{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,11]],"date-time":"2026-05-11T15:20:28Z","timestamp":1778512828861,"version":"3.51.4"},"reference-count":46,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2018,9,11]],"date-time":"2018-09-11T00:00:00Z","timestamp":1536624000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Comput Virol Hack Tech"],"published-print":{"date-parts":[[2019,6]]},"DOI":"10.1007\/s11416-018-0327-9","type":"journal-article","created":{"date-parts":[[2018,9,11]],"date-time":"2018-09-11T16:34:02Z","timestamp":1536683642000},"page":"127-146","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":17,"title":["Windows malware detection system based on LSVC recommended hybrid features"],"prefix":"10.1007","volume":"15","author":[{"given":"S. L.","family":"Shiva Darshan","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"C. D.","family":"Jaidhar","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,9,11]]},"reference":[{"issue":"10","key":"327_CR1","doi-asserted-by":"publisher","first-page":"2608","DOI":"10.1093\/comjnl\/bxu148","volume":"58","author":"S Alam","year":"2014","unstructured":"Alam, S., Traore, I., Sogukpinar, I.: Annotated control flow graph for metamorphic malware detection. Comput. J. 58(10), 2608\u20132621 (2014)","journal-title":"Comput. J."},{"issue":"1","key":"327_CR2","doi-asserted-by":"publisher","first-page":"183","DOI":"10.1007\/s10664-014-9352-6","volume":"21","author":"K Allix","year":"2016","unstructured":"Allix, K., Bissyand\u00e9, T.F., J\u00e9rome, Q., Klein, J., Le Traon, Y.: Empirical assessment of machine learning-based malware detectors for android. Empir. Softw. Eng. 21(1), 183\u2013211 (2016)","journal-title":"Empir. Softw. Eng."},{"key":"327_CR3","doi-asserted-by":"crossref","unstructured":"Amin, M.: A survey of financial losses due to malware. In: Proceedings of the Second International Conference on Information and Communication Technology for Competitive Strategies, p. 145. ACM (2016)","DOI":"10.1145\/2905055.2905362"},{"key":"327_CR4","unstructured":"Awan, S., Saqib, N.A.: Detection of malicious executables using static and dynamic features of portable executable (pe) file. In: Security, Privacy and Anonymity in Computation, Communication and Storage: SpaCCS 2016 International Workshops, TrustData, TSP, NOPE, DependSys, BigDataSPT, and WCSSC, Zhangjiajie, China, November 16\u201318, 2016, Proceedings 9, pp. 48\u201358. Springer, New York (2016)"},{"key":"327_CR5","doi-asserted-by":"crossref","unstructured":"Bai, J., Wang, J., Zou, G.: A malware detection scheme based on mining format information. Sci. World J. 2014 (2014)","DOI":"10.1155\/2014\/260905"},{"issue":"1","key":"327_CR6","doi-asserted-by":"publisher","first-page":"67","DOI":"10.1007\/s11416-006-0012-2","volume":"2","author":"U Bayer","year":"2006","unstructured":"Bayer, U., Moser, A., Kruegel, C., Kirda, E.: Dynamic analysis of malicious code. J. Comput. Virol. 2(1), 67\u201377 (2006)","journal-title":"J. Comput. Virol."},{"key":"327_CR7","unstructured":"Bazrafshan, Z., Hashemi, H., Fard, S.M.H., Hamzeh, A.: A survey on heuristic malware detection techniques. In: Information and Knowledge Technology (IKT), 2013 5th Conference on, pp. 113\u2013120. IEEE (2013)"},{"key":"327_CR8","doi-asserted-by":"crossref","unstructured":"Belaoued, M., Mazouzi, S.: A real-time pe-malware detection system based on chi-square test and pe-file features. In: IFIP International Conference on Computer Science and its Applications __, pp. 416\u2013425. Springer, New York (2015)","DOI":"10.1007\/978-3-319-19578-0_34"},{"key":"327_CR9","doi-asserted-by":"crossref","unstructured":"Bounouh, T., Brahimi, Z., Al-Nemrat, A., Benzaid, C.: A scalable malware classification based on integrated static and dynamic features. In: International Conference on Global Security, Safety, and Sustainability, pp. 113\u2013124. Springer, New York (2017)","DOI":"10.1007\/978-3-319-51064-4_10"},{"key":"327_CR10","doi-asserted-by":"crossref","unstructured":"Calleja, A., Tapiador, J., Caballero, J.: A look into 30 years of malware development from a software metrics perspective. In: International Symposium on Research in Attacks, Intrusions, and Defenses, pp. 325\u2013345. Springer, New York (2016)","DOI":"10.1007\/978-3-319-45719-2_15"},{"issue":"2","key":"327_CR11","doi-asserted-by":"publisher","first-page":"289","DOI":"10.1109\/TIFS.2015.2491300","volume":"11","author":"S Das","year":"2016","unstructured":"Das, S., Liu, Y., Zhang, W., Chandramohan, M.: Semantics-based online malware detection: towards efficient real-time protection against malware. IEEE Trans. Inf. Forensics Secur. 