{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,21]],"date-time":"2026-04-21T01:24:01Z","timestamp":1776734641429,"version":"3.51.2"},"reference-count":56,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2023,10,20]],"date-time":"2023-10-20T00:00:00Z","timestamp":1697760000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,10,20]],"date-time":"2023-10-20T00:00:00Z","timestamp":1697760000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Comput Virol Hack Tech"],"DOI":"10.1007\/s11416-023-00506-w","type":"journal-article","created":{"date-parts":[[2023,10,20]],"date-time":"2023-10-20T22:04:27Z","timestamp":1697839467000},"page":"173-184","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":16,"title":["A natural language processing approach to Malware classification"],"prefix":"10.1007","volume":"20","author":[{"given":"Ritik","family":"Mehta","sequence":"first","affiliation":[]},{"given":"Olha","family":"Jure\u010dkov\u00e1","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3803-8368","authenticated-orcid":false,"given":"Mark","family":"Stamp","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,10,20]]},"reference":[{"key":"506_CR1","doi-asserted-by":"crossref","unstructured":"Agbinya, J.: Hidden Markov modelling (HMM)\u2014an introduction. In: Applied Data Analytics\u2014Principles and Applications, pp. 17\u201334. River Publishers (2020)","DOI":"10.1201\/9781003337225-2"},{"key":"506_CR2","doi-asserted-by":"crossref","unstructured":"Alam, M.\u00a0S., Vuong, S.\u00a0T.: Random forest classification for detecting android malware. In: 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing, pp. 663\u2013669 (2013)","DOI":"10.1109\/GreenCom-iThings-CPSCom.2013.122"},{"key":"506_CR3","doi-asserted-by":"publisher","first-page":"59","DOI":"10.1007\/s11416-014-0215-x","volume":"11","author":"C Annachhatre","year":"2015","unstructured":"Annachhatre, C., Austin, T., Stamp, M.: Hidden Markov models for malware classification. J. Comput. Virol. Hack. Tech. 11, 59\u201373 (2015)","journal-title":"J. Comput. Virol. Hack. Tech."},{"key":"506_CR4","doi-asserted-by":"crossref","unstructured":"Bazrafshan, Z., Hashemi, H., Fard, S. M. H., Hamzeh, A.: A survey on heuristic malware detection techniques. In: The 5th Conference on Information and Knowledge Technology, pp. 113\u2013120 (2013)","DOI":"10.1109\/IKT.2013.6620049"},{"key":"506_CR5","unstructured":"Bergeron, J., Debbabi, M., Desharnais, J., Erhioui, M., Lavoie, Y., Tawbi, N.: Static detection of malicious code in executable programs. Int. J. Req. Eng. (2009)"},{"key":"506_CR6","doi-asserted-by":"crossref","unstructured":"Bhodia, N., Prajapati, P., Di Troia, F., Stamp, M.: Transfer learning for image-based malware classification. In: Mori, P., Furnell, S., Camp, O. (eds) Proceedings of the 5th International Conference on Information Systems Security and Privacy, ICISSP 2019, pp. 719\u2013726 (2019). arXiv:1903.11551","DOI":"10.5220\/0007701407190726"},{"key":"506_CR7","unstructured":"Bleeping computer: Remove Smart HDD (uninstall guide) (2010). https:\/\/www.bleepingcomputer.com\/virus-removal\/remove-smart-hdd"},{"issue":"1","key":"506_CR8","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1023\/A:1010933404324","volume":"45","author":"L Breiman","year":"2001","unstructured":"Breiman, L.: Random forests. Mach. Learn. 45(1), 5\u201332 (2001)","journal-title":"Mach. Learn."