{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,10]],"date-time":"2026-06-10T16:54:44Z","timestamp":1781110484172,"version":"3.54.1"},"reference-count":200,"publisher":"Springer Science and Business Media LLC","issue":"10","license":[{"start":{"date-parts":[[2019,1,4]],"date-time":"2019-01-04T00:00:00Z","timestamp":1546560000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"funder":[{"DOI":"10.13039\/501100003176","name":"Ministerio de Educaci\u00f3n, Cultura y Deporte","doi-asserted-by":"publisher","award":["FPU 12\/02283"],"award-info":[{"award-number":["FPU 12\/02283"]}],"id":[{"id":"10.13039\/501100003176","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100010198","name":"Ministerio de Econom\u00eda, Industria y Competitividad, Gobierno de Espa\u00f1a","doi-asserted-by":"crossref","award":["TIN2016-76770-R"],"award-info":[{"award-number":["TIN2016-76770-R"]}],"id":[{"id":"10.13039\/501100010198","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Mach. Learn. & Cyber."],"published-print":{"date-parts":[[2019,10]]},"DOI":"10.1007\/s13042-018-00906-1","type":"journal-article","created":{"date-parts":[[2019,1,4]],"date-time":"2019-01-04T11:13:13Z","timestamp":1546600393000},"page":"2823-2836","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":166,"title":["Review: machine learning techniques applied to cybersecurity"],"prefix":"10.1007","volume":"10","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6359-895X","authenticated-orcid":false,"given":"Javier","family":"Mart\u00ednez Torres","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Carla","family":"Iglesias Comesa\u00f1a","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Paulino J.","family":"Garc\u00eda-Nieto","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2019,1,4]]},"reference":[{"key":"906_CR1","unstructured":"International Telecommunication Union (2014) The world in 2014: ICT Facts and figures. Technical report"},{"key":"906_CR2","unstructured":"Klimburg A (ed) (2012) National cyber security framework manual. NATO CCD COE Publication"},{"key":"906_CR3","first-page":"2721","volume":"7","author":"JZ Kolter","year":"2006","unstructured":"Kolter JZ, Maloof MA (2006) Learning to detect and classify malicious executables in the wild. J Mach Learn Res 7:2721\u20132744","journal-title":"J Mach Learn Res"},{"issue":"6","key":"906_CR4","doi-asserted-by":"crossref","first-page":"983","DOI":"10.3844\/jcssp.2012.983.986","volume":"8","author":"A Almomani","year":"2012","unstructured":"Almomani A, Altaher A, Ramadass S (2012) Application of adaptive neuro-fuzzy inference system for information security. J Comput Sci 8(6):983\u2013986","journal-title":"J Comput Sci"},{"issue":"10\u201311","key":"906_CR5","doi-asserted-by":"crossref","first-page":"706","DOI":"10.1016\/j.telpol.2009.09.001","volume":"33","author":"JM Bauer","year":"2009","unstructured":"Bauer JM, van Eeten MJG (2009) Cybersecurity: stakeholder incentives, externalities, and policy options. Telecommun Policy 33(10\u201311):706\u2013719","journal-title":"Telecommun Policy"},{"key":"906_CR6","volume-title":"Auditing using vulnerability tools to identify today\u2019s threats business performance","author":"C V\u00e1zquez","year":"2014","unstructured":"V\u00e1zquez C (2014) Auditing using vulnerability tools to identify today\u2019s threats business performance. SANS Institute, Fredericksburg"},{"key":"906_CR7","doi-asserted-by":"crossref","first-page":"43","DOI":"10.1016\/j.simpat.2016.09.007","volume":"73","author":"A Parise Furfaro","year":"2017","unstructured":"Parise Furfaro A (2017) Using virtual environments for the assessment of cybersecurity issues in IoT scenarios. Simul Model Pract Theory 73:43\u201354","journal-title":"Simul Model Pract Theory"},{"key":"906_CR8","first-page":"1","volume":"9","author":"T Hashemi Khorshidpour","year":"2017","unstructured":"Hashemi Khorshidpour T (2017) Domain invariant feature extraction against evasion attack. Int J Mach Learn Cybern 9:1\u201312","journal-title":"Int J Mach Learn Cybern"},{"key":"906_CR9","doi-asserted-by":"crossref","first-page":"126","DOI":"10.1016\/j.enpol.2013.10.025","volume":"65","author":"VA Kumar","year":"2014","unstructured":"Kumar VA, Pandey KK, Punia DK (2014) Cyber security threats in the power sector: Need for a domain specific regulatory framework in India. Energy Policy 65:126\u2013133","journal-title":"Energy Policy"},{"key":"906_CR10","unstructured":"North Atlantic Treaty Organization (NATO) (2008) Bucharest summit declaration. Issued by the Heads of State and Government participating in the meeting of the North Atlantic Council in Bucharest on 3 April 2008"},{"key":"906_CR11","doi-asserted-by":"crossref","unstructured":"Barat M, Bogdan D, P, Gavrilut DT (2013) An automatic updating perceptron-based system for malware detection. In: IEEE 2013 15th international symposium on symbolic and numeric algorithms for scientific computing, pp 303\u2013307","DOI":"10.1109\/SYNASC.2013.47"},{"key":"906_CR12","unstructured":"Bauer JM, Van Eeten M, Chattopadhyay T, Wu Y (2008) Financial implications of network security: malware and spam. Technical report, report for the international telecommunication union (ITU), Geneva (Switzerland)"},{"key":"906_CR13","unstructured":"International Organization for Standardization (2012) ISO\/IEC 27032:2012. Information technology\u2014Security techniques\u2014Guidelines for cybersecurity"},{"key":"906_CR14","unstructured":"Fischer EA (2005) Creating a national framework for cybersecurity: an analysis of issues and options. Technical report. Congressional Research Service"},{"key":"906_CR15","unstructured":"The Open Web Application Security Project (OWASP) (2018) https:\/\/www.swascan.com\/owasp\/"},{"key":"906_CR16","unstructured":"The Open Web Application Security Project (2013) OWASP Top 10\u2014the ten most critical web application security risks. The OWASP Foundation"},{"key":"906_CR17","unstructured":"Microsoft Security Development Lifecycle (2018) https:\/\/www.microsoft.com\/enus\/securityengineering\/sdl\/"},{"issue":"4","key":"906_CR18","doi-asserted-by":"crossref","first-page":"205","DOI":"10.1007\/s11416-013-0188-1","volume":"9","author":"C Vatamanu","year":"2013","unstructured":"Vatamanu C, Gavrilu\u0163 D, Benchea R-M (2013) Building a practical and reliable classifier for malware detection. J Comput Virol Hacking Tech 9(4):205\u2013214","journal-title":"J Comput Virol Hacking Tech"},{"key":"906_CR19","doi-asserted-by":"crossref","unstructured":"Gavrilut D, Benchea R, Vatamanu C (September 2012) Optimized zero false positives perceptron training for malware detection. In: IEEE 2012 14th international symposium on symbolic and numeric algorithms for scientific computing, pp 247\u2013253","DOI":"10.1109\/SYNASC.2012.34"},{"key":"906_CR20","doi-asserted-by":"crossref","unstructured":"Gavrilut D, Benchea R, Vatamanu C (2012) Practical optimizations for perceptron algorithms in large malware dataset. In: IEEE 2012 14th international symposium on symbolic and numeric algorithms for scientific computing, pp 240\u2013246","DOI":"10.1109\/SYNASC.2012.33"},{"key":"906_CR21","doi-asserted-by":"crossref","first-page":"488","DOI":"10.1016\/j.ins.2014.03.066","volume":"278","author":"K Singh","year":"2014","unstructured":"Singh K, Guntuku SC, Thakur A, Hota C (2014) Big data analytics framework for peer-to-peer botnet detection using random forests. Inf Sci 278:488\u2013497","journal-title":"Inf Sci"},{"key":"906_CR22","doi-asserted-by":"crossref","first-page":"92","DOI":"10.1016\/j.cose.2014.01.006","volume":"42","author":"K Goseva-Popstojanova","year":"2014","unstructured":"Goseva-Popstojanova K, Anastasovski G, Dimitrijevikj A, Pantev R, Miller B (2014) Characterization and classification of malicious web traffic. Comput Secur 