11(2), 289\u2013302 (2016)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"327_CR12","doi-asserted-by":"crossref","unstructured":"Firdausi, I., Erwin, A., Nugroho, A.S., et\u00a0al.: Analysis of machine learning techniques used in behavior-based malware detection. In: Advances in Computing, Control and Telecommunication Technologies (ACT), 2010 Second International Conference on, pp. 201\u2013203. IEEE (2010)","DOI":"10.1109\/ACT.2010.33"},{"key":"327_CR13","doi-asserted-by":"crossref","unstructured":"Gandotra, E., Bansal, D., Sofat, S.: Integrated framework for classification of malwares. In: Proceedings of the 7th International Conference on Security of Information and Networks, p. 417. ACM (2014)","DOI":"10.1145\/2659651.2659738"},{"key":"327_CR14","unstructured":"Guarnieri, C., Tanasi, A., Bremer, J., Schloesser, M.: Automated malware analysis-cuckoo sandbox (2012)"},{"issue":"2","key":"327_CR15","doi-asserted-by":"publisher","first-page":"646","DOI":"10.1016\/j.jnca.2012.10.004","volume":"36","author":"R Islam","year":"2013","unstructured":"Islam, R., Tian, R., Batten, L.M., Versteeg, S.: Classification of malware based on integrated static and dynamic features. J. Netw. Comput. Appl. 36(2), 646\u2013656 (2013)","journal-title":"J. Netw. Comput. Appl."},{"key":"327_CR16","doi-asserted-by":"crossref","unstructured":"Kawaguchi, N., Omote, K.: Malware function classification using APIs in initial behavior. In: Information Security (AsiaJCIS), 2015 10th Asia Joint Conference on, pp. 138\u2013144. IEEE (2015)","DOI":"10.1109\/AsiaJCIS.2015.15"},{"key":"327_CR17","first-page":"2721","volume":"7","author":"JZ Kolter","year":"2006","unstructured":"Kolter, J.Z., Maloof, M.A.: Learning to detect and classify malicious executables in the wild. J. Mach. Learn. Res. 7, 2721\u20132744 (2006)","journal-title":"J. Mach. Learn. Res."},{"key":"327_CR18","unstructured":"Kumar, A., Kuppusamy, K., Aghila, G.: A learning model to detect maliciousness of portable executable using integrated feature set. J. King Saud Univ.-Comput. Inf. Sci. (2017)"},{"key":"327_CR19","doi-asserted-by":"crossref","unstructured":"Lengyel, T.K., Maresca, S., Payne, B.D., Webster, G.D., Vogl, S., Kiayias, A.: Scalability, fidelity and stealth in the drakvuf dynamic malware analysis system. In: Proceedings of the 30th Annual Computer Security Applications Conference, pp. 386\u2013395. ACM (2014)","DOI":"10.1145\/2664243.2664252"},{"issue":"1","key":"327_CR20","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/s10796-007-9054-3","volume":"10","author":"MM Masud","year":"2008","unstructured":"Masud, M.M., Khan, L., Thuraisingham, B.: A scalable multi-level feature extraction technique to detect malicious executables. Inf. Syst. Front. 10(1), 33\u201345 (2008)","journal-title":"Inf. Syst. Front."},{"key":"327_CR21","doi-asserted-by":"publisher","first-page":"S48","DOI":"10.1016\/j.diin.2017.06.007","volume":"22","author":"C Miller","year":"2017","unstructured":"Miller, C., Glendowne, D., Cook, H., Thomas, D., Lanclos, C., Pape, P.: Insights gained from constructing a large scale dynamic analysis platform. Digit. Investig. 22, S48\u2013S56 (2017)","journal-title":"Digit. Investig."},{"key":"327_CR22","doi-asserted-by":"publisher","first-page":"251","DOI":"10.1016\/j.cose.2015.04.001","volume":"52","author":"A Mohaisen","year":"2015","unstructured":"Mohaisen, A., Alrawi, O., Mohaisen, M.: Amal: high-fidelity, behavior-based automated malware analysis and classification. Comput. Secur. 52, 251\u2013266 (2015)","journal-title":"Comput. Secur."