{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,21]],"date-time":"2026-02-21T18:52:32Z","timestamp":1771699952259,"version":"3.50.1"},"reference-count":22,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2013,4,26]],"date-time":"2013-04-26T00:00:00Z","timestamp":1366934400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["J Comput Virol Hack Tech"],"published-print":{"date-parts":[[2013,11]]},"DOI":"10.1007\/s11416-013-0186-3","type":"journal-article","created":{"date-parts":[[2013,12,10]],"date-time":"2013-12-10T11:39:10Z","timestamp":1386675550000},"page":"193-204","source":"Crossref","is-referenced-by-count":9,"title":["Abstracting minimal security-relevant behaviors for malware analysis"],"prefix":"10.1007","volume":"9","author":[{"given":"Ying","family":"Cao","sequence":"first","affiliation":[]},{"given":"Qiguang","family":"Miao","sequence":"additional","affiliation":[]},{"given":"Jiachen","family":"Liu","sequence":"additional","affiliation":[]},{"given":"Lin","family":"Gao","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2013,4,26]]},"reference":[{"issue":"1","key":"186_CR1","doi-asserted-by":"crossref","first-page":"35","DOI":"10.1007\/s11416-006-0009-x","volume":"2","author":"E Filiol","year":"2006","unstructured":"Filiol, E.: Malware pattern scanning schemes secure against black-box analysis. J. Comput. Virol. 2(1), 35\u201350 (2006)","journal-title":"J. Comput. Virol."},{"issue":"3","key":"186_CR2","doi-asserted-by":"crossref","first-page":"251","DOI":"10.1007\/s11416-008-0086-0","volume":"4","author":"G Jacob","year":"2008","unstructured":"Jacob, G., Debar, H., Filiol, E.: Behavioral detection of malware: from a survey towards an established taxonomy. J. Comput. Virol. 4(3), 251\u2013266 (2008)","journal-title":"J. Comput. Virol."},{"issue":"1","key":"186_CR3","doi-asserted-by":"crossref","first-page":"23","DOI":"10.1007\/s11416-006-0026-9","volume":"3","author":"E Filiol","year":"2007","unstructured":"Filiol, E., Jacob, G., Le Liard, M.: Evaluation methodology and theoretical model for antiviral behavioural detection strategies. J. Comput. Virol. 3(1), 23\u201337 (2007)","journal-title":"J. Comput. Virol."},{"issue":"1","key":"186_CR4","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1016\/j.istr.2009.03.003","volume":"14","author":"A Shabtai","year":"2009","unstructured":"Shabtai, A., Moskovitch, R., Elovici, Y., Glezer, C.: Detection of malicious code by applying machine learning classifiers on static features: a state-of-the-art survey. Inf. Secur. Tech. Rep. 14(1), 16\u201329 (2009)","journal-title":"Inf. Secur. Tech. Rep."},{"key":"186_CR5","doi-asserted-by":"crossref","unstructured":"Christodorescu, M., Jha, S., Kruegel, C.: Mining specifications of malicious behavior. In: Proceedings of the 6th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Softerware Engineering (ESEC\/FSE \u201907), Cavat, Croatia, pp. 5\u201314. ACM, New York, USA (2008)","DOI":"10.1145\/1287624.1287628"},{"key":"186_CR6","unstructured":"Kolbitsch, C., Comparetti, P.M., Kruegel, C., Kirda, E., Zhou, X., Wang, X.F.: Effective and efficient malware detection at the end host. In: Proceedings of the 18th conference on USENIX security symposium (USENIX Security\u201909), pp. 351\u2013366. USENIX Association, Springer, Heidelberg (2009)"},{"key":"186_CR7","unstructured":"Kephart, J.O., Sorkin, G.B., Arnold, W.C., Chess, D.M., Tesauro, G.J., White, S.R., Watson, T.J.: Biologically inspired defenses against computer viruses. In: Proceedings of the 14th International Joint Conference on Artificial Intelligence (IJCAI\u201995), Quebec, Canada, pp. 985\u2013996. Lawrence Erlbaum Associates LTD (1995)"},{"issue":"3","key":"186_CR8","doi-asserted-by":"crossref","first-page":"231","DOI":"10.1007\/s11416-006-0027-8","volume":"2","author":"DKS Reddy","year":"2006","unstructured":"Reddy, D.K.S., Pujari, A.K.: N-gram analysis for computer virus detection. J. Comput. Virol. 2(3), 231\u2013239 (2006)","journal-title":"J. Comput. Virol."},{"key":"186_CR9","doi-asserted-by":"crossref","unstructured":"Reddy, K. S., Dash, S. K., Pujari, A. K.: New malicious code detection using variable length n-grams. In: International Conference on Information Systems Security (ICISS), Lecture Notes in Computer Science, vol. 4332, pp. 276\u2013288 (2006)","DOI":"10.1007\/11961635_19"},{"issue":"4","key":"186_CR10","doi-asserted-by":"crossref","first-page":"220","DOI":"10.1049\/iet-ifs.2010.0180","volume":"5","author":"I Santos","year":"2011","unstructured":"Santos, I., Brezo, F., Sanz, B., Laorden, C., Bringas, P.G.: Using opcode sequences in single-class learning to detect unknown malware. IET Inf. Secur. 