42:92\u2013115","journal-title":"Comput Secur"},{"issue":"5","key":"906_CR23","doi-asserted-by":"crossref","first-page":"382","DOI":"10.1108\/09685221211286548","volume":"20","author":"S Purkait","year":"2012","unstructured":"Purkait S (2012) Phishing counter measures and their effectiveness: literature review. Inf Manag Comput Secur 20(5):382\u2013420","journal-title":"Inf Manag Comput Secur"},{"key":"906_CR24","unstructured":"Ceesay EN (2008) Mitigating phishing attacks: a detection, response and evaluation framework. Ph.D. thesis, University of California"},{"key":"906_CR25","unstructured":"Nappa D, Wang X, Abu-Nimeh S, Nair S (2007) A comparison of machine learning techniques for phishing detection. In: Proceedings of the anti-phishing working groups 2nd annual eCrime researchers summit on\u2014eCrime \u201907, pp 60\u201369"},{"key":"906_CR26","unstructured":"MacQueen JB (1967) Some methods for classification and analysis of multivariate observations. In: pp 281\u2013297"},{"key":"906_CR27","doi-asserted-by":"crossref","first-page":"59","DOI":"10.1007\/BF00337288","volume":"43","author":"T Kohonen","year":"1982","unstructured":"Kohonen T (1982) Self-organizating formation of topologically correct feature maps. Biol Cybern 43:59\u201369","journal-title":"Biol Cybern"},{"key":"906_CR28","volume-title":"Hierarchical classification","author":"AD Gordon","year":"1992","unstructured":"Gordon AD (1992) Hierarchical classification. World Scientific Press, Singapore"},{"key":"906_CR29","unstructured":"Albayrak S, Amasyali F (2003) Fuzzy c-means clustering on medical diagnostic systems. In: International twelfth Turkish symposium on artificial intelligence and neural networks (TAINN), pp 1\u20133"},{"key":"906_CR30","unstructured":"Bradley PS, Fayad UM (1998) Refining initial points for k-means clustering. In: Proceedings of the 15th conference on machine learning, Wisconsin, pp 91\u201399"},{"key":"906_CR31","volume-title":"Neural netowrks. A comprehensive foundation","author":"S Haykin","year":"1999","unstructured":"Haykin S (1999) Neural netowrks. A comprehensive foundation. Prentice Hall, Upper Saddle River"},{"key":"906_CR32","first-page":"81","volume":"1","author":"JR Quinlan","year":"1986","unstructured":"Quinlan JR (1986) Induction on decision trees. Mach Learn 1:81\u2013106","journal-title":"Mach Learn"},{"key":"906_CR33","volume-title":"C4.5: programas for machine learning","author":"JR Quinlan","year":"1993","unstructured":"Quinlan JR (1993) C4.5: programas for machine learning. Morgan Kaufmann, Burlington"},{"key":"906_CR34","volume-title":"Classification and regression trees","author":"L Breiman","year":"1984","unstructured":"Breiman L, Friedman J (1984) Classification and regression trees. Wadsworth, Belmont"},{"key":"906_CR35","volume-title":"Learning from data: concepts, theory and methods","author":"V Cherkassky","year":"1998","unstructured":"Cherkassky V, Mulier F (1998) Learning from data: concepts, theory and methods. Wiley, Berlin"},{"key":"906_CR36","doi-asserted-by":"crossref","unstructured":"Vorobeva A (2017) Influence of features discretization on accuracy of random forest classifier for web user identification. In: Conference of open innovation association, FRUCT","DOI":"10.23919\/FRUCT.2017.8071354"},{"key":"906_CR37","doi-asserted-by":"crossref","unstructured":"Miller S, Busby-Earle C (2017) Multi-perspective machine learning a classifier ensemble method for intrusion detection. In: ICMLSC \u201917 proceedings of the 2017 international conference on machine learning and soft computing, pp 7\u201312","DOI":"10.1145\/3036290.3036303"},{"issue":"1","key":"906_CR38","doi-asserted-by":"crossref","first-page":"99","DOI":"10.1093\/cybsec\/tyw011","volume":"2","author":"S He","year":"2016","unstructured":"He S, Lee G, Han S, Whinston A (2016) How would information disclosure influence organizations\u2019 outbound spam volume? Evidence from a field experiment. J Cybersecur 2(1):99\u2013118","journal-title":"J Cybersecur"},{"key":"906_CR39","volume-title":"Estimation of dependences based on empirical data","author":"V Vapnik","year":"1982","unstructured":"Vapnik V (1982) Estimation of dependences based on empirical data. Springer, Berlin"},{"key":"906_CR40","volume-title":"Support vector regression machines","author":"H Drucker","year":"1997","unstructured":"Drucker H, Burges C, Kaufman L, Smola A, Vapnik V (1997) Support vector regression machines. MIT Press, Cambridge"},{"key":"906_CR41","unstructured":"Osuna E, Freund R, Girosi F (1997) An improved training algorithm for support vector machines, In: Proceedings of the 1997 IEEE signal processing society workshop, Amelia Island, Florida, USA, pp 1\u201310"},{"key":"906_CR42","volume-title":"Machine large-scale SVM learning practical","author":"T Joachims","year":"1999","unstructured":"Joachims T (1999) Machine large-scale SVM learning practical. MIT Press, Cambridge"},{"key":"906_CR43","unstructured":"Kyriakopoulos Ghanem A (2017) Support vector machine for network intrusion and cyber-attack detection. Sensor Signal Processing for Defence Conference (SSPD2017) 38\u201341"},{"key":"906_CR44","volume-title":"Statistical learning theory","author":"V Vapnik","year":"1998","unstructured":"Vapnik V (1998) Statistical learning theory. Wiley, Berlin"},{"key":"906_CR45","doi-asserted-by":"crossref","first-page":"115","DOI":"10.1007\/BF02478259","volume":"5","author":"WS MacCulloch","year":"1943","unstructured":"MacCulloch WS, Pitts WS (1943) A logical calculus of the ideas immanent in nervous activity. Bull Math Biophys 5:115\u2013133","journal-title":"Bull Math Biophys"},{"key":"906_CR46","unstructured":"Dua S, Du X (2011) Data mining and machine learning in cybersecurity. Auerbach Publications, Taylor & Francis Group, Boca Raton, FL, USA"},{"key":"906_CR47","doi-asserted-by":"crossref","first-page":"141","DOI":"10.1162\/neco.1992.4.2.141","volume":"4","author":"R Battiti","year":"1992","unstructured":"Battiti R (1992) First and second-order methods for learning: between steepset descent and newton method. Neural Comput 4:141\u2013166","journal-title":"Neural Comput"},{"key":"906_CR48","doi-asserted-by":"crossref","DOI":"10.1093\/oso\/9780198538493.001.0001","volume-title":"Neural networks and pattern recognition","author":"CM Bishop","year":"1995","unstructured":"Bishop CM (1995) Neural networks and pattern recognition. Oxford University Press, Oxford"},{"key":"906_CR49","unstructured":"Nguyen D, Widrow B (1990) Improving the learning speed of 2-layer neural network by choosing initial values of the adaptative weights. In: International joint conference on neural networks (IJCNN). IEEE, San Diego, pp 21\u201326"},{"key":"906_CR50","doi-asserted-by":"crossref","first-page":"703","DOI":"10.1109\/TCYB.2017.2653223","volume":"48","author":"X-Z Wang","year":"2018","unstructured":"Wang X-Z, Wang R, Xu C (2018) Discovering the relationship between generalization and uncertainty by incorporating complexity of classification. IEEE Trans Cybern 48:703\u2013715","journal-title":"IEEE Trans Cybern"},{"key":"906_CR51","doi-asserted-by":"crossref","first-page":"1460","DOI":"10.1109\/TFUZZ.2017.2717803","volume":"25","author":"R Wang","year":"2017","unstructured":"Wang R, Wang X-Z, Kwong S, Xu C (2017) Incorporating diversity and informativeness in multiple-instance active learning. IEEE Trans Fuzzy Syst 25:1460\u20131475","journal-title":"IEEE Trans Fuzzy Syst"},{"key":"906_CR52","doi-asserted-by":"crossref","first-page":"484","DOI":"10.1016\/j.ins.2016.04.019","volume":"378","author":"R Ashfaq","year":"2017","unstructured":"Ashfaq R, Wang X-Z, Huang J, Abbas H, He Y-L (2017) Fuzziness based semi-supervised learning approach for intrusion detection system. Inf Sci 378:484\u2013497","journal-title":"Inf