{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,24]],"date-time":"2025-11-24T17:23:16Z","timestamp":1764004996109,"version":"3.45.0"},"reference-count":49,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2025,5,8]],"date-time":"2025-05-08T00:00:00Z","timestamp":1746662400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,5,8]],"date-time":"2025-05-08T00:00:00Z","timestamp":1746662400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Comput Virol Hack Tech"],"DOI":"10.1007\/s11416-025-00555-3","type":"journal-article","created":{"date-parts":[[2025,5,8]],"date-time":"2025-05-08T11:03:27Z","timestamp":1746702207000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Optimized feature representation and selection for malware detection using portable executable headers and machine learning"],"prefix":"10.1007","volume":"21","author":[{"given":"Priyanka","family":"Singh","sequence":"first","affiliation":[]},{"given":"Samir Kumar","family":"Borgohain","sequence":"additional","affiliation":[]},{"given":"Jayendra","family":"Kumar","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,5,8]]},"reference":[{"key":"555_CR1","unstructured":"AV-test, Malware record, available at: https:\/\/www.av-test.org\/en\/statistics\/malware\/ (2020)"},{"key":"555_CR2","unstructured":"Kaspersky, Malware attack, available at: https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/cybersecurity-predictions-2021\/38136\/ (2020)"},{"issue":"1","key":"555_CR3","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1016\/0167-4048(87)90122-2","volume":"6","author":"F Cohen","year":"1987","unstructured":"Cohen, F.: Computer viruses: Theory and experiments. Comput. Secur. 6(1), 22\u201335 (1987)","journal-title":"Comput. Secur."},{"issue":"10","key":"555_CR4","doi-asserted-by":"publisher","first-page":"2986","DOI":"10.1109\/TC.2016.2519914","volume":"65","author":"MA Ambusaidi","year":"2016","unstructured":"Ambusaidi, M.A., He, X., Nanda, P., Tan, Z.: Building an Intrusion Detection System Using a Filter-Based Feature Selection Algorithm. IEEE Trans. Comput. 65(10), 2986\u20132998 (2016)","journal-title":"IEEE Trans. Comput."},{"key":"555_CR5","unstructured":"Sikorski, M., Honig, A.: Malware Analysis a Hands-on Guide to Dissecting Malicious Software. no starch press, San Fransisco (2012)"},{"key":"555_CR6","volume-title":"Signature based malware detection is dead","author":"J Scott","year":"2017","unstructured":"Scott, J.: Signature based malware detection is dead. Final report, Institute for Critical Infrastructure Technology (2017)"},{"key":"555_CR7","doi-asserted-by":"publisher","first-page":"279","DOI":"10.1007\/s11416-007-0074-9","volume":"4","author":"G Wagener","year":"2008","unstructured":"Wagener, G., State, R., Dulaunoy, A.: Malware behaviour analysis, in. J. Comput. Virol. 4, 279\u2013287 (2008)","journal-title":"J. Comput. Virol."},{"key":"555_CR8","doi-asserted-by":"crossref","unstructured":"Liu, W., Ke, P.R., Duan, L.H.: Behavior-based malware analysis and detection. In In Proc. Int. Work. Complex. Data Mining. (IWCDM), pp. 39-42 (2011)","DOI":"10.1109\/IWCDM.2011.17"},{"key":"555_CR9","doi-asserted-by":"crossref","unstructured":"Jones, A.F., Carlisle, L., Jason, M.U.: Heuristic malware detection via basic block comparison, in Proc. Int. Conf. Malicious Unwanted Softw.: \"The Americas\" (MALWARE)., (ICMUS-TAM), pp. 11\u201318 (2013)","DOI":"10.1109\/MALWARE.2013.6703680"},{"key":"555_CR10","first-page":"225","volume":"14","author":"AV Kozachok","year":"2018","unstructured":"Kozachok, A.V., Kozachok, V.I.: Malware behaviour analysis, in. J. Comput. Virol. 