia Institute of Technology, Technical Report (2005)"},{"key":"16_CR17","unstructured":"Das, A., Miretskiy, Y., Wright, C.P., Zadok, E.: Avfs: an on-access anti-virus file system. In: Proceedings of the 13th USENIX Security Symposium (2004)"},{"key":"16_CR18","unstructured":"Detoisien, E., Dotan, E.: Cheval de Troie furtif sous Windows: m\u00e9canismes d\u2019injection de code. MISC Magazine no10 (2003)"},{"key":"16_CR19","unstructured":"European Institute for Computer Anti-Virus Research (EICAR) (2006) http:\/\/www.eicar.org\/"},{"key":"16_CR20","unstructured":"eSafe eSafe test page. (2006) http:\/\/www.esafe.com\/home\/ csrt\/eSafe_Demo\/TestPage.asp"},{"key":"16_CR21","unstructured":"Eskin, E., Schultz, M.G., Stolfo, S.J., Zadok, E.: Data mining methods for detection of new malicious executables. In: Proceedings of the 2001 IEEE Symposium on Security and Privacy. IEEE Computer Society, Washington, DC (2001)"},{"key":"16_CR22","unstructured":"Filiol, E.: Strong cryptography armoured computer viruses forbidding code analysis. In: Proceedings of the 14th EICAR Conference, pp. 216\u2013227 (2005)"},{"key":"16_CR23","doi-asserted-by":"crossref","unstructured":"Filiol, E.: Malware scanning schemes secure against black-box analysis. In: Proceedings of the 15th EICAR Conference (2006)","DOI":"10.1007\/s11416-006-0009-x"},{"key":"16_CR24","unstructured":"Frej, P., Ogorkiewicz, M.: Analysis of Buffer Overflow Attacks. (2004) http:\/\/www.windowsecurity.com\/"},{"key":"16_CR25","unstructured":"GriYo: EPO: Entry-Point Obscuring. (2006) http:\/\/vx.netlux.org\/lib\/vgy01.html"},{"key":"16_CR26","unstructured":"Hazel, P.: Perl-Compatible Regular Expressions. (2003) http:\/\/www.pcre.org\/"},{"key":"16_CR27","unstructured":"IFSKit: Installable File System Kit. (2006) http:\/\/www.microsoft.com\/whdc\/devtools\/ifskit\/"},{"key":"16_CR28","unstructured":"International Computer Security Association Labs (2006) https:\/\/www.icsalabs.com\/"},{"key":"16_CR29","unstructured":"Josse, S.: Techniques d\u2019obfuscation de code: chiffrer du clair avec du clair. MISC Magazine no20, pp. 32\u201342 (2005)"},{"key":"16_CR30","unstructured":"Low Level Virtual Machine (2006) http:\/\/llvm.cs.uiuc.edu\/"},{"key":"16_CR31","unstructured":"SandMark (2006) http:\/\/www.cs.arizona.edu\/sandmark\/"},{"key":"16_CR32","unstructured":"Security Focus Bugtraq (2006) http:\/\/www.securityfocus.com\/bid\/"},{"key":"16_CR33","volume-title":"Advanced Code Evolution Techniques and Computer Virus Generator Kits","author":"P. Szor","year":"2005","unstructured":"Szor P. (2005). Advanced Code Evolution Techniques and Computer Virus Generator Kits. Addison Wesley, Reading"},{"key":"16_CR34","unstructured":"Ultimate Packer for eXecutables (2006) http:\/\/upx.sourceforge.net\/"},{"key":"16_CR35","unstructured":"Vigil@nce: Outlook accepts messages whose format does not respect the RFC 822 (Standard for the format of ARPA Internet text messages). BUGTRAQ-5259, CVE-2002-0637. (2006a) http:\/\/vigilance.aql.fr\/"},{"key":"16_CR36","unstructured":"Vigil@nce: Incorrect analysis of MIME messages. BUGTRAQ-9650, CVE-2004-2088. (2006b) http:\/\/vigilance.aql.fr\/"},{"key":"16_CR37","unstructured":"Vigil@nce: Incorrect Unicode support. BUGTRAQ-10164. (2006c) http:\/\/vigilance.aql.fr\/"},{"key":"16_CR38","unstructured":"Vigil@nce: Incorrect analysis of LHA files. BUGTRAQ-10243, CVE-2004-0234, CVE-2004-0235. (2006e) http:\/\/vigilance.aql.fr\/"},{"key":"16_CR39","unstructured":"Vigil@nce: Incorrect analysis of ZIP files when they are protected by a password or have several levels of overlap. BUGTRAQ-11600, BUGTRAQ-11669, BUGTRAQ-11732, CVE-2004-2220, CVE-2004-2442. (2006g) http:\/\/vigilance.aql.fr\/"},{"key":"16_CR40","unstructured":"Vigil@nce: No disinfection of ZIP file. BUGTRAQ-11448, CVE-2004-0932-0937, CVE-2004-1096. (2006h) http:\/\/vigilance.aql.fr\/"},{"key":"16_CR41","unstructured":"Vigil@nce: Incorrect analysis of the data integrated into a URI. BUGTRAQ-12269, CVE-2005-0218. (2006i) http:\/\/vigilance.aql.fr\/"},{"key":"16_CR42","unstructured":"Vigil@nce: Incorrect management of the files containing ANSI escape characters (these sequences can disturb display during the consultation of the audit files by the administrator). BUGTRAQ-12793. (2006j) http:\/\/vigilance.aql.fr\/"},{"key":"16_CR43","unstructured":"Vigil@nce: Incorrect analysis of RAR files. BUGTRAQ-13416, CVE-2005-1346. (2006k) http:\/\/vigilance.aql.fr\/"},{"key":"16_CR44","unstructured":"Virus Bulletin (2006) http:\/\/www.virusbtn.com\/"},{"key":"16_CR45","unstructured":"Vmware (2006) http:\/\/www.vmware.com\/"},{"key":"16_CR46","doi-asserted-by":"crossref","unstructured":"West Coast Labs (2006) http:\/\/www.westcoastlabs.org\/","DOI":"10.12968\/sece.2006.3.597"},{"key":"16_CR47","unstructured":"WinDDK: Windows NT Driver Devel Kit. (2006) http:\/\/ www.microsoft.com\/whdc\/driver\/WDK\/"},{"key":"16_CR48","unstructured":"Winpooch (2006) http:\/\/winpooch.sourceforge.net\/"},{"key":"16_CR49","unstructured":"Y0da: Yoda\u2019s packer. (2006) http:\/\/y0da.cjb.net\/"},{"key":"16_CR50","unstructured":"Z0mbie: About Permutation (RPME). (2001a) http:\/\/vx.netlux.org\/lib\/"},{"key":"16_CR51","unstructured":"Z0mbie: Automated Reverse Engineering: Mistfall Engine. (2001b) Retrieved from: http:\/\/vx.netlux.org\/lib\/"}],"container-title":["Journal in Computer Virology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-006-0016-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11416-006-0016-y\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-006-0016-y","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,1,9]],"date-time":"2025-01-09T10:40:46Z","timestamp":1736419246000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11416-006-0016-y"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006,6,15]]},"references-count":51,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2006,8]]}},"alternative-id":["16"],"URL":"https:\/\/doi.org\/10.1007\/s11416-006-0016-y","relation":{},"ISSN":["1772-9890","1772-9904"],"issn-type":[{"type":"print","value":"1772-9890"},{"type":"electronic","value":"1772-9904"}],"subject":[],"published":{"date-parts":[[2006,6,15]]}}}