Sci"},{"key":"906_CR53","doi-asserted-by":"crossref","first-page":"1638","DOI":"10.1109\/TFUZZ.2014.2371479","volume":"23","author":"X-Z Wang","year":"2017","unstructured":"Wang X-Z, Xing H-J, Li Y, Hua Q, Dong CR, Pedrycz W (2017) A study on relationship between generalization abilities and fuzziness of base classifiers in ensemble learning. IEEE Trans Fuzzy Syst 23:1638\u20131654","journal-title":"IEEE Trans Fuzzy Syst"},{"issue":"7553","key":"906_CR54","doi-asserted-by":"crossref","first-page":"436","DOI":"10.1038\/nature14539","volume":"521","author":"Y Lecun","year":"2015","unstructured":"Lecun Y, Bengio Y, Hinton G (2015) Deep learning. Nature 521(7553):436\u2013444","journal-title":"Nature"},{"issue":"6","key":"906_CR55","doi-asserted-by":"crossref","first-page":"7700","DOI":"10.1109\/ACCESS.2018.2803446","volume":"6","author":"L Fernandez\u00a0Maimo","year":"2018","unstructured":"Fernandez\u00a0Maimo L, Perales\u00a0Gomez AL, Garcia\u00a0Clemente FJ, Gil\u00a0Perez M, Martinez\u00a0Perez. G (2018) A self-adaptive deep learning-based system for anomaly detection in 5G networks. IEEE Access 6(6):7700\u20137712","journal-title":"IEEE Access"},{"issue":"2","key":"906_CR56","doi-asserted-by":"crossref","first-page":"169","DOI":"10.1109\/MCOM.2018.1700332","volume":"56","author":"A Abeshu","year":"2018","unstructured":"Abeshu A, Chilamkurti N (2018) Deep learning: the frontier for distributed attack detection in fog-to-things computing. IEEE Commun Mag 56(2):169\u2013175","journal-title":"IEEE Commun Mag"},{"key":"906_CR57","first-page":"70","volume":"2017","author":"TM Kebede","year":"2017","unstructured":"Kebede TM, Djaneye-Boundjou O, Narayanan BN, Ralescu A, Kapp D (2017) Classification of malware programs using autoencoders based deep learning architecture and its application to the microsoft malware classification challenge (big 2015) dataset. Proc IEEE Natl Aerosp Electron Conf NAECON 2017:70\u201375","journal-title":"Proc IEEE Natl Aerosp Electron Conf NAECON"},{"key":"906_CR58","doi-asserted-by":"crossref","first-page":"35365","DOI":"10.1109\/ACCESS.2018.2836950","volume":"6","author":"Y Xin","year":"2018","unstructured":"Xin Y, Kong L, Liu Z, Chen Y, Li Y, Zhu H, Gao M, Hou H, Wang C (2018) Machine learning and deep learning methods for cybersecurity. IEEE Access 6:35365\u201335381","journal-title":"IEEE Access"},{"issue":"1","key":"906_CR59","doi-asserted-by":"crossref","first-page":"324","DOI":"10.1016\/j.jnca.2012.05.009","volume":"36","author":"R Islam","year":"2013","unstructured":"Islam R, Abawajy J (2013) A multi-tier phishing detection and filtering approach. J Netw Comput Appl 36(1):324\u2013335","journal-title":"J Netw Comput Appl"},{"issue":"4","key":"906_CR60","doi-asserted-by":"crossref","first-page":"2070","DOI":"10.1109\/SURV.2013.030713.00020","volume":"15","author":"A Almomani","year":"2013","unstructured":"Almomani A, Gupta BB, Atawneh S, Meulenberg A, Almomani E (2013) A survey of phishing email filtering techniques. IEEE Commun Surv Tutor 15(4):2070\u20132090","journal-title":"IEEE Commun Surv Tutor"},{"issue":"5","key":"906_CR61","doi-asserted-by":"crossref","first-page":"1048","DOI":"10.1109\/72.788645","volume":"10","author":"H Drucker","year":"1999","unstructured":"Drucker H, Wu D, Vapnik VN (1999) Support vector machines for spam categorization. IEEE Trans Neural Netw Publ IEEE Neural Netw Counc 10(5):1048\u201354","journal-title":"IEEE Trans Neural Netw Publ IEEE Neural Netw Counc"},{"issue":"10","key":"906_CR62","doi-asserted-by":"crossref","first-page":"94","DOI":"10.1145\/1290958.1290968","volume":"50","author":"TN Jagatic","year":"2007","unstructured":"Jagatic TN, Johnson NA, Jakobsson M, Menczer F (2007) Social phishing. Commun ACM 50(10):94\u2013100","journal-title":"Commun ACM"},{"key":"906_CR63","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.cosrev.2015.04.001","volume":"17","author":"RM Mohammad","year":"2015","unstructured":"Mohammad RM, Thabtah F, McCluskey L (2015) Tutorial and critical analysis of phishing websites methods. Comput Sci Rev 17:1\u201324","journal-title":"Comput Sci Rev"},{"issue":"8","key":"906_CR64","doi-asserted-by":"crossref","first-page":"74","DOI":"10.1145\/280324.280336","volume":"41","author":"LF Cranor","year":"1998","unstructured":"Cranor LF, Lamacchia BA (1998) Spam!. Commun ACM 41(8):74\u201383","journal-title":"Commun ACM"},{"key":"906_CR65","unstructured":"SANS Institute. Top 15 Malicious Spyware Actions (2018) https:\/\/www.sans.org\/security-resources\/"},{"issue":"5","key":"906_CR66","first-page":"767","volume":"13","author":"SC Kim","year":"2012","unstructured":"Kim SC, Lee SW, Sung KJ, Kim SK (2012) Splog detection usingstructural similarity between posts and URL biasedness in posts. J Internet Technol 13(5):767\u2013772","journal-title":"J Internet Technol"},{"issue":"2","key":"906_CR67","doi-asserted-by":"crossref","first-page":"246","DOI":"10.1016\/j.ipm.2010.03.006","volume":"47","author":"L Zhu","year":"2011","unstructured":"Zhu L, Sun A, Choi B (2011) Detecting spam blogs from blog search results. Inf Process Manag 47(2):246\u2013262","journal-title":"Inf Process Manag"},{"key":"906_CR68","doi-asserted-by":"crossref","first-page":"79","DOI":"10.1016\/j.cose.2014.07.006","volume":"46","author":"M Luckner","year":"2014","unstructured":"Luckner M, Gad M, Sobkowiak P (2014) Stable web spam detection using features based on lexical items. Comput Secur 46:79\u201393","journal-title":"Comput Secur"},{"issue":"11","key":"906_CR69","doi-asserted-by":"crossref","first-page":"2906","DOI":"10.1016\/j.jss.2013.07.007","volume":"86","author":"VM Prieto","year":"2013","unstructured":"Prieto VM, \u00c1lvarez M, Cacheda F (2013) SAAD, a content based web spam analyzer and detector. J Syst Softw 86(11):2906\u20132918","journal-title":"J Syst Softw"},{"key":"906_CR70","doi-asserted-by":"crossref","first-page":"78","DOI":"10.1016\/j.neunet.2013.07.007","volume":"48","author":"F Scarselli","year":"2013","unstructured":"Scarselli F, Tsoi AC, Hagenbuchner M, Noi LD (2013) Solving graph data issues using a layered architecture approach with applications to web spam detection. Neural Netw Off J Int Neural Netw Soc 48:78\u201390","journal-title":"Neural Netw Off J Int Neural Netw Soc"},{"issue":"8","key":"906_CR71","doi-asserted-by":"crossref","first-page":"2992","DOI":"10.1016\/j.eswa.2012.12.015","volume":"40","author":"J Martinez-Romo","year":"2013","unstructured":"Martinez-Romo J, Araujo L (2013) Detecting malicious tweets in trending topics using a statistical analysis of language. Expert Syst Appl 40(8):2992\u20133000","journal-title":"Expert Syst Appl"},{"key":"906_CR72","unstructured":"Stern H (2008) A survey of modern spam tools. In: 5th conference on email and anti-spam, CEAS 2008. Conference on email and anti-spam, CEAS"},{"issue":"7","key":"906_CR73","doi-asserted-by":"crossref","first-page":"10206","DOI":"10.1016\/j.eswa.2009.02.037","volume":"36","author":"TS Guzella","year":"2009","unstructured":"Guzella TS, Caminhas WM (2009) A review of machine learning approaches to spam filtering. Expert Syst Appl 36(7):10206\u201310222","journal-title":"Expert Syst Appl"},{"issue":"2","key":"906_CR74","doi-asserted-by":"crossref","first-page":"140","DOI":"10.1145\/980972.980990","volume":"5","author":"T Fawcett","year":"2003","unstructured":"Fawcett T (2003) \u201cIn vivo\u201d spam filtering: a challenge problem for KDD. SIGKDD Explor 5(2):140\u2013148","journal-title":"SIGKDD Explor"},{"key":"906_CR75","unstructured":"Sahami M, Dumais S, Heckerman D, Horvitz E (1998) A Bayesian approach to filtering junk E-mail. Tech. rep. WS-98-05"},{"key":"906_CR76","unstructured":"Graham P (2003) A plan for spam. http:\/\/paulgraham.com\/spam.html . Accessed 26 June 2003"},{"key":"906_CR77","first-page":"2111","volume":"513\u2013517","author":"ZJ Wang","year":"2014","unstructured":"Wang