},{"key":"327_CR23","doi-asserted-by":"crossref","unstructured":"Moser, A., Kruegel, C., Kirda, E.: Limits of static analysis for malware detection. In: Computer Security Applications Conference, 2007. ACSAC 2007. Twenty-Third Annual, pp. 421\u2013430. IEEE (2007)","DOI":"10.1109\/ACSAC.2007.4413008"},{"key":"327_CR24","doi-asserted-by":"crossref","unstructured":"Noor, M., Abbas, H., Shahid, W.B.: Countering cyber threats for industrial applications: an automated approach for malware evasion detection and analysis. J. Netw. Comput. Appl. (2017)","DOI":"10.1016\/j.jnca.2017.10.004"},{"key":"327_CR25","doi-asserted-by":"crossref","unstructured":"Pekalska, E., Duin, R.P.: Classifiers for dissimilarity-based pattern recognition. In: Pattern Recognition, 2000. Proceedings. 15th International Conference on, vol.\u00a02, pp. 12\u201316. IEEE (2000)","DOI":"10.1109\/ICPR.2000.906008"},{"key":"327_CR26","unstructured":"Pekta\u015f, A., Eri\u015f, M., Acarman, T.: Proposal of n-gram based algorithm for malware classification. In: The Fifth International Conference on Emerging Security Information, Systems and Technologies, pp. 7\u201313 (2011)"},{"key":"327_CR27","doi-asserted-by":"crossref","unstructured":"Qiao, Y., Yang, Y., He, J., Tang, C., Liu, Z.: CBM: free, automatic malware analysis framework using API call sequences. In: Knowledge Engineering and Management, pp. 225\u2013236. Springer, New York (2014)","DOI":"10.1007\/978-3-642-37832-4_21"},{"issue":"3","key":"327_CR28","doi-asserted-by":"publisher","first-page":"231","DOI":"10.1007\/s11416-006-0027-8","volume":"2","author":"DKS Reddy","year":"2006","unstructured":"Reddy, D.K.S., Pujari, A.K.: N-gram analysis for computer virus detection. J. Comput. Virol. 2(3), 231\u2013239 (2006)","journal-title":"J. Comput. Virol."},{"issue":"4","key":"327_CR29","doi-asserted-by":"publisher","first-page":"639","DOI":"10.3233\/JCS-2010-0410","volume":"19","author":"K Rieck","year":"2011","unstructured":"Rieck, K., Trinius, P., Willems, C., Holz, T.: Automatic analysis of malware behavior using machine learning. J. Comput. Secur. 19(4), 639\u2013668 (2011)","journal-title":"J. Comput. Secur."},{"key":"327_CR30","doi-asserted-by":"crossref","unstructured":"Saleh, M., Li, T., Xu, S.: Multi-context features for detecting malicious programs. J. Comput. Virol. Hacking Tech., pp. 1\u201313 (2017)","DOI":"10.1007\/s11416-017-0304-8"},{"key":"327_CR31","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1016\/j.engappai.2016.12.016","volume":"59","author":"Z Salehi","year":"2017","unstructured":"Salehi, Z., Sami, A., Ghiasi, M.: Maar: Robust features to detect malicious activity based on api calls, their arguments and return values. Eng. Appl. Artif. Intell. 59, 93\u2013102 (2017)","journal-title":"Eng. Appl. Artif. Intell."},{"key":"327_CR32","doi-asserted-by":"crossref","unstructured":"Santos, I., Brezo, F., Nieves, J., Penya, Y.K., Sanz, B., Laorden, C., Bringas, P.G.: Idea: Opcode-sequence-based malware detection. In: International Symposium on Engineering Secure Software and Systems, pp. 35\u201343. Springer, New York (2010)","DOI":"10.1007\/978-3-642-11747-3_3"},{"key":"327_CR33","doi-asserted-by":"publisher","first-page":"64","DOI":"10.1016\/j.ins.2011.08.020","volume":"231","author":"I Santos","year":"2013","unstructured":"Santos, I., Brezo, F., Ugarte-Pedrero, X., Bringas, P.G.: Opcode sequences as representation of executables for data-mining-based unknown malware detection. Inf. Sci. 231, 64\u201382 (2013)","journal-title":"Inf. Sci."},{"key":"327_CR34","doi-asserted-by":"crossref","unstructured":"Santos, I., Devesa, J., Brezo, F., Nieves, J., Bringas, P.G.: Opem: a static-dynamic approach for machine-learning-based malware detection. In: International Joint Conference CISIS12-ICEUTE 12-SOCO 12 Special Sessions, pp. 271\u2013280. Springer, New York (2013)","DOI":"10.1007\/978-3-642-33018-6_28"},{"key":"327_CR35","doi-asserted-by":"crossref","unstructured":"Santos, I., Nieves, J., Bringas, P.G.: Semi-supervised learning for unknown malware detection. In: DCAI, pp. 415\u2013422. Springer, New York (2011)","DOI":"10.1007\/978-3-642-19934-9_53"},{"key":"327_CR36","doi-asserted-by":"crossref","unstructured":"Schultz, M.G., Eskin, E., Zadok, F., Stolfo, S.J.: Data mining methods for detection of new malicious executables. In: Security and Privacy, 2001. S&P 2001. Proceedings. 