},{"key":"506_CR9","unstructured":"Computer hope: Cridex malware (2017). https:\/\/www.computerhope.com\/jargon\/c\/cridex-malware.htm"},{"key":"506_CR10","first-page":"157","volume-title":"Ensemble Machine Learning","author":"A Cutler","year":"2011","unstructured":"Cutler, A., Cutler, D., Stevens, J.: Random forests. In: Zhang, C., Ma, Y.Q. (eds.) Ensemble Machine Learning, pp. 157\u2013175. Springer, Berlin (2011)"},{"issue":"1","key":"506_CR11","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s11416-015-0261-z","volume":"13","author":"A Damodaran","year":"2017","unstructured":"Damodaran, A., Di Troia, F., Visaggio, C.A., Austin, T.H., Stamp, M.: A comparison of static, dynamic, and hybrid analysis for malware detection. J. Comput. Virol. Hack. Tech. 13(1), 1\u201312 (2017)","journal-title":"J. Comput. Virol. Hack. Tech."},{"key":"506_CR12","doi-asserted-by":"crossref","unstructured":"Dang, D., Di Troia, F., Stamp, M.: Malware classification using long short-term memory models. In: Mori, P., Lenzini, G., Furnell, S. (eds) Proceedings of the 7th International Conference on Information Systems Security and Privacy, ICISSP, pp. 743\u2013752 (2021). arXiv:2103.02746","DOI":"10.5220\/0010378007430752"},{"key":"506_CR13","doi-asserted-by":"crossref","unstructured":"Du, K.-L., Swamy, M. N. S.: Recurrent neural networks. In: Neural Networks and Statistical Learning, 2nd edn, pp. 337\u2013353. Springer (2019)","DOI":"10.1007\/978-1-4471-5571-3_11"},{"key":"506_CR14","doi-asserted-by":"crossref","unstructured":"Evgeniou, T., Pontil, M.: Support vector machines: theory and applications. In: Machine Learning and Its Applications, pp. 249\u2013257 (2001)","DOI":"10.1007\/3-540-44673-7_12"},{"key":"506_CR15","doi-asserted-by":"crossref","unstructured":"Franzese, M., Iuliano, A.: Hidden Markov models. In: Ranganathan, S., Gribskov, M., Nakai, K., Sch\u00f6nbach, C. (eds) Encyclopedia of Bioinformatics and Computational Biology, pp. 753\u2013762. Academic Press (2019). https:\/\/www.sciencedirect.com\/science\/article\/pii\/B9780128096338204883","DOI":"10.1016\/B978-0-12-809633-8.20488-3"},{"key":"506_CR16","doi-asserted-by":"crossref","unstructured":"Fyfe, C.: Artificial neural networks. In: Gabrys, B., Leivisk\u00e4, K., Strackeljan, J. (eds) Do Smart Adaptive Systems Exist?, pp. 57\u201379. Springer (2006)","DOI":"10.1007\/3-540-32374-0_4"},{"key":"506_CR17","unstructured":"Garcia, F. C. C., Muga II, F. P.: Random forest for malware classification (2016). arXiv:1609.07770"},{"issue":"8","key":"506_CR18","doi-asserted-by":"publisher","first-page":"1735","DOI":"10.1162\/neco.1997.9.8.1735","volume":"9","author":"S Hochreiter","year":"1997","unstructured":"Hochreiter, S., Schmidhuber, J.: Long short-term memory. Neural Comput. 9(8), 1735\u20131780 (1997)","journal-title":"Neural Comput."},{"key":"506_CR19","unstructured":"Jain, M., Andreopoulos, W., Stamp, M.: CNN vs ELM for image-based malware classification (2021). arXiv:2103.13820"},{"key":"506_CR20","unstructured":"Jain, P.: Machine learning versus deep learning for malware detection. Master\u2019s thesis, San Jose State University (2019). https:\/\/scholarworks.sjsu.edu\/etd_projects\/704\/"},{"key":"506_CR21","doi-asserted-by":"crossref","unstructured":"Kalash, M., Rochan, M., Mohammed, N., Bruce, N. D., Wang, Y., Iqbal, F.: Malware classification with deep convolutional neural networks. In: 2018 9th IFIP International Conference on New Technologies, Mobility and Security, NTMS, pp. 1\u20135 (2018)","DOI":"10.1109\/NTMS.2018.8328749"},{"key":"506_CR22","unstructured":"Khotijah, S.: Multi Layer Perceptron: Malware detection (2020). https:\/\/www.kaggle.com\/code\/khotijahs1\/multi-layer-perceptron-malware-detection"},{"key":"#cr-split#-506_CR23.1","doi-asserted-by":"crossref","unstructured":"Kruczkowski, M., Szynkiewicz, E.