5(4), 220\u2013227 (2011)","journal-title":"IET Inf. Secur."},{"issue":"17","key":"186_CR11","first-page":"12","volume":"43","author":"C Ravi","year":"2012","unstructured":"Ravi, C., Manoharan, R.: Malware detection using Windows API sequence and machine learning. Int. J. Comput. Appl. 43(17), 12\u201316 (2012)","journal-title":"Int. J. Comput. Appl."},{"issue":"4","key":"186_CR12","doi-asserted-by":"crossref","first-page":"639","DOI":"10.3233\/JCS-2010-0410","volume":"19","author":"K Rieck","year":"2011","unstructured":"Rieck, K., Trinius, P., Willems, C., Holz, T.: Automatic analysis of malware behavior using machine learning. J. Comput. Secur. 19(4), 639\u2013668 (2011)","journal-title":"J. Comput. Secur."},{"issue":"4","key":"186_CR13","doi-asserted-by":"crossref","first-page":"247","DOI":"10.1007\/s11416-011-0152-x","volume":"7","author":"B Anderson","year":"2011","unstructured":"Anderson, B., Quist, D., Neil, J., Storlie, C., Lane, T.: Graph-based malware detection using dynamic analysis. J. Comput. Virol. 7(4), 247\u2013258 (2011)","journal-title":"J. Comput. Virol."},{"key":"186_CR14","doi-asserted-by":"crossref","unstructured":"Martignoni, L., Stinson, E., Fredrikson, M., Jha, S., Mitchell, J.: A layered architecture for detecting malicious behaviors. In: Proceedings of the 11th International Symposium on Recent Advances in Intrusion Detection (RAID\u201908), Cambridge, MA, USA, pp. 78\u201397. Springer, Berlin, Germany (2008)","DOI":"10.1007\/978-3-540-87403-4_5"},{"key":"186_CR15","doi-asserted-by":"crossref","unstructured":"Fredrikson, M., Jha, S., Christodorescu, M., Sailer, R., Yan, X.: Synthesizing near-optimal malware specifications from suspicious behaviors. In: Proceedings of the 31st IEEE Symposium on Security and Privacy, Berkeley, CA, pp. 45\u201360. IEEE, New York, USA (2010)","DOI":"10.1109\/SP.2010.11"},{"key":"186_CR16","unstructured":"Bayer, U., Kruegel, C., Kirda, E.: TTAnalyze: a tool for analyzing malware. In: Proceedings of the 15th European Institute for Computer Antivirus Research (EICAR 2006) Annual Conference, Hamburg, Germany (2006)"},{"key":"186_CR17","unstructured":"Willems, C., Holz, T., Freiling, F.: Toward automated dynamic malware analysis using cwsandbox. IEEE Secur. Priv. 5(2), 32\u201339 (2007)"},{"key":"186_CR18","unstructured":"Bellard, F.: QEMU, a fast and portable dynamic translator. In: Proceedings of the USENIX 2005 Annual Technical Conference, California, USA, pp. 41\u201346. USENIX Associations, Springer, Heidelberg (2005)"},{"key":"186_CR19","unstructured":"Bayer, U., Habibi, I., Balzarotti, D., Kirda, E., Kruegel, C.: Insights into current malware behavior. In: Proceedings of the 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 2009), Boston, USA USENIX Associations, Springer, Heidelberg (2009)"},{"key":"186_CR20","doi-asserted-by":"crossref","unstructured":"Apel, M., Bockermann, C., Meier, M.: Measuring similarity of malware behavior. In: Proceedings of the 34th Conference on Local Computer Networks (LCN\u201909), Zrich, Switzerland, pp. 891\u2013898. IEEE, New York, USA (2009)","DOI":"10.1109\/LCN.2009.5355037"},{"issue":"1","key":"186_CR21","doi-asserted-by":"crossref","first-page":"10","DOI":"10.1145\/1656274.1656278","volume":"11","author":"M Hall","year":"2009","unstructured":"Hall, M., Frank, E., Holmes, G., Pfahringer, B., Reutemann, P., Witten, I.H.: The WEKA data mining software: an update. ACM SIGKDD Explor. Newsl. 11(1), 10\u201318 (2009)","journal-title":"ACM SIGKDD Explor. Newsl."},{"issue":"3","key":"186_CR22","doi-asserted-by":"crossref","first-page":"247","DOI":"10.1007\/s11416-008-0095-z","volume":"5","author":"G Jacob","year":"2009","unstructured":"Jacob, G., Filiol, E., Debar, H.: Functional polymorphic engines: formalisation, implementation and use cases. J. Comput. Virol. 5(3), 247\u2013261 (2009)","journal-title":"J. Comput. Virol."}],"container-title":["Journal of Computer Virology and Hacking Techniques"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-013-0186-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11416-013-0186-3\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-013-0186-3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,4]],"date-time":"2019-08-04T15:12:02Z","timestamp":1564931522000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11416-013-0186-3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,4,26]]},"references-count":22,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2013,11]]}},"alternative-id":["186"],"URL":"https:\/\/doi.org\/10.1007\/s11416-013-0186-3","relation":{},"ISSN":["2263-8733"],"issn-type":[{"value":"2263-8733","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013,4,26]]}}}