14, 225\u2013231 (2018)","journal-title":"J. Comput. Virol."},{"key":"555_CR11","doi-asserted-by":"publisher","first-page":"3015","DOI":"10.1002\/sec.1228","volume":"8","author":"M Zakeri","year":"2015","unstructured":"Zakeri, M., Daneshgar, F.F., Abbaspour, M.: A static heuristic approach to detecting malware targets. Secur. Commun. Netw. 8, 3015\u20133027 (2015)","journal-title":"Secur. Commun. Netw."},{"key":"555_CR12","doi-asserted-by":"crossref","unstructured":"Souri, A., Hosseini, R.: A state-of-the-art survey of malware detection approach using data mining techniques, in Souri and Hosseini Hum. Cent. Comput. Inf. Sci. 8(3) (2018)","DOI":"10.1186\/s13673-018-0125-x"},{"key":"555_CR13","doi-asserted-by":"crossref","unstructured":"Mishra, U.: \u201cFinding and Solving Contradictions of False Positives in Virus Scanning,\u201d arXiv preprint arXiv:1306.4652, 2013. [Online]. Available: https:\/\/arxiv.org\/abs\/1306.4652","DOI":"10.2139\/ssrn.2267073"},{"key":"555_CR14","doi-asserted-by":"publisher","unstructured":"Qiao, Q.: Image processing technology based on machine learning. IEEE Consumer Electron. Mag. https:\/\/doi.org\/10.1109\/MCE.2022.3150659","DOI":"10.1109\/MCE.2022.3150659"},{"key":"555_CR15","doi-asserted-by":"publisher","DOI":"10.1109\/JBHI.2022.3149288","author":"MN Hossen","year":"2022","unstructured":"Hossen, M.N., Panneerselvam, V., Koundal, D., Ahmed, K., Bui, F.M., Ibrahim, S.M.: Federated machine learning for detection of skin diseases and enhancement of internet of medical things (IoMT) security. IEEE J. Biomed. Health Inform. (2022). https:\/\/doi.org\/10.1109\/JBHI.2022.3149288","journal-title":"IEEE J. Biomed. Health Inform."},{"key":"555_CR16","doi-asserted-by":"publisher","DOI":"10.1109\/OJEMB.2022.3143688","author":"M Husain","year":"2022","unstructured":"Husain, M., et al.: Artificial intelligence for detecting COVID-19 with the aid of human cough, breathing and speech signals: scoping review. IEEE Open J. Eng. Med. Biol. (2022). https:\/\/doi.org\/10.1109\/OJEMB.2022.3143688","journal-title":"IEEE Open J. Eng. Med. Biol."},{"issue":"1","key":"555_CR17","first-page":"431","volume":"79","author":"K Ajay","year":"2018","unstructured":"Ajay, K., Jaidhar, C.D.: Automated multi-level malware detection system based on reconstructed semantic view of executables using machine learning techniques at VMM. Fut. Gener. Comput. Syst. 79(1), 431\u2013446 (2018)","journal-title":"Fut. Gener. Comput. Syst."},{"key":"555_CR18","doi-asserted-by":"publisher","DOI":"10.1002\/cpe.6992","author":"P Singh","year":"2022","unstructured":"Singh, P., Borgohain, S.K., Sharma, L.D., Kumar, J.: Minimized feature overhead malware detection machine learning model employing MRMR-based ranking. Currency Comput. Pract. Exper. (2022). https:\/\/doi.org\/10.1002\/cpe.6992","journal-title":"Currency Comput. Pract. Exper."},{"key":"555_CR19","doi-asserted-by":"publisher","unstructured":"Han, H., Lim, S., Suh, K., Park, S., Cho, S.