{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,21]],"date-time":"2026-02-21T18:52:32Z","timestamp":1771699952624,"version":"3.50.1"},"reference-count":38,"publisher":"Elsevier BV","content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Computers &amp; Security"],"published-print":{"date-parts":[[2013,11]]},"DOI":"10.1016\/j.cose.2013.08.008","type":"journal-article","created":{"date-parts":[[2013,8,21]],"date-time":"2013-08-21T22:32:35Z","timestamp":1377124355000},"page":"315-324","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":40,"special_numbering":"PB","title":["A fast malware detection algorithm based on objective-oriented association mining"],"prefix":"10.1016","volume":"39","author":[{"given":"Yuxin","family":"Ding","sequence":"first","affiliation":[]},{"given":"Xuebing","family":"Yuan","sequence":"additional","affiliation":[]},{"given":"Ke","family":"Tang","sequence":"additional","affiliation":[]},{"given":"Xiao","family":"Xiao","sequence":"additional","affiliation":[]},{"given":"Yibin","family":"Zhang","sequence":"additional","affiliation":[]}],"member":"78","reference":[{"key":"10.1016\/j.cose.2013.08.008_bib1","series-title":"Proceedings of VLDB-94","first-page":"487","article-title":"Fast algorithms for association rule mining","author":"Agrawal","year":"1994"},{"key":"10.1016\/j.cose.2013.08.008_bib2","series-title":"Symposium on requirements engineering for information security (SREIS'01)","first-page":"157","article-title":"Static detection of malicious code in executable programs","author":"Bergeron","year":"2001"},{"key":"10.1016\/j.cose.2013.08.008_bib3","series-title":"Proceedings of black hat","first-page":"325","article-title":"Runtime packers: the hidden problem","author":"Brosch","year":"2006"},{"key":"10.1016\/j.cose.2013.08.008_bib4","series-title":"10th IEEE symposium on computer and communications","first-page":"427","article-title":"Anomaly intrusion detection for system call using the Soundex algorithm and neural networks","author":"Cha","year":"2005"},{"key":"10.1016\/j.cose.2013.08.008_bib5","series-title":"Proceedings of IEEE 23rd international conference on data engineering (ICDE 07)","first-page":"716","article-title":"Discriminative frequent pattern analysis for effective classification","author":"Cheng","year":"2007"},{"key":"10.1016\/j.cose.2013.08.008_bib6","series-title":"ACM SIGSOFT international symposium on software testing and analysis (ISSTA '04)","first-page":"34","article-title":"Testing malware detectors","author":"Christodorescu","year":"2004"},{"key":"10.1016\/j.cose.2013.08.008_bib7","series-title":"2005 IEEE symposium on security and privacy","first-page":"32","article-title":"Semantics-aware malware detection","author":"Christodorescu","year":"2005"},{"key":"10.1016\/j.cose.2013.08.008_bib8","series-title":"Proceedings of 1st international conference on information systems security","first-page":"251","article-title":"Episode based masquerade detection","author":"Dash","year":"2005"},{"key":"10.1016\/j.cose.2013.08.008_bib9","doi-asserted-by":"crossref","first-page":"514","DOI":"10.1016\/j.cose.2011.05.007","article-title":"Feature representation and selection in malicious code detection methods based on static system calls","volume":"30","author":"Ding","year":"2011","journal-title":"Computers & Security"},{"key":"10.1016\/j.cose.2013.08.008_bib10","series-title":"The IDA pro book","first-page":"429","author":"Eagle","year":"2008"},{"key":"10.1016\/j.cose.2013.08.008_bib11","series-title":"Proceedings of the 1996 IEEE symposium on computer security and privacy","first-page":"120","article-title":"A sense of self for unix processes","author":"Forrest","year":"1996"},{"key":"10.1016\/j.cose.2013.08.008_bib12","series-title":"Proceedings of the 11th USENIX workshop on hot topics in operating systems","first-page":"1","article-title":"Compatibility is not transparency: VMM detection myths and realities","author":"Garfinkel","year":"2007"},{"key":"10.1016\/j.cose.2013.08.008_bib13","series-title":"Data mining: concepts and techniques","author":"Han","year":"2006"},{"key":"10.1016\/j.cose.2013.08.008_bib14","series-title":"Proceedings of ICDM-2006","first-page":"891","article-title":"A feature selection and evaluation scheme for computer virus detection","author":"Henchiri","year":"2006"},{"key":"10.1016\/j.cose.2013.08.008_bib15","author":"Hex-Rays"},{"key":"10.1016\/j.cose.2013.08.008_bib16","series-title":"Proceedings of the second international conference on detection of intrusions and malwares, and vulnerability assessment (DIMVA'05)","first-page":"174","article-title":"Detecting malicious code by model checking","author":"Kinder","year":"2005"},{"key":"10.1016\/j.cose.2013.08.008_bib17","series-title":"Proceedings of the tenth ACM SIGKDD international conference on knowledge discovery and data mining","first-page":"470","article-title":"Learning to detect malicious executables in the wild","author":"Kolter","year":"2004"},{"key":"10.1016\/j.cose.2013.08.008_bib18","series-title":"Proceedings of the 13th USENIX security symposium (security'04)","first-page":"1","article-title":"Static disassembly of obfuscated binaries","author":"Kruegel","year":"2004"},{"key":"10.1016\/j.cose.2013.08.008_bib19","series-title":"Proceeding of the ICDM '01","first-page":"1","article-title":"CMAR: accurate and efficient classification based on multiple class-association rules","author":"Li","year":"2001"},{"key":"10.1016\/j.cose.2013.08.008_bib20","series-title":"Proceedings of knowledge discovery and data mining (KDD '98)","first-page":"80","article-title":"Integrating