ZJ, Liu Y, Wang ZJ (2014) E-mail filtration and classification based on variable weights of the Bayesian algorithm. Appl Mech Mater 513\u2013517:2111\u20132114","journal-title":"Appl Mech Mater"},{"key":"906_CR78","doi-asserted-by":"crossref","unstructured":"Dewdney N, VanEss-Dykema C, MacMillan R (2001) The form is the substance. In: Proceedings of the workshop on human language technology and knowledge management, vol 2001, Morristown, NJ, USA. Association for Computational Linguistics, pp 1\u20138","DOI":"10.3115\/1118220.1118227"},{"issue":"3","key":"906_CR79","doi-asserted-by":"crossref","first-page":"183","DOI":"10.1007\/s13174-010-0014-7","volume":"1","author":"J Almeida","year":"2011","unstructured":"Almeida J, Almeida T, Yamakami A (2011) Spam filtering: how the dimensionality reduction affects the accuracy of Naive Bayes classifiers. J Internet Serv Appl 1(3):183\u2013200","journal-title":"J Internet Serv Appl"},{"issue":"11","key":"906_CR80","doi-asserted-by":"crossref","first-page":"1003","DOI":"10.1002\/spe.925","volume":"39","author":"Y Song","year":"2009","unstructured":"Song Y, Ko\u0142cz A, Giles CL (2009) Better Naive Bayes classification for high-precision spam detection. Softw Pract Exp 39(11):1003\u20131024","journal-title":"Softw Pract Exp"},{"issue":"1","key":"906_CR81","doi-asserted-by":"crossref","first-page":"73","DOI":"10.1007\/s10462-010-9166-x","volume":"34","author":"O Amayri","year":"2010","unstructured":"Amayri O, Bouguila N (2010) A study of spam filtering using support vector machines. Artif Intell Rev 34(1):73\u2013108","journal-title":"Artif Intell Rev"},{"issue":"8","key":"906_CR82","first-page":"78","volume":"5","author":"W-C Hsu","year":"2010","unstructured":"Hsu W-C, Yu T-Y (2010) E-mail spam filtering based on support vector machines with Taguchi method for parameter selection. J Converg Inf Technol 5(8):78\u201388","journal-title":"J Converg Inf Technol"},{"key":"906_CR83","doi-asserted-by":"crossref","unstructured":"Caruana G, Li M, Qi M (2011) A MapReduce based parallel SVM for large scale spam filtering. In: IEEE 2011 eighth international conference on fuzzy systems and knowledge discovery (FSKD), vol 4, pp 2659\u20132662","DOI":"10.1109\/FSKD.2011.6020074"},{"issue":"1","key":"906_CR84","doi-asserted-by":"crossref","first-page":"107","DOI":"10.1145\/1327452.1327492","volume":"51","author":"J Dean","year":"2008","unstructured":"Dean J, Ghemawat S (2008) MapReduce: simplified data processing on large clusters. Commun ACM 51(1):107\u2013113","journal-title":"Commun ACM"},{"issue":"3","key":"906_CR85","doi-asserted-by":"crossref","first-page":"4321","DOI":"10.1016\/j.eswa.2008.03.002","volume":"36","author":"C-H Wu","year":"2009","unstructured":"Wu C-H (2009) Behavior-based spam detection using a hybrid method of rule-based techniques and neural networks. Expert Syst Appl 36(3):4321\u20134330","journal-title":"Expert Syst Appl"},{"key":"906_CR86","unstructured":"Tseng L-S, Wu C-H (2003) Detection of spam e-mails by analyzing the distributing behaviors of e-mail servers. In: Proceedings of the third international conference on hybrid intelligent systems, pp 1024\u20131033"},{"issue":"PART 1","key":"906_CR87","first-page":"563","volume":"84","author":"A Gupta","year":"2012","unstructured":"Gupta A, Singhal C, Aggarwal S (2012) An improved anti spam filter based on content, low level features and noise. Lect Notes Inst Comput Sci Soc Inf Telecommun Engi LNICST 84(PART 1):563\u2013572","journal-title":"Lect Notes Inst Comput Sci Soc Inf Telecommun Engi LNICST"},{"issue":"2","key":"906_CR88","first-page":"779","volume":"8","author":"P Li","year":"2012","unstructured":"Li P, Yan H, Cui G, Du Y (2012) Integration of local and global features for image spam filtering. J Comput Inf Syst 8(2):779\u2013789","journal-title":"J Comput Inf Syst"},{"issue":"10","key":"906_CR89","doi-asserted-by":"crossref","first-page":"1436","DOI":"10.1016\/j.patrec.2011.03.022","volume":"32","author":"B Biggio","year":"2011","unstructured":"Biggio B, Fumera G, Pillai I, Roli F (2011) A survey and experimental evaluation of image spam filtering techniques. Pattern Recognit Lett 32(10):1436\u20131446","journal-title":"Pattern Recognit Lett"},{"issue":"1","key":"906_CR90","first-page":"1","volume":"10","author":"ZM Hazza","year":"2015","unstructured":"Hazza ZM, Aziz NA (2015) A new efficient text detection method for image spam filtering. Int Rev Comput Softw 10(1):1\u20138","journal-title":"Int Rev Comput Softw"},{"issue":"4","key":"906_CR91","first-page":"517","volume":"37","author":"T-J Liu","year":"2014","unstructured":"Liu T-J, Wu C-N, Lee C-L, Chen C-W (2014) A self-adaptable image spam filtering system. J Chin Inst Eng Trans Chin Inst Eng Ser A (Chung-kuo Kung Ch\u2019eng Hsuch K\u2019an) 37(4):517\u2013528","journal-title":"J Chin Inst Eng Trans Chin Inst Eng Ser A (Chung-kuo Kung Ch\u2019eng Hsuch K\u2019an)"},{"key":"906_CR92","doi-asserted-by":"crossref","unstructured":"Manek AS, Shamini DK, Bhat VH, Shenoy PD, Mohan MC, Venugopal KR, Patnaik LM (2014) Rep-etd: a repetitive preprocessing technique for embedded text detection from images in spam emails. In: pp 568\u2013573","DOI":"10.1109\/IAdCC.2014.6779387"},{"key":"906_CR93","doi-asserted-by":"crossref","first-page":"471","DOI":"10.1007\/978-3-642-28699-5_18","volume":"13","author":"S Wakade","year":"2013","unstructured":"Wakade S, Liszka KJ, Chan C-C (2013) Application of learning algorithms to image spam evolution. Smart Innov Syst Technol 13:471\u2013495","journal-title":"Smart Innov Syst Technol"},{"issue":"1","key":"906_CR94","doi-asserted-by":"crossref","first-page":"71","DOI":"10.1007\/s10462-011-9280-4","volume":"40","author":"A Attar","year":"2013","unstructured":"Attar A, Rad RM, Atani RE (2013) A survey of image spamming and filtering techniques. Artif Intell Rev 40(1):71\u2013105","journal-title":"Artif Intell Rev"},{"key":"906_CR95","doi-asserted-by":"crossref","first-page":"57","DOI":"10.1007\/978-3-642-15111-8_4","volume":"312","author":"C Romero","year":"2010","unstructured":"Romero C, Garcia-Valdez M, Alanis A (2010) A comparative study of blog comments spam filtering with machine learning techniques. Stud Comput Intell 312:57\u201372","journal-title":"Stud Comput Intell"},{"issue":"7","key":"906_CR96","doi-asserted-by":"crossref","first-page":"1420","DOI":"10.1166\/jctn.2015.3907","volume":"12","author":"W Yang","year":"2015","unstructured":"Yang W, Dong G, Wang W, Hu Y, Shen G, Yu M (2015) A novel approach for bots detection in sina microblog. J Comput Theor Nanosci 12(7):1420\u20131425","journal-title":"J Comput Theor Nanosci"},{"issue":"5","key":"906_CR97","doi-asserted-by":"crossref","first-page":"42","DOI":"10.1109\/MSP.2010.113","volume":"8","author":"S Abu-Nimeh","year":"2010","unstructured":"Abu-Nimeh S, Chen T (2010) Proliferation and detection of blog spam. IEEE Secur Priv Mag 8(5):42\u201347","journal-title":"IEEE Secur Priv Mag"},{"key":"906_CR98","first-page":"1351","volume":"2","author":"P Kolari","year":"2006","unstructured":"Kolari P, Java A, Finin T, Oates T, Joshi A (2006) Detecting spam blogs: a machine learning approach. Proc Natl Conf Artif Intell 2:1351\u20131356","journal-title":"Proc Natl Conf Artif Intell"},{"issue":"(M4D)","key":"906_CR99","first-page":"88","volume":"6045 LNCS","author":"T Yoshinaka","year":"2010","unstructured":"Yoshinaka T, Ishii S, Fukuhara T, Masuda H, Nakagawa H (2010) A user-oriented splog filtering based on a machine learning. Lect Notes Comput Sci (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 6045 LNCS((M4D)):88\u201399","journal-title":"Lect Notes Comput Sci (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)"},{"key":"906_CR100","doi-asserted-by":"crossref","unstructured":"Sculley D, Wachman GM (2007) Relaxed online SVMS for