-j., Park, M.: Enhanced android malware detection: an SVM-based machine learning approach. In: 2020 IEEE international conference on big data and smart computing (BigComp), pp. 75-81, (2020) https:\/\/doi.org\/10.1109\/BigComp48618.2020.00-96","DOI":"10.1109\/BigComp48618.2020.00-96"},{"key":"555_CR20","unstructured":"Matthew, S.G., Eleazar, E., Erez, Z., Salvatore, S.J.: Data mining methods for detection of new malicious executables. In: Proc. IEEE Symp. Secur. Priv. pp. 38 (2002)"},{"key":"555_CR21","doi-asserted-by":"crossref","unstructured":"Amin, M., Tanveer, T.A., Tehseen, M., Khan, M., Khan, F. A., Anwar, S.: Static malware detection and attribution in android byte-code through an end-to-end deep system. Fut. Gener. Comput. Syst. pp. 112\u2013126 (2020)","DOI":"10.1016\/j.future.2019.07.070"},{"key":"555_CR22","volume-title":"Computer Networks and Intelligent Computing: Byte Level n-Gram Analysis for Malware Detection","author":"S Jain","year":"2011","unstructured":"Jain, S., Meena, Y.K.: Computer Networks and Intelligent Computing: Byte Level n-Gram Analysis for Malware Detection. Springer, Berlin, Heidelberg (2011)"},{"key":"555_CR23","unstructured":"Zhang, F., Zhao, T.: Malware detection and classification based on N-grams attribute similarity. In: Proc. IEEE Int. Conf. Comput. Sci. Eng. (CSE) and IEEE Int. Conf. Embedded Ubiquitous Comput. (EUC). pp. 793\u2013796 (2017)"},{"key":"555_CR24","doi-asserted-by":"publisher","DOI":"10.3390\/electronics9111777","author":"M Ali","year":"2020","unstructured":"Ali, M., Shiaeles, S., Bendiab, G., Ghita, B.: MALGRA: machine learning and N-gram malware feature extraction and detection system. Electronics (2020). https:\/\/doi.org\/10.3390\/electronics9111777","journal-title":"Electronics"},{"key":"555_CR25","doi-asserted-by":"publisher","first-page":"314","DOI":"10.1016\/j.future.2021.06.032","volume":"125","author":"D Abdulbasit","year":"2021","unstructured":"Abdulbasit, D., Jemal, A., Aaisha, M., Asma, A., Sultan, A.: Visualization and deep-learning-based malware variant detection using OpCode-level features. Fut. Gener. Comput. Syst. 125, 314\u2013323 (2021)","journal-title":"Fut. Gener. Comput. Syst."},{"key":"555_CR26","doi-asserted-by":"publisher","DOI":"10.1186\/2190-8532-1-1","volume-title":"Detecting unknown malicious code by applying classification techniques on OpCode patterns","author":"A Shabtai","year":"2012","unstructured":"Shabtai, A., Moskovitch, R., Feher, C., Dolev, S., Elovici, Y.: Detecting unknown malicious code by applying classification techniques on OpCode patterns. Secur, Inf (2012)"},{"issue":"1","key":"555_CR27","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1016\/j.istr.2009.03.003","volume":"14","author":"A Shabtai","year":"2009","unstructured":"Shabtai, A., Moskovitch, R., Elovici, Y., Glezer, C.: Detection of malicious code by applying machine learning classifiers on static features: A state-of-the-art survey. Inf. Secur. Tech. Rep. 14(1), 16\u201329 (2009)","journal-title":"Inf. Secur. Tech. Rep."},{"key":"555_CR28","doi-asserted-by":"publisher","DOI":"10.1016\/j.asoc.2022.108744","author":"MS Abbasi","year":"2022","unstructured":"Abbasi, M.S., Al-Sahaf, H., Mansoori, M., Welch, I.: Behavior-based ransomware classification: a particle swarm optimization wrapper-based approach for feature selection. Appl. Soft Comput. (2022). https:\/\/doi.org\/10.1016\/j.asoc.2022.108744","journal-title":"Appl. Soft Comput."},{"key":"555_CR29","doi-asserted-by":"publisher","DOI":"10.1016\/j.micpro.2020.103115","volume":"76","author":"DV Priya","year":"2020","unstructured":"Priya, D.V., Visalakshi, P.: Detecting android malware using an improved filter based technique in embedded software. Microprocess Microsyst. 76, 103115 (2020)","journal-title":"Microprocess Microsyst."