{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T14:55:49Z","timestamp":1763477749300,"version":"3.37.3"},"reference-count":26,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2023,5,2]],"date-time":"2023-05-02T00:00:00Z","timestamp":1682985600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,5,2]],"date-time":"2023-05-02T00:00:00Z","timestamp":1682985600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Comput Virol Hack Tech"],"DOI":"10.1007\/s11416-023-00478-x","type":"journal-article","created":{"date-parts":[[2023,5,2]],"date-time":"2023-05-02T02:01:21Z","timestamp":1682992881000},"page":"149-163","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Design and implementation of a sandbox for facilitating and automating IoT malware analysis with techniques to elicit malicious behavior: case studies of functionalities for dissecting IoT malware"],"prefix":"10.1007","volume":"19","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-5428-6831","authenticated-orcid":false,"given":"Shun","family":"Yonamine","sequence":"first","affiliation":[]},{"given":"Yuzo","family":"Taenaka","sequence":"additional","affiliation":[]},{"given":"Youki","family":"Kadobayashi","sequence":"additional","affiliation":[]},{"given":"Daisuke","family":"Miyamoto","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,5,2]]},"reference":[{"key":"478_CR1","doi-asserted-by":"crossref","unstructured":"Cozzi, E., Graziano, M., Fratantonio, Y., Balzarotti, D.: Understanding linux malware. In: 2018 IEEE Symposium on Security and Privacy (SP), pp. 161\u2013175 (2018). IEEE","DOI":"10.1109\/SP.2018.00054"},{"key":"478_CR2","doi-asserted-by":"crossref","unstructured":"Cozzi, E., Vervier, P.-A., Dell\u2019Amico, M., Shen, Y., Bilge, L., Balzarotti, D.: The tangled genealogy of iot malware. In: Annual Computer Security Applications Conference, pp. 1\u201316 (2020)","DOI":"10.1145\/3427228.3427256"},{"key":"478_CR3","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1016\/j.future.2020.04.031","volume":"110","author":"J Carrillo-Mond\u00e9jar","year":"2020","unstructured":"Carrillo-Mond\u00e9jar, J., Mart\u00ednez, J., Suarez-Tangil, G.: Characterizing linux-based malware: Findings and recent trends. Futur. Gener. Comput. Syst. 110, 267\u2013281 (2020)","journal-title":"Futur. Gener. Comput. Syst."},{"key":"478_CR4","unstructured":"Cuckoo: Automated Malware Analysis. https:\/\/www.cuckoosandbox.org\/ (2013)"},{"issue":"2","key":"478_CR5","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1109\/MSP.2007.45","volume":"5","author":"C Willems","year":"2007","unstructured":"Willems, C., Holz, T., Freiling, F.: Toward automated dynamic malware analysis using cwsandbox. IEEE Secur. Privacy 5(2), 32\u201339 (2007)","journal-title":"IEEE Secur. Privacy"},{"issue":"1","key":"478_CR6","doi-asserted-by":"publisher","first-page":"67","DOI":"10.1007\/s11416-006-0012-2","volume":"2","author":"U Bayer","year":"2006","unstructured":"Bayer, U., Moser, A., Kruegel, C., Kirda, E.: Dynamic analysis of malicious code. J. Comput. Virol. 2(1), 67\u201377 (2006)","journal-title":"J. Comput. Virol."},{"key":"478_CR7","unstructured":"Monnappa, K.: Automating linux malware analysis using limon sandbox. Black Hat Europe 2015 (2015)"},{"key":"478_CR8","unstructured":"VirusShare: \u201cVirusShare\u201d. https:\/\/virusshare.com\/ (2020)"},{"key":"478_CR9","unstructured":"inetsim: \u201cINetSim: Internet Services Simulation Suite\u201d. https:\/\/www.inetsim.org\/ (2020)"},{"key":"478_CR10","unstructured":"Debian.org: \u201cDebian Squeeze and Wheezy armel images for QEMU\u201d. https:\/\/people.debian.org\/~aurel32\/qemu\/armel\/ (2014)"},{"key":"478_CR11","doi-asserted-by":"crossref","unstructured":"Dolan-Gavitt, B., Hodosh, J., Hulin, P., Leek, T., Whelan, R.: Repeatable reverse engineering with panda. In: Proceedings of the 5th Program Protection and Reverse Engineering Workshop, p. 4 (2015). ACM","DOI":"10.1145\/2843859.2843867"},{"key":"478_CR12","unstructured":"LinuxFoundation: \u201cnetworking:bridge [Wiki]\u201d. https:\/\/wiki.linuxfoundation.org\/networking\/bridge (2020)"},{"key":"478_CR13","unstructured":"Michel Oosterhof: \u201cCowrie SSH\/Telnet Honeypot\u201d. https:\/\/github.com\/cowrie\/cowrie (2014)"},{"key":"478_CR14","unstructured":"FortiGuard: Reaper: The Next Evolution of IoT Botnets. https:\/\/www.fortinet.com\/blog\/threat-research\/reaper-the-next-evolution-of-iot-botnets (2017)"},{"key":"478_CR15","doi-asserted-by":"crossref","unstructured":"Jang, J., Brumley, D., Venkataraman, S.: Bitshred: feature hashing malware for scalable triage and semantic analysis. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 309\u2013320 (2011)","DOI":"10.1145\/2046707.2046742"},{"key":"478_CR16","doi-asserted-by":"crossref","unstructured":"Kouliaridis, V., Kambourakis, G., Peng, T.: Feature importance in android malware detection. In: 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 1449\u20131454 (2020). IEEE","DOI":"10.1109\/TrustCom50675.2020.00195"},{"key":"478_CR17","unstructured":"Unit42, P.A.N.: New IoT\/Linux Malware Targets DVRs, Forms Botnet. https:\/\/unit42.paloaltonetworks.com\/unit42-new-iotlinux-malware-targets-dvrs-forms-botnet\/ (2017)"},{"key":"478_CR18","doi-asserted-by":"crossref","unstructured":"Schwartz, E.J., Avgerinos, T., Brumley, D.: All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In: IEEE Symposium On Security and Privacy (SP), 2010, pp. 317\u2013331 (2010). IEEE","DOI":"10.1109\/SP.2010.26"},{"issue":"3","key":"478_CR19","first-page":"522","volume":"24","author":"YMP Pa","year":"2016","unstructured":"Pa, Y.M.P., Suzuki, S., Yoshioka, K., Matsumoto, T., Kasama, T., Rossow, C.: Iotpot: A novel honeypot for revealing current IoT threats. J. Inf. Process. 24(3), 522\u2013533 (2016)","journal-title":"J. Inf. Process."},{"key":"478_CR20","doi-asserted-by":"publisher","first-page":"145768","DOI":"10.1109\/ACCESS.2020.3014891","volume":"8","author":"H-V Le","year":"2020","unstructured":"Le, H.-V., Ngo, Q.-D.: V-sandbox for dynamic analysis IoT botnet. IEEE Access 8, 145768\u2013145786 (2020)","journal-title":"IEEE Access"},{"key":"478_CR21","doi-asserted-by":"crossref","unstructured":"Bulazel, A., Yener, B.: A survey on automated dynamic malware analysis evasion and counter-evasion: Pc, mobile, and web. In: Proceedings of the 1st Reversing and Offensive-oriented Trends Symposium, pp. 1\u201321 (2017)","DOI":"10.1145\/3150376.3150378"},{"key":"478_CR22","unstructured":"eBPF: \u201ceBPF - Introduction, Tutorials & Community Resources\u201d. https:\/\/ebpf.io\/ (2020)"},{"key":"478_CR23","doi-asserted-by":"crossref","unstructured":"Zaddach, J., Bruno, L., Francillon, A., Balzarotti, D., et al.: Avatar: A framework to support dynamic security analysis of embedded systems\u2019 firmwares. In: NDSS, vol. 23, pp. 1\u201316 (2014)","DOI":"10.14722\/ndss.2014.23229"},{"key":"478_CR24","doi-asserted-by":"crossref","unstructured":"Muench, M., Nisi, D., Francillon, A., Balzarotti, D.: Avatar2: A multi-target orchestration platform. In: Proc. Workshop Binary Anal. Res.(Colocated NDSS Symp.), vol. 18, pp. 1\u201311 (2018)","DOI":"10.14722\/bar.2018.23017"},{"key":"478_CR25","doi-asserted-by":"crossref","unstructured":"Xie, C., Guo, Y., Shi, S., Sheng, Y., Chen, X., Li, C., Wen, W.: Envfaker: A method to reinforce linux sandbox based on tracer, filter and emulator against environmental-sensitive malware. In: 2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 667\u2013677 (2021). IEEE","DOI":"10.1109\/TrustCom53373.2021.00099"},{"key":"478_CR26","doi-asserted-by":"publisher","first-page":"91686","DOI":"10.1109\/ACCESS.2021.3091427","volume":"9","author":"AD Raju","year":"2021","unstructured":"Raju, A.D., Abualhaol, I.Y., Giagone, R.S., Zhou, Y., Huang, S.: A survey on cross-architectural IoT malware threat hunting. IEEE Access 9, 91686\u201391709 (2021)","journal-title":"IEEE Access"}],"container-title":["Journal of Computer Virology and Hacking Techniques"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-023-00478-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11416-023-00478-x\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-023-00478-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,5,15]],"date-time":"2023-05-15T17:36:39Z","timestamp":1684172199000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11416-023-00478-x"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,5,2]]},"references-count":26,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2023,6]]}},"alternative-id":["478"],"URL":"https:\/\/doi.org\/10.1007\/s11416-023-00478-x","relation":{},"ISSN":["2263-8733"],"issn-type":[{"type":"electronic","value":"2263-8733"}],"subject":[],"published":{"date-parts":[[2023,5,2]]},"assertion":[{"value":"16 May 2022","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"7 April 2023","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"2 May 2023","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}