classification and association rule mining","author":"Liu","year":"1998"},{"key":"10.1016\/j.cose.2013.08.008_bib21","series-title":"IEEE international conference on intelligence and security information","first-page":"371","article-title":"Malicious code detection and acquisition using active learning","author":"Moskovitch","year":"2007"},{"key":"10.1016\/j.cose.2013.08.008_bib22","series-title":"IEEE intelligence and security informatics","first-page":"156","article-title":"Unknown malcode detection via text categorization and the imbalance problem","author":"Moskovitch","year":"2008"},{"issue":"1","key":"10.1016\/j.cose.2013.08.008_bib23","doi-asserted-by":"crossref","first-page":"61","DOI":"10.1145\/1127345.1127348","article-title":"Anomalous system call detection","volume":"9","author":"Mutz","year":"2006","journal-title":"ACM Transaction on Information and System Security"},{"key":"10.1016\/j.cose.2013.08.008_bib24","author":"Peid"},{"key":"10.1016\/j.cose.2013.08.008_bib25","series-title":"The art of computer virus research and defense","first-page":"308","author":"Peter","year":"2005"},{"key":"10.1016\/j.cose.2013.08.008_bib26","series-title":"Proceedings of the IEEE symposium on security and privacy","first-page":"38","article-title":"Data mining methods for detection of new malicious executables","author":"Schultz","year":"2001"},{"issue":"1","key":"10.1016\/j.cose.2013.08.008_bib27","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1016\/j.istr.2009.03.003","article-title":"Detection of malicious code by applying machine learning classifiers on static features \u2013 a state-of-the-art survey","volume":"14","author":"Shabtai","year":"2009","journal-title":"Information Security Technical Report"},{"issue":"4","key":"10.1016\/j.cose.2013.08.008_bib28","doi-asserted-by":"crossref","first-page":"494","DOI":"10.1109\/TSMCC.2010.2068544","article-title":"F-sign: automatic, function-based signature generation for malware","volume":"41","author":"Shabtai","year":"2011","journal-title":"IEEE Transactions on Systems, Man and Cybernetics: Part C"},{"key":"10.1016\/j.cose.2013.08.008_bib29","series-title":"Proceedings of IEEE international conference on data mining (ICDM '02)","first-page":"426","article-title":"Objective-oriented utility-based association mining","author":"Shen","year":"2002"},{"key":"10.1016\/j.cose.2013.08.008_bib30","series-title":"Malware: fighting malicious code","first-page":"612","author":"Skoudis","year":"2003"},{"key":"10.1016\/j.cose.2013.08.008_bib31","series-title":"Proceedings of the 20th annual computer security applications conference (ACSAC '04)","first-page":"326","article-title":"Static analyzer of vicious executables (SAVE)","author":"Sung","year":"2004"},{"key":"10.1016\/j.cose.2013.08.008_bib32","author":"Symantec"},{"key":"10.1016\/j.cose.2013.08.008_bib33","series-title":"The second international conference on availability, reliability and security","first-page":"473","article-title":"Process profiling using frequencies of system calls","author":"Varghese","year":"2007"},{"key":"10.1016\/j.cose.2013.08.008_bib34","doi-asserted-by":"crossref","first-page":"323","DOI":"10.1007\/s11416-008-0082-4","article-title":"An intelligent PE-malware detection system based on association mining","volume":"4","author":"Ye","year":"2008","journal-title":"Journal in Computer Virology"},{"issue":"1","key":"10.1016\/j.cose.2013.08.008_bib35","doi-asserted-by":"crossref","first-page":"229","DOI":"10.1016\/S0031-3203(02)00026-2","article-title":"Host-based intrusion detection using dynamic and static behavioral models","volume":"36","author":"Yeung","year":"2003","journal-title":"Pattern Recognition"},{"key":"10.1016\/j.cose.2013.08.008_bib36","doi-asserted-by":"crossref","first-page":"3247","DOI":"10.1016\/j.neucom.2008.04.041","article-title":"High-order Markov kernels for intrusion detection","volume":"71","author":"Yin","year":"2008","journal-title":"Neurocomputing"},{"key":"10.1016\/j.cose.2013.08.008_bib37","series-title":"SIAM international conference on data mining","first-page":"1","article-title":"CPAR: classification based on predictive association rules","author":"Yin","year":"2003"},{"key":"10.1016\/j.cose.2013.08.008_bib38","series-title":"Proceedings of 2006 international joint conference on neural networks","first-page":"16","article-title":"Unknown malicious codes detection based on rough set theory and support vector machine","author":"Zhang","year":"2006"}],"container-title":["Computers &amp; Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0167404813001259?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0167404813001259?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2018,10,13]],"date-time":"2018-10-13T16:27:52Z","timestamp":1539448072000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0167404813001259"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,11]]},"references-count":38,"alternative-id":["S0167404813001259"],"URL":"https:\/\/doi.org\/10.1016\/j.cose.2013.08.008","relation":{},"ISSN":["0167-4048"],"issn-type":[{"value":"0167-4048","type":"print"}],"subject":[],"published":{"date-parts":[[2013,11]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"A fast malware detection algorithm based on objective-oriented association mining","name":"articletitle","label":"Article Title"},{"value":"Computers & Security","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.cose.2013.08.008","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"Copyright \u00a9 2013 Elsevier Ltd. All rights reserved.","name":"copyright","label":"Copyright"}]}}