spam filtering. In: pp 415\u2013422","DOI":"10.1145\/1277741.1277813"},{"key":"906_CR101","first-page":"175","volume":"6906 LNCS","author":"M McCord","year":"2011","unstructured":"McCord M, Chuah M (2011) Spam detection on twitter using traditional classifiers. Lect Notes Comput Sci (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 6906 LNCS:175\u2013186","journal-title":"Lect Notes Comput Sci (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)"},{"issue":"1","key":"906_CR102","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1023\/A:1010933404324","volume":"45","author":"L Breiman","year":"2001","unstructured":"Breiman L (2001) Random forests. Mach Learn 45(1):5\u201332","journal-title":"Mach Learn"},{"key":"906_CR103","doi-asserted-by":"crossref","unstructured":"Soman SJ, Murugappan S (2014) Detecting malicious tweets in trending topics using clustering and classification","DOI":"10.1109\/ICRTIT.2014.6996188"},{"key":"906_CR104","doi-asserted-by":"crossref","unstructured":"Chu Z, Gianvecchio S, Wang H, Jajodia S (2010) Who is tweeting on twitter: human, bot, or cyborg? In: pp 21\u201330","DOI":"10.1145\/1920261.1920265"},{"key":"906_CR105","first-page":"335","volume":"6166 LNCS","author":"AH Wang","year":"2010","unstructured":"Wang AH (2010) Detecting spam bots in online social networking sites: a machine learning approach. Lect Notes Comput Sci (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 6166 LNCS:335\u2013342","journal-title":"Lect Notes Comput Sci (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)"},{"key":"906_CR106","unstructured":"Wang AH (2010) Don\u2019t follow me\u2014spam detection in twitter. In: pp 142\u2013151"},{"key":"906_CR107","doi-asserted-by":"crossref","first-page":"449","DOI":"10.1007\/978-3-319-01854-6_46","volume":"239","author":"I Santos","year":"2014","unstructured":"Santos I, Mi\u00f1ambres-Marcos I, Laorden C, Gal\u00e1n-Garc\u00eda P, Santamar\u00eda-Ibirika A, Garc\u00eda\u00a0Bringas P (2014) Twitter content-based spam filtering. Adv Intell Syst Comput 239:449\u2013458","journal-title":"Adv Intell Syst Comput"},{"key":"906_CR108","unstructured":"Zangerle E, Specht G (2014) \u201csorry, i was hacked\u201d a classification of compromised twitter accounts. In: pp 587\u2013593"},{"key":"906_CR109","doi-asserted-by":"crossref","unstructured":"Benevenuto F, Rodrigues T, Almeida V, Almeida J, Zhang C, Ross K (2008) Identifying video spammers in online social networks. In: pp 45\u201352","DOI":"10.1145\/1451983.1451996"},{"issue":"3","key":"906_CR110","doi-asserted-by":"crossref","first-page":"688","DOI":"10.1109\/TSMCB.2011.2173799","volume":"42","author":"F Benevenuto","year":"2012","unstructured":"Benevenuto F, Rodrigues T, Veloso A, Almeida J, Goncalves M, Almeida V (2012) Practical detection of spammers and content promoters in online video sharing systems. IEEE Trans Syst Man Cybern Part B Cybern 42(3):688\u2013701","journal-title":"IEEE Trans Syst Man Cybern Part B Cybern"},{"issue":"5","key":"906_CR111","first-page":"2024","volume":"6","author":"K Indira","year":"2014","unstructured":"Indira K, Christal\u00a0Joy E (2014) Prevention of spammers and promoters in video social networks using SVM-knn. Int J Eng Technol 6(5):2024\u20132030","journal-title":"Int J Eng Technol"},{"key":"906_CR112","first-page":"14","volume":"3488 LNAI","author":"SJ Stolfo","year":"2005","unstructured":"Stolfo SJ, Hershkop S, Bui LH, Ferster R, Wang K (2005) Anomaly detection in computer security and an application to file system accesses. Lect Notes Comput Sci (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 3488 LNAI:14\u201328","journal-title":"Lect Notes Comput Sci (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)"},{"issue":"5","key":"906_CR113","doi-asserted-by":"crossref","first-page":"1291","DOI":"10.1109\/TNN.2005.853425","volume":"16","author":"Z Chen","year":"2005","unstructured":"Chen Z, Ji C (2005) Spatial-temporal modeling of malware propagation in networks. IEEE Trans Neural Netw 16(5):1291\u20131303","journal-title":"IEEE Trans Neural Netw"},{"key":"906_CR114","doi-asserted-by":"crossref","unstructured":"Lin J (2008) On malicious software classification. In: pp 368\u2013371","DOI":"10.1109\/IITA.Workshops.2008.106"},{"key":"906_CR115","first-page":"238","volume":"6307 LNCS","author":"P Li","year":"2010","unstructured":"Li P, Liu L, Gao D, Reiter MK (2010) On challenges in evaluating malware clustering. Lect Notes Comput Sci (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 6307 LNCS:238\u2013255","journal-title":"Lect Notes Comput Sci (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)"},{"issue":"11","key":"906_CR116","doi-asserted-by":"crossref","first-page":"2150","DOI":"10.1587\/transinf.E94.D.2150","volume":"E94\u2013D","author":"J Nakazato","year":"2011","unstructured":"Nakazato J, Song J, Eto M, Inoue D, Nakao K (2011) A novel malware clustering method using frequency of function call traces in parallel threads. IEICE Trans Inf Syst E94\u2013D(11):2150\u20132158","journal-title":"IEICE Trans Inf Syst"},{"key":"906_CR117","doi-asserted-by":"crossref","unstructured":"Shafiq MZ, Khayam SA, Farooq M (2008) Improving accuracy of immune-inspired malware detectors by using intelligent features. In: pp 119\u2013126","DOI":"10.1145\/1389095.1389112"},{"key":"906_CR118","doi-asserted-by":"crossref","unstructured":"Bose A, Hu X, Shin KG, Park T (2008) Behavioral detection of malware on mobile handsets. In: pp 225\u2013238","DOI":"10.1145\/1378600.1378626"},{"issue":"4","key":"906_CR119","doi-asserted-by":"crossref","first-page":"247","DOI":"10.1007\/s11416-011-0152-x","volume":"7","author":"B Anderson","year":"2011","unstructured":"Anderson B, Quist D, Neil J, Storlie C, Lane T (2011) Graph-based malware detection using dynamic analysis. J Comput Virol 7(4):247\u2013258","journal-title":"J Comput Virol"},{"key":"906_CR120","doi-asserted-by":"crossref","unstructured":"Chandramohan M, Tan HBK, Briand LC, Shar LK, Padmanabhuni BM (2013) A scalable approach for malware detection through bounded feature space behavior modeling. In: pp 312\u2013322","DOI":"10.1109\/ASE.2013.6693090"},{"key":"906_CR121","unstructured":"Dhaya R, Poongodi M (2015) Detecting software vulnerabilities in android using static analysis. In: pp 915\u2013918"},{"key":"906_CR122","doi-asserted-by":"crossref","unstructured":"Durand J, Atkison T (2012) Applying random projection to the classification of malicious applications using data mining algorithms. In: pp 286\u2013291","DOI":"10.1145\/2184512.2184579"},{"issue":"2","key":"906_CR123","first-page":"179","volume":"6","author":"I Ismail","year":"2014","unstructured":"Ismail I, Marsono MN, Nor SM (2014) Malware detection using augmented naive bayes with domain knowledge and under presence of class noise. Int J Inf Comput Secur 6(2):179\u2013197","journal-title":"Int J Inf Comput Secur"},{"issue":"3","key":"906_CR124","doi-asserted-by":"crossref","first-page":"502","DOI":"10.1016\/j.comcom.2010.04.007","volume":"34","author":"W Lu","year":"2011","unstructured":"Lu W, Rammidi G, Ghorbani AA (2011) Clustering botnet communication traffic based on n-gram feature selection. Comput Commun 34(3):502\u2013514","journal-title":"Comput Commun"},{"key":"906_CR125","doi-asserted-by":"publisher","unstructured":"Markel Z, Bilzor M (2015) Building a machine learning classifier for malware detection. In: Second workshop on anti-malware testing research (WATeR). IEEE, Canterbury, UK. https:\/\/doi.org\/10.1109\/WATeR.2014.7015757","DOI":"10.1109\/WATeR.2014.7015757"},{"key":"906_CR126","first-page":"93","volume":"6109 LNCS","author":"R Merkel","year":"2010","unstructured":"Merkel R, Hoppe T, Kraetzer C, Dittmann J (2010) Statistical detection of malicious pe-executables for fast offline analysis. Lect Notes Comput Sci (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 6109 LNCS:93\u2013105","journal-title":"Lect Notes Comput Sci (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)"},{"key":"906_CR127","unstructured":"Moskovitch R, Elovici Y (2008) Unknown malicious code detection\u2014practical issues. In: pp 145\u2013152"},{"key":"906_CR128","doi-asserted-by":"crossref","unstructured":"Ponomarev S, Durand J, Wallace N, Atkison T (2013) Evaluation of random projection for malware classification. In: pp 68\u201373","DOI":"10.1109\/SERE-C.2013.29"},{"issue":"3","key":"906_CR129","doi-asserted-by":"crossref","first-page":"231","DOI":"10.1007\/s11416-006-0027-8","volume":"2","author":"DKS Reddy","year":"2006","unstructured":"Reddy DKS, Pujari AK (2006) N-gram analysis for computer virus detection. J Comput Virol 2(3):231\u2013239","journal-title":"J Comput Virol"},{"key":"906_CR130","doi-asserted-by":"crossref","unstructured":"Santos I, Penya YK, Devesa J, Bringas PG (2009) N-grams-based file signatures for malware detection. In: Volume AIDSS, pp 317\u2013320","DOI":"10.5220\/0001863603170320"},{"issue":"1","key":"906_CR131","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1016\/j.istr.2009.03.003","volume":"14","author":"A Shabtai","year":"2009","unstructured":"Shabtai A, Moskovitch R, Elovici Y, Glezer C (2009) Detection of malicious code by applying machine learning classifiers on static features: a state-of-the-art survey. Inf Secur Tech Rep 14(1):16\u201329 Malware","journal-title":"Inf Secur Tech Rep"},{"issue":"3","key":"906_CR132","doi-asserted-by":"crossref","first-page":"589","DOI":"10.1007\/s10115-011-0393-5","volume":"30","author":"F Shahzad","year":"2012","unstructured":"Shahzad F, Farooq M (2012) Elf-miner: using structural knowledge and data mining methods to detect new (linux) malicious executables. Knowl Inf Syst 30(3):589\u2013612","journal-title":"Knowl Inf Syst"},{"key":"906_CR133","doi-asserted-by":"crossref","first-page":"804","DOI":"10.1016\/j.procs.2015.02.149","volume":"46","author":"PV Shijo","year":"2015","unstructured":"Shijo PV, Salim A (2015) Integrated static and dynamic analysis for malware detection. Procedia Comput Sci 46:804\u2013811","journal-title":"Procedia Comput Sci"},{"key":"906_CR134","doi-asserted-by":"crossref","unstructured":"Siddiqui M, Wang MC, Lee J (2008) A survey of data mining techniques for malware detection using file features. In: pp 509\u2013510","DOI":"10.1145\/1593105.1593239"},{"key":"906_CR135","doi-asserted-by":"crossref","unstructured":"Uppal D, Sinha R, Mehra V, Jain V (2014) Malware detection and classification based on extraction of API sequences. In: pp 2337\u20132342","DOI":"10.1109\/ICACCI.2014.6968547"},{"key":"906_CR136","doi-asserted-by":"crossref","unstructured":"Wressnegger C, Schwenk G, Arp D, Rieck K (2013) A close look on n-grams in intrusion detection: anomaly detection vs. classification. In: pp 67\u201376","DOI":"10.1145\/2517312.2517316"},{"key":"906_CR137","unstructured":"Yu W, Zhang H, Ge L, Hardy R (2013) On behavior-based detection of malware on android platform. In: pp 814\u2013819"},{"key":"906_CR138","doi-asserted-by":"crossref","unstructured":"Yuxin D, Wei D, Yibin Z, Chenglong X (2014) Malicious code detection using opcode running tree representation. In: pp 616\u2013621","DOI":"10.1109\/3PGCIC.2014.140"},{"issue":"6\u20137","key":"906_CR139","doi-asserted-by":"crossref","first-page":"514","DOI":"10.1016\/j.cose.2011.05.007","volume":"30","author":"D Yuxin","year":"2011","unstructured":"Yuxin D, Xuebing Y, Di Z, Li D, Zhanchao A (2011) Feature representation and selection in malicious code detection methods based on static system calls. Comput Secur 30(6\u20137):514\u2013524","journal-title":"Comput Secur"},{"key":"906_CR140","doi-asserted-by":"crossref","unstructured":"Zolotukhin M, H\u00e4m\u00e4l\u00e4inen T (2013) Support vector machine integrated with game-theoretic approach and genetic algorithm for the detection and classification of malware. In: pp 211\u2013216","DOI":"10.1109\/GLOCOMW.2013.6824988"},{"key":"906_CR141","doi-asserted-by":"crossref","unstructured":"Cova M, Kruegel C, Vigna G (2010) Detection and analysis of drive-by-download attacks and malicious javascript code. In: pp 281\u2013290","DOI":"10.1145\/1772690.1772720"},{"issue":"5","key":"906_CR142","first-page":"203","volume":"7","author":"K Zhu","year":"2012","unstructured":"Zhu K, Yin B (2012) Malware behavior classification approach based on naive bayes. J Converg Inf Technol 7(5):203\u2013210","journal-title":"J Converg Inf Technol"},{"issue":"2","key":"906_CR143","first-page":"373","volume":"51","author":"K Zhu","year":"2014","unstructured":"Zhu K, Yin B, Mao Y, Hu Y (2014) Malware classification approach based on valid window and naive bayes. Comput Res Dev (Jisuanji Yanjiu yu Fazhan) 51(2):373\u2013381","journal-title":"Comput Res Dev (Jisuanji Yanjiu yu Fazhan)"},{"key":"906_CR144","doi-asserted-by":"crossref","unstructured":"Bat-Erdene M, Kim T, Li H, Lee H (2013) Dynamic classification of packing algorithms for inspecting executables using entropy analysis. In: pp 19\u201326","DOI":"10.1109\/MALWARE.2013.6703681"},{"key":"906_CR145","doi-asserted-by":"publisher","unstructured":"Ban T, Isawa R, Guo S, Inoue D, Nakao K (2013) Application of string kernel based support vector machine for malware packer identification. In: The 2013 international joint conference on neural networks (IJCNN). IEEE, Dallas, TX, USA. https:\/\/doi.org\/10.1109\/IJCNN.2013.6707043","DOI":"10.1109\/IJCNN.2013.6707043"},{"issue":"5","key":"906_CR146","first-page":"391","volume":"8","author":"S Divya","year":"2014","unstructured":"Divya S, Padmavathi G (2014) A novel method for detection of internet worm malcodes using principal component analysis and multiclass support vector machine. Int J Secur Appl 8(5):391\u2013402","journal-title":"Int J Secur Appl"},{"key":"906_CR147","doi-asserted-by":"crossref","unstructured":"Komiya R, Paik I, Hisada M (2011) Classification of malicious web code by machine learning. In: pp 406\u2013411","DOI":"10.1109\/ICAwST.2011.6163109"},{"issue":"4","key":"906_CR148","doi-asserted-by":"crossref","first-page":"459","DOI":"10.1007\/s10044-012-0296-4","volume":"15","author":"N Nissim","year":"2012","unstructured":"Nissim N, Moskovitch R, Rokach L, Elovici Y (2012) Detecting unknown computer worm activity via support vector machines and active learning. Pattern Anal Appl 15(4):459\u2013475","journal-title":"Pattern Anal Appl"},{"issue":"13","key":"906_CR149","doi-asserted-by":"crossref","first-page":"5843","DOI":"10.1016\/j.eswa.2014.02.053","volume":"41","author":"N Nissim","year":"2014","unstructured":"Nissim N, Moskovitch R, Rokach L, Elovici Y (2014) Novel active learning methods for enhanced pc malware detection in windows os. Expert Syst Appl 41(13):5843\u20135857","journal-title":"Expert Syst Appl"},{"issue":"1","key":"906_CR150","doi-asserted-by":"crossref","first-page":"42","DOI":"10.1049\/iet-sen.2013.0020","volume":"8","author":"P Okane","year":"2014","unstructured":"Okane P, Sezer S, McLaughlin K, Im EG (2014) Malware detection: program run length against detection rate. IET Softw 8(1):42\u201351","journal-title":"IET Softw"},{"key":"906_CR151","doi-asserted-by":"crossref","unstructured":"Sanjaa B, Chuluun E (2013) Malware detection using linear SVM. In: vol 2, pp 136\u2013138","DOI":"10.1109\/IFOST.2013.6616872"},{"issue":"6","key":"906_CR152","doi-asserted-by":"crossref","first-page":"1012","DOI":"10.1016\/j.jcss.2014.12.014","volume":"81","author":"P Wang","year":"2015","unstructured":"Wang P, Wang Y-S (2015) Malware behavioural detection and vaccine development by using a support vector model classifier. J Comput Syst Sci 81(6):1012\u20131026","journal-title":"J Comput Syst Sci"},{"issue":"PART 