{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,22]],"date-time":"2025-03-22T10:14:16Z","timestamp":1742638456527},"reference-count":29,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015,8]]},"DOI":"10.1109\/chinacom.2015.7497952","type":"proceedings-article","created":{"date-parts":[[2016,6,25]],"date-time":"2016-06-25T11:35:21Z","timestamp":1466854521000},"page":"283-288","source":"Crossref","is-referenced-by-count":4,"title":["Mal-EVE: Static detection model for evasive malware"],"prefix":"10.1109","author":[{"given":"Charles","family":"Lim","sequence":"first","affiliation":[]},{"family":"Nicsen","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/ISI.2009.5137328"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.14257\/ijsia.2013.7.5.24"},{"key":"ref12","first-page":"31","article-title":"Lessons learned from an investigation into the analysis avoidance techniques of malicious software","author":"brand","year":"2010","journal-title":"8th Australian Digital Forensics Conference"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2008.4630086"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/ICPADS.2011.78"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1145\/2689702.2689704"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-75496-1_1"},{"key":"ref17","first-page":"6","article-title":"Compatibility is not transparency: Vmm detection myths and realities","author":"garfinkel","year":"2007","journal-title":"Proceedings of the 11th USENIX workshop on Hot topics in operating systems USENIX Association"},{"key":"ref18","article-title":"Attacks on more virtual machine emulators","author":"ferrie","year":"2007","journal-title":"Symantec Technology Exchange"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-012-0165-0"},{"key":"ref28","first-page":"99","article-title":"The study of evasion of packed pe from static detection","author":"baig","year":"2012","journal-title":"Internet Security (WorldCIS) 2012 World Congress on"},{"journal-title":"Practical Malware Analysis The Hands-On Guide to Dissecting Malicious Software","year":"2012","author":"sikorski","key":"ref4"},{"year":"2014","key":"ref27","article-title":"VirusSign"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4614-5523-3_3"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-87403-4_6"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1007\/978-94-007-6818-5_21"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/TIME-E.2014.7011581"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1016\/j.patrec.2008.06.016"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.7763\/IJCTE.2012.V4.512"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2012.65"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/2030376.2030379"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1145\/2522968.2522972"},{"key":"ref20","article-title":"Scientific but not academical overview of malware anti-debugging, anti-disassembly and anti-vm technologies","author":"branco","year":"2012","journal-title":"Black hat Technical Security Conf (Las Vegas Nevada)"},{"year":"2014","key":"ref22","article-title":"PEiD - a detector for PE files"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-35795-4_55"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.48"},{"key":"ref23","first-page":"80","article-title":"Inside windows-an in-depth look into the win32 portable executable file format","author":"pietrek","year":"2002","journal-title":"MSDN Magazine"},{"article-title":"PYEW - A Python tool for static malware analysis","year":"2015","author":"koret","key":"ref26"},{"year":"2015","key":"ref25","article-title":"Windows API"}],"event":{"name":"2015 10th International Conference on Communications and Networking in China (ChinaCom)","start":{"date-parts":[[2015,8,15]]},"location":"Shanghai, China","end":{"date-parts":[[2015,8,17]]}},"container-title":["2015 10th International Conference on Communications and Networking in China (ChinaCom)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/7492447\/7497894\/07497952.pdf?arnumber=7497952","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,3,17]],"date-time":"2017-03-17T21:15:52Z","timestamp":1489785352000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/7497952\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,8]]},"references-count":29,"URL":"https:\/\/doi.org\/10.1109\/chinacom.2015.7497952","relation":{},"subject":[],"published":{"date-parts":[[2015,8]]}}}