\u00a0N.: Support vector machine for malware analysis and classification. In: 2014 IEEE\/WIC\/ACM International Joint Conferences on Web Intelligence","DOI":"10.1109\/WI-IAT.2014.127"},{"key":"#cr-split#-506_CR23.2","unstructured":"(WI) and Intelligent Agent Technologies (IAT), vol.\u00a02, pp. 415-420 (2014)"},{"key":"506_CR24","unstructured":"Liashchynskyi, P., Liashchynskyi, P.: Grid search, random search, genetic algorithm: a big comparison for NAS. arXiv:1912.06059"},{"key":"506_CR25","unstructured":"Lu, R.: Malware detection with LSTM using opcode language (2019). arXiv:1906.04593"},{"key":"506_CR26","unstructured":"Malhotra, V., Potika, K., Stamp, M.: A comparison of graph neural networks for malware classification (2021). arXiv:2303.12812"},{"key":"506_CR27","unstructured":"Microsoft malware classification challenge (BIG 2015). https:\/\/www.kaggle.com\/c\/malware-classification"},{"key":"506_CR28","unstructured":"Microsoft security intelligence: SecurityShield (2019). https:\/\/www.microsoft.com\/en-us\/wdsi\/threats\/malware-encyclopedia-description?Name=SecurityShield"},{"key":"506_CR29","unstructured":"Microsoft security intelligence: Winwebsec (2017). https:\/\/www.microsoft.com\/en-us\/wdsi\/threats\/malware-encyclopedia-description?Name=Win32\/Winwebsec"},{"key":"506_CR30","unstructured":"Microsoft security intelligence: Zbot (2017). https:\/\/www.microsoft.com\/enus\/wdsi\/threats\/malware-encyclopedia-description?Name=PWS%3AWin32%2FZbot"},{"key":"506_CR31","doi-asserted-by":"crossref","unstructured":"Morales-Molina, C.\u00a0D., Santamaria-Guerrero, D., Sanchez-Perez, G., Perez-Meana, H., Hernandez-Suarez, A.: Methodology for malware classification using a random forest classifier. In: 2018 IEEE International Autumn Meeting on Power, Electronics and Computing, ROPEC, pp. 1\u20136 (2018)","DOI":"10.1109\/ROPEC.2018.8661441"},{"key":"506_CR32","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1007\/s10207-014-0248-7","volume":"14","author":"A Nappa","year":"2014","unstructured":"Nappa, A., Rafique, M.Z., Caballero, J.: The MALICIA dataset: identification and analysis of drive-by download operations. Int. J. Inf. Secur. 14, 15\u201333 (2014)","journal-title":"Int. J. Inf. Secur."},{"key":"506_CR33","doi-asserted-by":"crossref","unstructured":"Nataraj, L., Karthikeyan, S., Jacob, G., Manjunath, B.S.: Malware images: visualization and automatic classification. In: Proceedings of the 8th International Symposium on Visualization for Cyber Security, VizSec \u201911 (2011)","DOI":"10.1145\/2016904.2016908"},{"key":"506_CR34","unstructured":"Neville, A., Gibb, R.: ZeroAccess Indepth (2013). https:\/\/docs.broadcom.com\/doc\/zeroaccess-indepth-13-en"},{"key":"506_CR35","doi-asserted-by":"crossref","unstructured":"Nguyen, H., Di Troia, F., Ishigaki, G., Stamp, M.: Generative adversarial networks and image-based malware classification (2022). arXiv:2207.00421","DOI":"10.1007\/s11416-023-00465-2"},{"key":"506_CR36","unstructured":"O\u2019Shea, K., Nash, R.: An introduction to convolutional neural networks (2015). arXiv:1511.08458"},{"key":"506_CR37","doi-asserted-by":"crossref","unstructured":"Pascanu, R., Stokes, J.