{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,30]],"date-time":"2026-01-30T05:24:58Z","timestamp":1769750698435,"version":"3.49.0"},"reference-count":35,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/OAPA.html"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Access"],"published-print":{"date-parts":[[2018]]},"DOI":"10.1109\/access.2018.2884964","type":"journal-article","created":{"date-parts":[[2018,12,7]],"date-time":"2018-12-07T20:21:54Z","timestamp":1544214114000},"page":"78321-78332","source":"Crossref","is-referenced-by-count":53,"title":["Detection and Elimination of Spyware and Ransomware by Intercepting Kernel-Level System Routines"],"prefix":"10.1109","volume":"6","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-7275-2370","authenticated-orcid":false,"given":"Danial","family":"Javaheri","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1088-4551","authenticated-orcid":false,"given":"Mehdi","family":"Hosseinzadeh","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8641-6119","authenticated-orcid":false,"given":"Amir Masoud","family":"Rahmani","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref33","year":"2018","journal-title":"Adminus Malware Database"},{"key":"ref32","year":"2016","journal-title":"Virus Sign Malware Data Base"},{"key":"ref31","first-page":"99","author":"schreiber","year":"2001","journal-title":"Undocumented Windows 2000 Secrets A Programmer's Cookbook"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-011-0157-5"},{"key":"ref35","first-page":"119","author":"tanenbaum","year":"2015","journal-title":"Modern Operating Systems"},{"key":"ref34","first-page":"587","author":"silberschatz","year":"2013","journal-title":"Operating System Concepts"},{"key":"ref10","year":"2018","journal-title":"AV-Test IT Security Insstitute"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2015.2458581"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2018.2853121"},{"key":"ref13","doi-asserted-by":"crossref","first-page":"471","DOI":"10.1002\/nem.1913","article-title":"Incorporating known malware signatures to classify new malware variants in network traffic","volume":"25","author":"ismail","year":"2016","journal-title":"Int J Netw Manage"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2004.05.027"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2017.2749538"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1049\/iet-ifs.2014.0099"},{"key":"ref17","year":"2016","journal-title":"2016 Internet Security Threat Report"},{"key":"ref18","article-title":"Propose an optimal and transparent framework for automatic malware analysis","author":"ourimi","year":"2014"},{"key":"ref19","article-title":"Design and implementation of a behavior-based method for malware detection","author":"lajevardi","year":"2013"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1007\/s11277-017-4859-y"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1155\/2018\/7247095"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2017.11.010"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1002\/dac.3225"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1155\/2017\/5360472"},{"key":"ref29","first-page":"194","article-title":"Software protection through dynamic code mutation","author":"madou","year":"2005","journal-title":"Proc Int Workshop Inf Secur Appl"},{"key":"ref5","year":"2017","journal-title":"Kaspersky Lab Report"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2017.2720160"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2018.2792941"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1080\/08874417.2015.11645769"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2016.2636078"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1016\/j.clsr.2017.05.016"},{"key":"ref20","first-page":"489","author":"petzold","year":"2013","journal-title":"Programming Windows"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1007\/s11277-014-2136-x"},{"key":"ref21","doi-asserted-by":"crossref","first-page":"646","DOI":"10.1016\/j.jnca.2012.10.004","article-title":"Classification of malware based on integrated static and dynamic features","volume":"36","author":"islam","year":"2013","journal-title":"J Netw Comput Appl"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1016\/j.jcss.2014.12.014"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1155\/2015\/769624"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1631\/FITEE.1601325"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2015.2491300"}],"container-title":["IEEE Access"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6287639\/8274985\/08566151.pdf?arnumber=8566151","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,27]],"date-time":"2022-01-27T15:26:11Z","timestamp":1643297171000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8566151\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"references-count":35,"URL":"https:\/\/doi.org\/10.1109\/access.2018.2884964","relation":{},"ISSN":["2169-3536"],"issn-type":[{"value":"2169-3536","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018]]}}}