},{"key":"555_CR30","doi-asserted-by":"crossref","unstructured":"Shamsul, H., Jemal, A., Mamoun, A., Mali, A., RafiqulI, I., John, Y.: Hybrids of support vector machine wrapper and filter based framework for malware detection. Fut. Gener. Comput. Syst. 55, 376\u2013390 (2016)","DOI":"10.1016\/j.future.2014.06.001"},{"key":"555_CR31","doi-asserted-by":"publisher","first-page":"420","DOI":"10.1016\/j.ins.2020.08.082","volume":"546","author":"Y Suyeon","year":"2021","unstructured":"Suyeon, Y., Sungjin, K., Seungjae, K., Kang, B.B.: Advanced hybrid approach using random forest and deep learning for malware classification. Inf. Sci. 546, 420\u2013435 (2021)","journal-title":"Inf. Sci."},{"key":"555_CR32","doi-asserted-by":"publisher","first-page":"1336","DOI":"10.1631\/FITEE.1601325","volume":"18","author":"L Liu","year":"2017","unstructured":"Liu, L., Wang, B., Yu, B., Zhong, Q.: Automatic malware classification and new malware detection using machine learning. Front. Inf. Technol. Electronic Eng. 18, 1336\u20131347 (2017)","journal-title":"Front. Inf. Technol. Electronic Eng."},{"key":"555_CR33","doi-asserted-by":"publisher","unstructured":"Bhat, P., Dutta, K.: A multi-tiered feature selection model for android malware detection based on Feature discrimination and Information Gain. J. King Saud Univ. Comput. Inf. Sci. (2021). https:\/\/doi.org\/10.1016\/j.jksuci.2021.11.004","DOI":"10.1016\/j.jksuci.2021.11.004"},{"key":"555_CR34","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-021-00414-x","author":"F Manavi","year":"2022","unstructured":"Manavi, F., Hamzeh, A.: A novel approach for ransomware detection based on PE header using graph embedding. J. Comput. Virol. Hack Tech. (2022). https:\/\/doi.org\/10.1007\/s11416-021-00414-x","journal-title":"J. Comput. Virol. Hack Tech."},{"key":"555_CR35","doi-asserted-by":"publisher","DOI":"10.1016\/j.iot.2022.100521","author":"M Mimura","year":"2022","unstructured":"Mimura, M.: Evaluation of printable character-based malicious PE file-detection method. Internet of Things (2022). https:\/\/doi.org\/10.1016\/j.iot.2022.100521","journal-title":"Internet of Things"},{"key":"555_CR36","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1023\/A:1008280620621","volume":"7","author":"K Igor","year":"1997","unstructured":"Igor, K., Edvard, S., Marko, S.R.: Overcoming the myopia of inductive learning algorithms with Relief-F. Appl. Intell. 7, 39\u201355 (1997)","journal-title":"Appl. Intell."},{"key":"555_CR37","unstructured":"AV-Test, \u201cTest results for Windows home user antivirus software,\u201d AV-Test Institute (2022). [Online]. Available: https:\/\/www.av-test.org\/en\/antivirus\/home-windows\/"},{"key":"555_CR38","unstructured":"AV-Comparatives, \u201cSummary Report 2023,\u201d AV-Comparatives, Innsbruck, Austria, (2023). [Online]. Available: https:\/\/www.av-comparatives.org\/"},{"key":"555_CR39","unstructured":"GitHub. Benchmark dataset (2020). https:\/\/github.com\/"},{"key":"555_CR40","doi-asserted-by":"crossref","unstructured":"Urbanowicz, R.J., Meeker, M., La Cava, W., Olson, R.S., Moore, J.H.: Relief-based feature selection: introduction and review. J. Biomed. Inform. 