{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T19:00:22Z","timestamp":1772046022488,"version":"3.50.1"},"reference-count":47,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018,6]]},"DOI":"10.1109\/cybersa.2018.8551432","type":"proceedings-article","created":{"date-parts":[[2018,11,30]],"date-time":"2018-11-30T00:11:06Z","timestamp":1543536666000},"page":"1-9","source":"Crossref","is-referenced-by-count":3,"title":["Cluster analysis for deobfuscation of malware variants during ransomware attacks"],"prefix":"10.1109","author":[{"given":"Anthony","family":"Arrott","sequence":"first","affiliation":[]},{"given":"Arun","family":"Lakhotia","sequence":"additional","affiliation":[]},{"given":"Ferenc","family":"Leitold","sequence":"additional","affiliation":[]},{"given":"Charles","family":"LeDoux","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref39","year":"2018","journal-title":"Sigma Ransomware Enigma Threat Database"},{"key":"ref38","year":"2018","journal-title":"Russenger Ransomware Enigma Threat Database"},{"key":"ref33","year":"2018","journal-title":"Cerber Ransomware Enigma Threat Database"},{"key":"ref32","year":"2018","journal-title":"Crypto-Blocker Ransomware Enigma Threat Database"},{"key":"ref31","year":"2018","journal-title":"Cerber Ransomware Enigma Threat Database"},{"key":"ref30","year":"2018","journal-title":"BTCamant Ransomware Enigma Threat Database"},{"key":"ref37","year":"2018","journal-title":"Ransomlock Ransomware Enigma Threat Database"},{"key":"ref36","year":"2018","journal-title":"Petya Ransomware Enigma Threat Database"},{"key":"ref35","year":"2018","journal-title":"Petya Ransomware Enigma Threat Database"},{"key":"ref34","year":"2018","journal-title":"Globe Imposter Ransomware Enigma Threat Database"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1996.502676"},{"key":"ref40","year":"2018","journal-title":"UmbreCrypt Ransomware Enigma Threat Database"},{"key":"ref11","first-page":"4","article-title":"Ransomware attacks pose growing threat","volume":"63","author":"tuttle","year":"2016","journal-title":"Risk Management"},{"key":"ref12","author":"morgan","year":"2017","journal-title":"Cybercrime Report Cybersecurity Ventures"},{"key":"ref13","article-title":"Locky ransomware statistics: Geos targeted, amounts paid, spread volumes, and much more","author":"balaban","year":"2016","journal-title":"Smart Data Collective"},{"key":"ref14","year":"2016","journal-title":"Office 365 Security and Compliance"},{"key":"ref15","author":"leitold","year":"2014","journal-title":"Component Protection Metrics for Security Product Development CheckVir Endpoint Test Battery"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/CyberSA.2017.8073407"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/CyberSA.2017.8073394"},{"key":"ref18","year":"2018","journal-title":"Enigma Threat Database"},{"key":"ref19","article-title":"Karim Md Enamul, assignee. Phylogeny generation","author":"lakhotia","year":"2011","journal-title":"United States Patent US"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2013.6703682"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/IKT.2013.6620049"},{"key":"ref27","article-title":"A brief study of Wannacry threat: Ransomware attack 2017","volume":"8","author":"mohurle","year":"2017","journal-title":"International Journal"},{"key":"ref3","first-page":"101","article-title":"Automatic generation of string signatures for malware detection","author":"griffin","year":"2009","journal-title":"International workshop on recent advances in intrusion detection 2009 Sep 23"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1080\/14697688.2013.800219"},{"key":"ref29","year":"2018","journal-title":"Use cases for malware signature generation"},{"key":"ref5","article-title":"The evolution of malware and the threat landscape – a 10-year review","year":"2012","journal-title":"Microsoft Security Intelligence Report Special Edition"},{"key":"ref8","author":"hadarics","year":"2017","journal-title":"Mathematical Model of Distributed Vulnerability Assessment"},{"key":"ref7","article-title":"Quantifying cyber-threat vulnerability by combining threat intelligence, IT infrastructure weakness, and user susceptibility","author":"leitold","year":"0","journal-title":"24th Annual EICAR Conference"},{"key":"ref2","article-title":"Next generation threats exposed, 2016","author":"lonas","year":"0","journal-title":"Webroot Threat Brief"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-08624-8_1"},{"key":"ref1","first-page":"744","article-title":"Survey on malware evasion techniques: State of the art and challenges","author":"marpaung","year":"2012","journal-title":"2012 14th International Conference on Advanced Communication Technology (ICACT) ICACT"},{"key":"ref46","year":"2017","journal-title":"Measuring cloud-based anti-malware protection for Office 365 user accounts"},{"key":"ref20","doi-asserted-by":"crossref","first-page":"73","DOI":"10.1145\/1179542.1179558","article-title":"Using engine signature to detect metamorphic malware","author":"chouchane","year":"2006","journal-title":"Proceedings of the 4th ACM workshop on Recurring malcode  - WORM '06"},{"key":"ref45","year":"2017","journal-title":"Comparative efficiency assessment of enterprise security suites against in-the-wild ransomware"},{"key":"ref22","first-page":"187","article-title":"Digital genome mapping: advanced binary malware analysis","author":"carrera","year":"2004","journal-title":"Virus Bulletin Conference 2004"},{"key":"ref47","year":"2017","journal-title":"VB100 Reactive and Proactive (RAP) Tests"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653736"},{"key":"ref42","year":"2017","journal-title":"Whole Product Dynamic “Real-World” Protection Test"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLA.2012.70"},{"key":"ref41","year":"2018","journal-title":"WannaCryptor Ransomware Enigma Threat Database"},{"key":"ref23","article-title":"University of Louisiana at Lafayette, assignee. System and method for identifying and comparing code by semantic abstractions","author":"lakhotia","year":"0","journal-title":"United States Patent Application"},{"key":"ref44","year":"2017","journal-title":"Protection against 0-day malware attacks inclusive of web and e-mail threats (Real-World Testing)"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2012.6461006"},{"key":"ref43","year":"2017","journal-title":"Protection test against ransomware threats – software for home and SMB company"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/2430553.2430558"}],"event":{"name":"2018 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)","location":"Glasgow, UK","start":{"date-parts":[[2018,6,11]]},"end":{"date-parts":[[2018,6,12]]}},"container-title":["2018 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8536739\/8551360\/08551432.pdf?arnumber=8551432","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,27]],"date-time":"2022-01-27T15:18:04Z","timestamp":1643296684000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8551432\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,6]]},"references-count":47,"URL":"https:\/\/doi.org\/10.1109\/cybersa.2018.8551432","relation":{},"subject":[],"published":{"date-parts":[[2018,6]]}}}