\u00a0W., Sanossian, H., Marinescu, M., Thomas, A.: Malware classification with recurrent networks. In: 2015 IEEE International Conference on Acoustics, Speech and Signal Processing, ICASSP, pp. 1916\u20131920 (2015)","DOI":"10.1109\/ICASSP.2015.7178304"},{"key":"506_CR38","doi-asserted-by":"publisher","first-page":"411","DOI":"10.1007\/978-3-030-62582-5_16","volume-title":"Malware Analysis Using Artificial Intelligence and Deep Learning","author":"P Prajapati","year":"2021","unstructured":"Prajapati, P., Stamp, M.: An empirical analysis of image-based learning techniques for malware classification. In: Stamp, M., Alazab, M., Shalaginov, A. (eds.) Malware Analysis Using Artificial Intelligence and Deep Learning, pp. 411\u2013435. Springer, Berlin (2021)"},{"key":"506_CR39","doi-asserted-by":"crossref","unstructured":"Prokhorov, D.: Echo state networks: appeal and challenges. In: Proceedings. 2005 IEEE International Joint Conference on Neural Networks, vol.\u00a03, pp. 1463\u20131466 (2005)","DOI":"10.1109\/IJCNN.2005.1556091"},{"key":"506_CR40","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1023\/B:AMAI.0000018580.96245.c6","volume":"41","author":"L Raileanu","year":"2004","unstructured":"Raileanu, L., Stoffel, K.: Theoretical comparison between the gini index and information gain criteria. Ann. Math. Artif. Intell. 41, 77\u201393 (2004)","journal-title":"Ann. Math. Artif. Intell."},{"key":"506_CR41","doi-asserted-by":"crossref","unstructured":"Rokach, L., Maimon, O.: Decision trees. In: The Data Mining and Knowledge Discovery Handbook, pp. 165\u2013192. Springer (2005)","DOI":"10.1007\/0-387-25465-X_9"},{"key":"506_CR42","doi-asserted-by":"crossref","unstructured":"Sammut, C., Webb, G.\u00a0I.: TF\u2013IDF. In: Encyclopedia of Machine Learning, pp. 986\u2013987. Springer (2010)","DOI":"10.1007\/978-0-387-30164-8_832"},{"key":"506_CR43","unstructured":"Simonyan, K., Zisserman, A.: Very deep convolutional networks for large-scale image recognition (2015). arXiv:1409.1556"},{"key":"506_CR44","doi-asserted-by":"publisher","first-page":"203","DOI":"10.1007\/s11416-015-0252-0","volume":"12","author":"T Singh","year":"2016","unstructured":"Singh, T., Di Troia, F., Visaggio, C.A., Austin, T., Stamp, M.: Support vector machines and malware detection. J. Comput. Virol. Hack. Tech. 12, 203\u2013212 (2016)","journal-title":"J. Comput. Virol. Hack. Tech."},{"key":"506_CR45","unstructured":"Sonicwall cyber threat report (2023). https:\/\/www.sonicwall.com\/medialibrary\/en\/white-paper\/2023-cyber-threat-report.pdf"},{"key":"506_CR46","unstructured":"Stamp, M.: A revealing introduction to hidden Markov models (2004). https:\/\/www.cs.sjsu.edu\/~stamp\/RUA\/HMM.pdf"},{"key":"506_CR47","doi-asserted-by":"publisher","DOI":"10.1201\/9781003264873","volume-title":"Introduction to Machine Learning with Applications in Information Security","author":"M Stamp","year":"2022","unstructured":"Stamp, M.: Introduction to Machine Learning with Applications in Information Security, 2nd edn. Chapman and Hall\/CRC, Boca Raton (2022)","edition":"2"},{"key":"506_CR48","doi-asserted-by":"crossref","unstructured":"Taheri, R., Ghahramani, M., Javidan, R., Shojafar, M., Pooranian, Z., Conti, M.: Similarity-based android malware detection using hamming distance of static binary features (2019). arXiv:1908.05759","DOI":"10.1016\/j.future.2019.11.034"},{"issue":"1","key":"506_CR49","doi-asserted-by":"publisher","first-page":"37","DOI":"10.1016\/0169-7439(87)80084-9","volume":"2","author":"S Wold","year":"1987","unstructured":"Wold, S., Esbensen, K., Geladi, P.: Principal component analysis. Chemom. Intell. Lab. Syst. 2(1), 37\u201352 (1987)","journal-title":"Chemom. Intell. Lab. Syst."