{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,14]],"date-time":"2025-05-14T06:44:11Z","timestamp":1747205051992},"reference-count":37,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017,8]]},"DOI":"10.1109\/desec.2017.8073803","type":"proceedings-article","created":{"date-parts":[[2017,10,25]],"date-time":"2017-10-25T15:22:28Z","timestamp":1508944948000},"page":"123-130","source":"Crossref","is-referenced-by-count":2,"title":["The dose makes the poison \u2014 Leveraging uncertainty for effective malware detection"],"prefix":"10.1109","author":[{"given":"Ruimin","family":"Sun","sequence":"first","affiliation":[]},{"given":"Xiaoyong","family":"Yuan","sequence":"additional","affiliation":[]},{"given":"Andrew","family":"Lee","sequence":"additional","affiliation":[]},{"given":"Matt","family":"Bishop","sequence":"additional","affiliation":[]},{"given":"Donald E.","family":"Porter","sequence":"additional","affiliation":[]},{"given":"Xiaolin","family":"Li","sequence":"additional","affiliation":[]},{"given":"Andre","family":"Gregio","sequence":"additional","affiliation":[]},{"given":"Daniela","family":"Oliveira","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref33","article-title":"Red Teaming Experiments with Deception Technologies","author":"cohen","year":"2001","journal-title":"The Iaido Newsletter"},{"key":"ref32","article-title":"Phase II Report on Intelligent Software Decoys: Counterintelligence and Security Countermeasures","author":"michael","year":"2004","journal-title":"Technical Report"},{"journal-title":"Honeypots Tracking Hackers","year":"0","author":"spitzner","key":"ref31"},{"article-title":"Mitigating buffer overflows by operating system randomization","year":"2002","author":"chew","key":"ref30"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1109\/ISSRE.2016.18"},{"key":"ref36","article-title":"The case for less preditable operating system behavior","author":"sun","year":"2015","journal-title":"Proceedings of Workshop on Hot Topics in Operating Systems (HotOS)"},{"key":"ref35","first-page":"31","article-title":"Inconsistency in deception for defense","author":"neagoe","year":"0"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1145\/2683467.2683482"},{"journal-title":"Gnu Project","year":"0","key":"ref10"},{"journal-title":"SPEC CPU 2006 https \/\/www spec org\/cpu2006\/","year":"0","key":"ref11"},{"journal-title":"Phoronix test suite","year":"0","key":"ref12"},{"journal-title":"THC the hacker's choice","year":"0","key":"ref13"},{"journal-title":"VirusShare","year":"0","key":"ref14"},{"journal-title":"Gcov","year":"0","key":"ref15"},{"journal-title":"EMMA A free Java code coverage tool","year":"0","key":"ref16"},{"year":"0","key":"ref17"},{"journal-title":"The black vine cyberespionage group","year":"0","key":"ref18"},{"journal-title":"Logkeys ubuntu","year":"0","key":"ref19"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.25"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.1998.738566"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1109\/HOTOS.1997.595185"},{"journal-title":"An Application of Pattern Matching in Intrusion Detection","year":"1994","author":"kumar","key":"ref3"},{"journal-title":"Modern malware exposed","year":"0","key":"ref6"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1007\/s10710-013-9195-8"},{"journal-title":"Bromium end point protection","year":"0","key":"ref5"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/2901318.2901341"},{"journal-title":"The modern malware review","year":"0","key":"ref7"},{"journal-title":"Email Attacks This Time It's Personal","year":"0","key":"ref2"},{"journal-title":"Security-Enhanced Linux","year":"0","key":"ref9"},{"journal-title":"Advanced Persistent Threat Hacking The Art and Science of Hacking Any Organization","year":"2014","author":"wrightson","key":"ref1"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1996.502675"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866353"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.20"},{"key":"ref24","doi-asserted-by":"crossref","first-page":"78","DOI":"10.1007\/978-3-540-87403-4_5","article-title":"A layered architecture for detecting malicious behaviors","author":"martignoni","year":"2008","journal-title":"Proceedings of the 11th International Symposium on Recent Advances in Intrusion Detection Ser RAID '08"},{"key":"ref23","doi-asserted-by":"crossref","first-page":"116","DOI":"10.1145\/1315245.1315261","article-title":"Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis","author":"yin","year":"2007","journal-title":"ACM CCS'07"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1145\/2020408.2020448"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455779"}],"event":{"name":"2017 IEEE Conference on Dependable and Secure Computing","start":{"date-parts":[[2017,8,7]]},"location":"Taipei, Taiwan","end":{"date-parts":[[2017,8,10]]}},"container-title":["2017 IEEE Conference on Dependable and Secure Computing"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8053489\/8073795\/08073803.pdf?arnumber=8073803","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,5]],"date-time":"2019-10-05T00:37:00Z","timestamp":1570235820000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/8073803\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,8]]},"references-count":37,"URL":"https:\/\/doi.org\/10.1109\/desec.2017.8073803","relation":{},"subject":[],"published":{"date-parts":[[2017,8]]}}}