2001 IEEE Symposium on, pp. 38\u201349. IEEE (2001)","DOI":"10.1109\/SECPRI.2001.924286"},{"issue":"1","key":"327_CR37","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1016\/j.istr.2009.03.003","volume":"14","author":"A Shabtai","year":"2009","unstructured":"Shabtai, A., Moskovitch, R., Elovici, Y., Glezer, C.: Detection of malicious code by applying machine learning classifiers on static features: a state-of-the-art survey. Inf. Secur. Tech. Rep. 14(1), 16\u201329 (2009)","journal-title":"Inf. Secur. Tech. Rep."},{"key":"327_CR38","doi-asserted-by":"crossref","unstructured":"Shahzad, R.K., Haider, S.I., Lavesson, N.: Detection of spyware by mining executable files. In: Availability, Reliability, and Security, 2010. ARES\u201910 International Conference on, pp. 295\u2013302. IEEE (2010)","DOI":"10.1109\/ARES.2010.105"},{"key":"327_CR39","doi-asserted-by":"crossref","unstructured":"Sharma, A., Sahay, S.K.: Evolution and detection of polymorphic and metamorphic malwares: a survey. arXiv preprint arXiv:1406.7061 (2014)","DOI":"10.5120\/15544-4098"},{"key":"327_CR40","doi-asserted-by":"publisher","first-page":"804","DOI":"10.1016\/j.procs.2015.02.149","volume":"46","author":"P Shijo","year":"2015","unstructured":"Shijo, P., Salim, A.: Integrated static and dynamic analysis for malware detection. Procedia Comput. Sci. 46, 804\u2013811 (2015)","journal-title":"Procedia Comput. Sci."},{"issue":"1","key":"327_CR41","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1016\/S1353-4858(16)30008-3","volume":"2016","author":"F Touchette","year":"2016","unstructured":"Touchette, F.: The evolution of malware. Netw. Secur. 2016(1), 11\u201314 (2016)","journal-title":"Netw. Secur."},{"key":"327_CR42","doi-asserted-by":"crossref","unstructured":"Vinod, P., Laxmi, V., Gaur, M.S.: Scattered feature space for malware analysis. In: Advances in Computing and Communications, pp. 562\u2013571 (2011)","DOI":"10.1007\/978-3-642-22709-7_55"},{"key":"327_CR43","doi-asserted-by":"crossref","unstructured":"Willems, C., Holz, T., Freiling, F.: Toward automated dynamic malware analysis using cwsandbox. IEEE Security and Privacy 5(2) (2007)","DOI":"10.1109\/MSP.2007.45"},{"issue":"4","key":"327_CR44","doi-asserted-by":"publisher","first-page":"283","DOI":"10.1007\/s11416-008-0108-y","volume":"5","author":"Y Ye","year":"2009","unstructured":"Ye, Y., Chen, L., Wang, D., Li, T., Jiang, Q., Zhao, M.: SBMDS: an interpretable string based malware detection system using svm ensemble with bagging. J. Comput. Virol. 5(4), 283\u2013293 (2009)","journal-title":"J. Comput. Virol."},{"issue":"3","key":"327_CR45","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1145\/3073559","volume":"50","author":"Y Ye","year":"2017","unstructured":"Ye, Y., Li, T., Adjeroh, D., Iyengar, S.S.: A survey on malware detection using data mining techniques. ACM Comput. Surv. 50(3), 41 (2017)","journal-title":"ACM Comput. Surv."},{"key":"327_CR46","doi-asserted-by":"crossref","unstructured":"Ye, Y., Li, T., Chen, Y., Jiang, Q.: Automatic malware categorization using cluster ensemble. In: Proceedings of the 16th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 95\u2013104. ACM (2010)","DOI":"10.1145\/1835804.1835820"}],"container-title":["Journal of Computer Virology and Hacking Techniques"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-018-0327-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11416-018-0327-9\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-018-0327-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,7]],"date-time":"2025-07-07T02:14:19Z","timestamp":1751854459000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11416-018-0327-9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,9,11]]},"references-count":46,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2019,6]]}},"alternative-id":["327"],"URL":"https:\/\/doi.org\/10.1007\/s11416-018-0327-9","relation":{},"ISSN":["2263-8733"],"issn-type":[{"value":"2263-8733","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,9,11]]},"assertion":[{"value":"23 October 2017","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"27 August 2018","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"11 September 2018","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}