},{"key":"506_CR50","unstructured":"Wolpin, S.: How does antivirus software work? https:\/\/www.usnews.com\/360-reviews\/privacy\/antivirus\/how-does-antivirus-software-work"},{"issue":"3","key":"506_CR51","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1007\/s11416-006-0028-7","volume":"2","author":"W Wong","year":"2006","unstructured":"Wong, W., Stamp, M.: Hunting for metamorphic engines. J. Comput. Virol. 2(3), 211\u2013229 (2006)","journal-title":"J. Comput. Virol."},{"key":"506_CR52","doi-asserted-by":"crossref","unstructured":"Yajamanam, S., Selvin, V. R. S., Di Troia, F., Stamp, M.: Deep learning versus gist descriptors for image-based malware classification. In: Mori, P., Furnell, S., Camp, O. (eds) Proceedings of the 4th International Conference on Information Systems Security and Privacy, ICISSP, pp. 553\u2013561 (2018). http:\/\/www.cs.sjsu.edu\/faculty\/stamp\/papers\/vikash.pdf","DOI":"10.5220\/0006685805530561"},{"key":"506_CR53","doi-asserted-by":"crossref","unstructured":"You, I., Yim, K.: Malware obfuscation techniques: a brief survey. In: Proceedings - 2010 International Conference on Broadband, Wireless Computing Communication and Applications, BWCCA 2010, pp. 297\u2013300 (2010)","DOI":"10.1109\/BWCCA.2010.85"},{"key":"506_CR54","doi-asserted-by":"crossref","unstructured":"Zhao, J., Basole, S., Stamp, M.: Malware classification with GMM-HMM models. In: Mori, P., Lenzini, G., Furnell, S. (eds), Proceedings of the 7th International Conference on Information Systems Security and Privacy, ICISSP, pp. 753\u2013762 (2021). arXiv:2103.02753","DOI":"10.5220\/0010409907530762"},{"key":"506_CR55","unstructured":"ZulaZuza. EngmaSoft: Rootkit.HareBot (2016). https:\/\/www.enigmasoftware.com\/rootkitharebot-removal\/"}],"container-title":["Journal of Computer Virology and Hacking Techniques"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-023-00506-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11416-023-00506-w\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-023-00506-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,10,31]],"date-time":"2024-10-31T14:58:12Z","timestamp":1730386692000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11416-023-00506-w"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,20]]},"references-count":56,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2024,3]]}},"alternative-id":["506"],"URL":"https:\/\/doi.org\/10.1007\/s11416-023-00506-w","relation":{},"ISSN":["2263-8733"],"issn-type":[{"value":"2263-8733","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,10,20]]},"assertion":[{"value":"8 July 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"20 September 2023","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"20 October 2023","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors have no relevant financial or non-financial interests to disclose.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}]}}