1","key":"906_CR153","first-page":"158","volume":"243 CCIS","author":"M Zhao","year":"2011","unstructured":"Zhao M, Ge F, Zhang T, Yuan Z (2011) Antimaldroid: an efficient SVM-based malware detection framework for android. Commun Comput Inf Sci 243 CCIS(PART 1):158\u2013166","journal-title":"Commun Comput Inf Sci"},{"key":"906_CR154","doi-asserted-by":"crossref","unstructured":"Biggio B, Corona I, Nelson B, Rubinstein BIP, Maiorca D, Fumera G, Giacinto G, Roli F (2014) Security evaluation of support vector machines in adversarial environments","DOI":"10.1007\/978-3-319-02300-7_4"},{"key":"906_CR155","doi-asserted-by":"crossref","unstructured":"Firdausi I, Lim C, Erwin A, Nugroho AS (2010) Analysis of machine learning techniques used in behavior-based malware detection. In: pp 201\u2013203","DOI":"10.1109\/ACT.2010.33"},{"key":"906_CR156","doi-asserted-by":"crossref","unstructured":"Canzanese R, Kam M, Mancoridis S (2013) Toward an automatic, online behavioral malware classification system. In: pp 111\u2013120","DOI":"10.1109\/SASO.2013.8"},{"issue":"1","key":"906_CR157","doi-asserted-by":"crossref","first-page":"137","DOI":"10.1016\/j.cose.2011.09.002","volume":"31","author":"T Dube","year":"2012","unstructured":"Dube T, Raines R, Peterson G, Bauer K, Grimaila M, Rogers S (2012) Malware target recognition via static heuristics. Comput Secur 31(1):137\u2013147","journal-title":"Comput Secur"},{"key":"906_CR158","unstructured":"Haddadi F, Runkel D, Nur Zincir-Heywood A, Heywood MI (2014) On botnet behaviour analysis using gp and c4.5. In: pp 1253\u20131260"},{"issue":"9","key":"906_CR159","doi-asserted-by":"crossref","first-page":"1815","DOI":"10.1007\/s00500-014-1253-5","volume":"18","author":"W Ye","year":"2014","unstructured":"Ye W, Cho K (2014) Hybrid p2p traffic classification with heuristic rules and machine learning. Soft Comput 18(9):1815\u20131827","journal-title":"Soft Comput"},{"key":"906_CR160","doi-asserted-by":"crossref","unstructured":"Borgolte K, Kruegel C, Vigna G (2013) Delta: automatic identification of unknown web-based infection campaigns. In: pp 109\u2013120","DOI":"10.1145\/2508859.2516725"},{"key":"906_CR161","doi-asserted-by":"crossref","unstructured":"Mohaisen A, Alrawi O (2015) AMAL: high-fidelity, behavior-based automated malware analysis and classification. In: Rhee KH, Yi J (eds) Information security applications, WISA 2014. Lecture notes in computer science, vol 8909. Springer, pp 107\u2013121","DOI":"10.1007\/978-3-319-15087-1_9"},{"issue":"4","key":"906_CR162","doi-asserted-by":"crossref","first-page":"639","DOI":"10.3233\/JCS-2010-0410","volume":"19","author":"K Rieck","year":"2011","unstructured":"Rieck K, Trinius P, Willems C, Holz T (2011) Automatic analysis of malware behavior using machine learning. J Comput Secur 19(4):639\u2013668","journal-title":"J Comput Secur"},{"issue":"4","key":"906_CR163","doi-asserted-by":"crossref","first-page":"1483","DOI":"10.1016\/j.csda.2008.10.015","volume":"53","author":"E Menahem","year":"2009","unstructured":"Menahem E, Shabtai A, Rokach L, Elovici Y (2009) Improving malware detection by applying multi-inducer ensemble. Comput Stat Data Anal 53(4):1483\u20131494","journal-title":"Comput Stat Data Anal"},{"key":"906_CR164","doi-asserted-by":"crossref","unstructured":"Shabtai A, Fledel Y, Elovici Y (2010) Automated static code analysis for classifying android applications using machine learning. In: pp 329\u2013333","DOI":"10.1109\/CIS.2010.77"},{"key":"906_CR165","doi-asserted-by":"crossref","first-page":"111","DOI":"10.1007\/978-3-642-35473-1_12","volume":"21","author":"C-Y Huang","year":"2013","unstructured":"Huang C-Y, Tsai Y-T, Hsu C-H (2013) Performance evaluation on permission-based detection for android malware. Smart Innov Syst Technol 21:111\u2013120","journal-title":"Smart Innov Syst Technol"},{"key":"906_CR166","doi-asserted-by":"crossref","unstructured":"Glodek W, Harang R (2013) Rapid permissions-based detection and analysis of mobile malware using random decision forests. In: pp 980\u2013985","DOI":"10.1109\/MILCOM.2013.170"},{"key":"906_CR167","unstructured":"Alam MS, Vuong ST (2013) Random forest classification for detecting android malware. In: pp 663\u2013669"},{"key":"906_CR168","unstructured":"Ng DV, Hwang J-IG (2015) Android malware detection using the dendritic cell algorithm. In: IEEE international conference on machine learning and cybernetics, Lanzhou, China, pp 257\u2013262"},{"key":"906_CR169","doi-asserted-by":"publisher","unstructured":"Pehlivan U, Baltaci N, Acarturk C, Baykal N (2014) The analysis of feature selection methods and classification algorithms in permission based android malware detection. In: IEEE symposium on computational intelligence in cyber security (CICS), Orlando, FL, USA. https:\/\/doi.org\/10.1109\/CICYBS.2014.7013371","DOI":"10.1109\/CICYBS.2014.7013371"},{"key":"906_CR170","doi-asserted-by":"crossref","unstructured":"Barbareschi M, De Benedictis A, Mazzeo A, Vespoli A (2014) Mobile traffic analysis exploiting a cloud infrastructure and hardware accelerators. In: pp 414\u201341","DOI":"10.1109\/3PGCIC.2014.86"},{"key":"906_CR171","doi-asserted-by":"crossref","unstructured":"Yu W, Zhang H, Xu G (2013) A study of malware detection on smart mobile devices. In: vol 8757","DOI":"10.1117\/12.2016114"},{"key":"906_CR172","doi-asserted-by":"crossref","unstructured":"Yerima SY, Sezer S, Muttik I (2014) Android malware detection using parallel machine learning classifiers. In: pp 37\u201342","DOI":"10.1109\/NGMAST.2014.23"},{"key":"906_CR173","unstructured":"Feldman S, Stadther D, Wang B (2015) Manilyzer: automated android malware detection through manifest analysis. In: pp 767\u201377"},{"issue":"3","key":"906_CR174","doi-asserted-by":"crossref","first-page":"238","DOI":"10.1109\/TDSC.2014.2302293","volume":"11","author":"CS Gates","year":"2014","unstructured":"Gates CS, Li N, Peng H, Sarma B, Qi Y, Potharaju R, Nita-Rotaru C, Molloy I (2014) Generating summary risk scores for mobile applications. IEEE Trans Dependable Secure Comput 11(3):238\u2013251","journal-title":"IEEE Trans Dependable Secure Comput"},{"key":"906_CR175","unstructured":"Yu L, Pan Z, Liu J, Shen Y (2013) Android malware detection technology based on improved bayesian classification. In: pp 1338\u20131341"},{"issue":"1","key":"906_CR176","doi-asserted-by":"crossref","first-page":"161","DOI":"10.1007\/s10844-010-0148-x","volume":"38","author":"A Shabtai","year":"2012","unstructured":"Shabtai A, Kanonov U, Elovici Y, Glezer C, Weiss Y (2012) \u201cAndromaly\u201d: a behavioral malware detection framework for android devices. J Intell Inf Syst 38(1):161\u2013190","journal-title":"J Intell Inf Syst"},{"key":"906_CR177","doi-asserted-by":"crossref","unstructured":"Sanz B, Santos I, Laorden C, Ugarte-Pedrero X, Bringas PG (2012) On the automatic categorisation of android applications. In: pp 149\u2013153","DOI":"10.1109\/CCNC.2012.6181075"},{"issue":"4","key":"906_CR178","first-page":"251","volume":"26","author":"A Feizollah","year":"2013","unstructured":"Feizollah A, Anuar NB, Salleh R, Amalina F, Ma\u2019arof RR, Shamshirband S (2013) A study of machine learning classifiers for anomaly-based mobile botnet detection. Malays J Comput Sci 26(4):251\u2013265","journal-title":"Malays J Comput Sci"},{"key":"906_CR179","doi-asserted-by":"crossref","first-page":"575","DOI":"10.1007\/978-94-017-8798-7_68","volume":"301","author":"H-S Ham","year":"2014","unstructured":"Ham H-S, Kim H-H, Kim M-S, Choi M-J (2014) Linear SVM-based android malware detection. Lect Notes Electr Eng 301:575\u2013585","journal-title":"Lect Notes Electr Eng"},{"key":"906_CR180","doi-asserted-by":"publisher","unstructured":"Narayanan A, Chen L, Chan CK (2014) AdDetect: automated detection of android ad libraries using semantic analysis. In: IEEE ninth international