85, 189\u2013203 (2018)","DOI":"10.1016\/j.jbi.2018.07.014"},{"key":"555_CR41","doi-asserted-by":"crossref","unstructured":"Chandrashekar, G., Sahin, F.: A survey on feature selection methods. Comput. Electr. Eng. 40(1), 16\u201328 (2014)","DOI":"10.1016\/j.compeleceng.2013.11.024"},{"key":"555_CR42","doi-asserted-by":"crossref","unstructured":"Shamsul, H., Jemal, A., Mamoun, A., Mali, A., Rafiqul, I., John, Y.: Hybrids of support vector machine wrapper and filter based framework for malware detection. Futur. Gener. Comput. Syst. 55, 376\u2013390 (2016)","DOI":"10.1016\/j.future.2014.06.001"},{"key":"555_CR43","doi-asserted-by":"publisher","DOI":"10.1016\/j.asoc.2022.108744","volume":"121","author":"MS Abbasi","year":"2022","unstructured":"Abbasi, M.S., Al-Sahaf, H., Mansoori, M., Welch, I.: Behavior-based ransomware classification: A particle swarm optimization wrapper-based approach for feature selection. Appl. Soft Comput. 121, 108744 (2022). https:\/\/doi.org\/10.1016\/j.asoc.2022.108744","journal-title":"Appl. Soft Comput."},{"key":"555_CR44","doi-asserted-by":"crossref","unstructured":"Ajay, K., Jaidhar, C.D.: Automated multi-level malware detection system based on reconstructed semantic view of executables using machine learning techniques at VMM. Futur. Gener. Comput. Syst. 79, 431\u2013446 (2018)","DOI":"10.1016\/j.future.2017.06.002"},{"key":"555_CR45","doi-asserted-by":"publisher","first-page":"23","DOI":"10.1023\/A:1025667309714","volume":"53","author":"SR Marko","year":"2003","unstructured":"Marko, S.R., Igor, K.: Theoretical and empirical analysis of reliefF and RReliefF. Mach. Learn. 53, 23\u201369 (2003)","journal-title":"Mach. Learn."},{"issue":"1","key":"555_CR46","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1016\/j.compeleceng.2013.11.024","volume":"40","author":"G Chandrashekar","year":"2014","unstructured":"Chandrashekar, G., Sahinn, F.: A survey on feature selection methods. Comput. Electr. Eng. 40(1), 16\u201328 (2014)","journal-title":"Comput. Electr. Eng."},{"key":"555_CR47","doi-asserted-by":"crossref","unstructured":"jundong, L., Kewei, C., Suhang, W., Fred, M., Robert, T.P., Jiliang, T., Huan, L.: Feature selection: a data perspective. ACM Comput. Surv. 50(6), 94 (2017)","DOI":"10.1145\/3136625"},{"key":"555_CR48","doi-asserted-by":"publisher","first-page":"189","DOI":"10.1016\/j.jbi.2018.07.014","volume":"85","author":"RJ Urbanowicz","year":"2018","unstructured":"Urbanowicz, R.J., Meeker, M., Cava, W.L., Olson, R.S., Moore, J.H.: Introduction and review: relief-based feature selection. J. Biomed. Inform. 85, 189\u2013203 (2018)","journal-title":"J. Biomed. Inform."},{"key":"555_CR49","unstructured":"GitHub, Benchmark Dataset, available at: https:\/\/github.com\/ (2020)"}],"container-title":["Journal of Computer Virology and Hacking Techniques"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-025-00555-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11416-025-00555-3\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-025-00555-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,24]],"date-time":"2025-11-24T17:20:27Z","timestamp":1764004827000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11416-025-00555-3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,5,8]]},"references-count":49,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2025,12]]}},"alternative-id":["555"],"URL":"https:\/\/doi.org\/10.1007\/s11416-025-00555-3","relation":{},"ISSN":["2263-8733"],"issn-type":[{"type":"electronic","value":"2263-8733"}],"subject":[],"published":{"date-parts":[[2025,5,8]]},"assertion":[{"value":"30 January 2025","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"7 April 2025","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"8 May 2025","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"Authors has no Conflict of interest\/Conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}],"article-number":"10"}}