{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,25]],"date-time":"2026-03-25T16:26:27Z","timestamp":1774455987165,"version":"3.50.1"},"reference-count":31,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1109\/aina.2010.121","type":"proceedings-article","created":{"date-parts":[[2010,6,8]],"date-time":"2010-06-08T14:47:27Z","timestamp":1276008447000},"page":"721-728","source":"Crossref","is-referenced-by-count":32,"title":["A Fast Flowgraph Based Classification System for Packed and Polymorphic Malware on the Endhost"],"prefix":"10.1109","author":[{"given":"Silvio","family":"Cesare","sequence":"first","affiliation":[]},{"given":"Yang","family":"Xiang","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref31","article-title":"Unpacking virtualization obfuscators","author":"rolles","year":"2009","journal-title":"USENIX Workshop on Offensive Technologies (WOOT)"},{"key":"ref30","author":"sharif","year":"2009","journal-title":"Rotalume A tool for automatic reverse engineering of malware emulators"},{"key":"ref10","first-page":"1047","author":"ye","year":"2007","journal-title":"Imds Intelligent Malware Detection System"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-005-0002-9"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2008.22"},{"key":"ref13","author":"boehne","year":"2008","journal-title":"Pandora's Bochs Automatic Unpacking of Malware"},{"key":"ref14","first-page":"294","article-title":"An automated virus classification system","author":"gheorghescu","year":"2005","journal-title":"Virus Bulletin Conference"},{"key":"ref15","article-title":"Graph-based comparison of executable objects (english version)","author":"dullien","year":"2005","journal-title":"SSTIC"},{"key":"ref16","first-page":"1","article-title":"Graphs, entropy and grid computing: Automatic comparison of malware","author":"briones","year":"2008","journal-title":"Virus Bulletin Conference"},{"key":"ref17","year":"0","journal-title":"Vxclass"},{"key":"ref18","doi-asserted-by":"crossref","first-page":"238","DOI":"10.1007\/978-3-540-88625-9_16","article-title":"Binhunt: Automatically finding semantic differences in binary programs","author":"gao","year":"2008","journal-title":"Information and Communications Security"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653736"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1093\/comjnl\/23.3.223"},{"key":"ref4","first-page":"187","article-title":"Digital genome mapping-advanced binary malware analysis","author":"carrera","year":"2004","journal-title":"Virus Bulletin Conference"},{"key":"ref27","year":"2009"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1145\/360825.360855"},{"key":"ref6","first-page":"289","article-title":"Polyunpack: Automating the hidden-code extraction of unpack-executing malware","author":"royal","year":"2006","journal-title":"Computer Security Applications Conference"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2007.15"},{"key":"ref5","doi-asserted-by":"crossref","first-page":"207","DOI":"10.1007\/11663812_11","article-title":"Polymorphic worm detection using structural information of executables","volume":"3858","author":"kruegel","year":"2006","journal-title":"Lecture Notes in Computer Science"},{"key":"ref8","article-title":"Improving proactive detection of packed malware","author":"stepan","year":"2006","journal-title":"Virus Bulletin Conference"},{"key":"ref7","year":"2007","journal-title":"Mal(ware)formation statistics&#x2014;panda research blog"},{"key":"ref2","first-page":"178","author":"kephart","year":"1994","journal-title":"Automatic extraction of computer virus signatures"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/1014052.1014105"},{"key":"ref1","first-page":"101","author":"griffin","year":"2009","journal-title":"Automatic generation of string signatures for malware detection"},{"key":"ref20","article-title":"Classification of malware using structured control flow","author":"cesare","year":"2010","journal-title":"8th Australasian Symposium on Parallel and Distributed Computing (AusPDC 2010)"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.48"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2008.4690851"},{"key":"ref24","author":"salton","year":"1983","journal-title":"Introduction to Modern Information Retrieval"},{"key":"ref23","first-page":"18","article-title":"Static disassembly of obfuscated binaries","author":"kruegel","year":"2004","journal-title":"USENIX Security Symposium"},{"key":"ref26","year":"2009"},{"key":"ref25","first-page":"311","article-title":"Data structures and algorithms for nearest neighbor search in general metric spaces","author":"peter","year":"1993","journal-title":"Proceedings of the fourth annual ACM-SIAM Symposium on Discrete Algorithms"}],"event":{"name":"2010 24th IEEE International Conference on Advanced Information Networking and Applications","location":"Perth, Australia","start":{"date-parts":[[2010,4,20]]},"end":{"date-parts":[[2010,4,23]]}},"container-title":["2010 24th IEEE International Conference on Advanced Information Networking and Applications"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/5473893\/5474664\/05474800.pdf?arnumber=5474800","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,29]],"date-time":"2019-05-29T18:54:42Z","timestamp":1559156082000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/5474800\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"references-count":31,"URL":"https:\/\/doi.org\/10.1109\/aina.2010.121","relation":{},"subject":[],"published":{"date-parts":[[2010]]}}}