conference on intelligent sensors, sensor networks and information processing (ISSNIP). IEEE, Singapore. https:\/\/doi.org\/10.1109\/ISSNIP.2014.6827639","DOI":"10.1109\/ISSNIP.2014.6827639"},{"key":"906_CR181","doi-asserted-by":"crossref","unstructured":"Sahs J, Khan L (2012) A machine learning approach to android malware detection. In: pp 141\u2013147","DOI":"10.1109\/EISIC.2012.34"},{"issue":"2","key":"906_CR182","doi-asserted-by":"crossref","first-page":"141","DOI":"10.1007\/s10207-014-0250-0","volume":"14","author":"M Spreitzenbarth","year":"2015","unstructured":"Spreitzenbarth M, Schreck T, Echtler F, Arp D, Hoffmann J (2015) Mobile-sandbox: combining static and dynamic analysis with machine-learning techniques. Int J Inf Secur 14(2):141\u2013153","journal-title":"Int J Inf Secur"},{"issue":"P2","key":"906_CR183","doi-asserted-by":"crossref","first-page":"905","DOI":"10.1016\/j.neucom.2014.10.004","volume":"151","author":"S Sheen","year":"2015","unstructured":"Sheen S, Anitha R, Natarajan V (2015) Android based malware detection using a multifeature collaborative decision fusion approach. Neurocomputing 151(P2):905\u2013912","journal-title":"Neurocomputing"},{"key":"906_CR184","doi-asserted-by":"crossref","first-page":"183","DOI":"10.1007\/s10664-014-9352-6","volume":"21","author":"K Allix","year":"2014","unstructured":"Allix K, Bissyand\u00e9 TF, J\u00e9rome Q, Klein J, State R, Le Traon Y (2014) Empirical assessment of machine learning-based malware detectors for Android. Empir Softw Eng 21:183\u2013211","journal-title":"Empir Softw Eng"},{"key":"906_CR185","first-page":"51","volume":"8978","author":"K Allix","year":"2015","unstructured":"Allix K, Bissyand\u00e9 TF, Klein J, Traon YL (2015) Are your training datasets yet relevant? an investigation into the importance of timeline in machine learning-based malware detection. Lect Notes Comput Sci (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 8978:51\u201367","journal-title":"Lect Notes Comput Sci (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)"},{"key":"906_CR186","doi-asserted-by":"crossref","unstructured":"Fette I, Sadeh N, Tomasic A (2007) Learning to detect phishing emails. In: Proceedings of the 16th international conference on World Wide Web (WWW \u201907), New York (US), ACM, pp 649\u2013656","DOI":"10.1145\/1242572.1242660"},{"key":"906_CR187","unstructured":"Zhang L, Yao T (2003) Filtering junk mail with a maximum entropy model. In: pp 446\u2013453"},{"issue":"14","key":"906_CR188","first-page":"5553","volume":"9","author":"X Gu","year":"2013","unstructured":"Gu X, Wang H, Ni T (2013) An efficient approach to detecting phishing web. J Comput Inf Syst 9(14):5553\u20135560","journal-title":"J Comput Inf Syst"},{"issue":"10","key":"906_CR189","doi-asserted-by":"crossref","first-page":"12018","DOI":"10.1016\/j.eswa.2011.01.046","volume":"38","author":"M He","year":"2011","unstructured":"He M, Horng S, Fan P, Khan M Khurram, Run R, Lai J, Chen R, Sutanto A (2011) An efficient phishing webpage detector. Expert Syst Appl 38(10):12018\u201312027","journal-title":"Expert Syst Appl"},{"issue":"2","key":"906_CR190","first-page":"134","volume":"29","author":"J Cao","year":"2013","unstructured":"Cao J, Dong D, Mao B, Wang T (2013) Phishing detection method based on url features. J Southeast Univ (English Edition) 29(2):134\u2013138","journal-title":"J Southeast Univ (English Edition)"},{"key":"906_CR191","unstructured":"Chandrasekaran M, Narayanan K, Upadhyaya S (2006) Phishing E-mail detection based on structural properties. In: Proceedings of 9th annual NYS cyber security conference, Albany, NY, USA, pp 2\u20138"},{"key":"906_CR192","doi-asserted-by":"crossref","unstructured":"Ma L, Ofoghi B, Watters P, Brown S (2009) Detecting phishing emails using hybrid features. In: pp 493\u2013497","DOI":"10.1109\/UIC-ATC.2009.103"},{"key":"906_CR193","doi-asserted-by":"crossref","first-page":"798","DOI":"10.1016\/j.proeng.2012.01.930","volume":"30","author":"V Santhana Lakshmi","year":"2012","unstructured":"Santhana Lakshmi V, Vijaya MS (2012) Efficient prediction of phishing websites using supervised learning algorithms. Procedia Eng 30:798\u2013805","journal-title":"Procedia Eng"},{"key":"906_CR194","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1155\/2014\/425731","volume":"2014","author":"AA Akinyelu","year":"2014","unstructured":"Akinyelu AA, Adewumi AO (2014) Classification of phishing email using random forest machine learning technique. J Appl Math 2014:1\u20136","journal-title":"J Appl Math"},{"key":"906_CR195","doi-asserted-by":"crossref","first-page":"853","DOI":"10.1007\/978-3-642-27552-4_112","volume":"133AISC","author":"CG Webber","year":"2012","unstructured":"Webber CG, De F\u00e1tima M, Do Prado Lima W, Hepp FS (2012) Testing phishing detection criteria and methods. Adv Intell Soft Comput 133AISC:853\u2013858","journal-title":"Adv Intell Soft Comput"},{"key":"906_CR196","first-page":"321","volume":"4739 LNCS","author":"MD Castillo Del","year":"2007","unstructured":"Del Castillo MD, Iglesias \u00c1, Serrano JI (2007) An integrated approach to filtering phishing e-mails. Lect Notes Comput Sci (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 4739 LNCS:321\u2013328","journal-title":"Lect Notes Comput Sci (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)"},{"issue":"2","key":"906_CR197","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/2019599.2019606","volume":"14","author":"G Xiang","year":"2011","unstructured":"Xiang G, Hong J, Rose CP, Cranor L (2011) Cantina+: a feature-rich machine learning framework for detecting phishing web sites. ACM Trans Inf Syst Secur 14(2):1\u201328","journal-title":"ACM Trans Inf Syst Secur"},{"key":"906_CR198","first-page":"92","volume":"15","author":"R Patil","year":"2014","unstructured":"Patil R, Dasharath DB, Dhonde KS, Chinchwade RG, Mehetre SB (2014) A hybrid model to detect phishing-sites using clustering and bayesian approach. Int J Comput Sci Netw Secur 15:92\u201395","journal-title":"Int J Comput Sci Netw Secur"},{"key":"906_CR199","first-page":"252","volume":"7345 LNAI","author":"RB Basnet","year":"2012","unstructured":"Basnet RB, Sung AH, Liu Q (2012) Feature selection for improved phishing detection. Lect Notes Comput Sci (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 7345 LNAI:252\u2013261","journal-title":"Lect Notes Comput Sci (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)"},{"key":"906_CR200","doi-asserted-by":"crossref","unstructured":"Qabajeh I, Thabtah F (2014) An experimental study for assessing email classification attributes using feature selection methods. In: pp 125\u2013132","DOI":"10.1109\/ACSAT.2014.29"}],"container-title":["International Journal of Machine Learning and Cybernetics"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s13042-018-00906-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s13042-018-00906-1\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s13042-018-00906-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,13]],"date-time":"2024-07-13T20:19:43Z","timestamp":1720901983000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s13042-018-00906-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,1,4]]},"references-count":200,"journal-issue":{"issue":"10","published-print":{"date-parts":[[2019,10]]}},"alternative-id":["906"],"URL":"https:\/\/doi.org\/10.1007\/s13042-018-00906-1","relation":{},"ISSN":["1868-8071","1868-808X"],"issn-type":[{"value":"1868-8071","type":"print"},{"value":"1868-808X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,1,4]]},"assertion":[{"value":"20 October 2017","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"18 December 2018","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"4 January 2019","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}