{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,8]],"date-time":"2025-07-08T05:10:02Z","timestamp":1751951402970,"version":"3.41.2"},"reference-count":64,"publisher":"IEEE","license":[{"start":{"date-parts":[[2025,5,5]],"date-time":"2025-05-05T00:00:00Z","timestamp":1746403200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,5,5]],"date-time":"2025-05-05T00:00:00Z","timestamp":1746403200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/100000001","name":"NSF","doi-asserted-by":"publisher","award":["2312185,2417055"],"award-info":[{"award-number":["2312185,2417055"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100007875","name":"Tulane University","doi-asserted-by":"publisher","award":["P116Z230151"],"award-info":[{"award-number":["P116Z230151"]}],"id":[{"id":"10.13039\/100007875","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,5,5]]},"DOI":"10.1109\/host64725.2025.11050036","type":"proceedings-article","created":{"date-parts":[[2025,7,7]],"date-time":"2025-07-07T17:47:34Z","timestamp":1751910454000},"page":"346-357","source":"Crossref","is-referenced-by-count":0,"title":["Low-Entropy Packed Binary Detection via Accurate Hardware Events Profiling"],"prefix":"10.1109","author":[{"given":"Erika","family":"Leal","sequence":"first","affiliation":[{"name":"Baylor University"}]},{"given":"Mengfei","family":"Ren","sequence":"additional","affiliation":[{"name":"University of Alabama in Huntsville"}]},{"given":"Shijia","family":"Li","sequence":"additional","affiliation":[{"name":"China Electronics Corporation"}]},{"given":"Jiang","family":"Ming","sequence":"additional","affiliation":[{"name":"Tulane University"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2008.126"},{"key":"ref2","article-title":"Obfuscation: The Hidden Malware","author":"OKane","year":"2011","journal-title":"IEEE S&P \u201911"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.48"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2017.19"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.48"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/CSA.2009.5404211"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24297"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/CCNC.2012.6181079"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455779"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-15512-3_17"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813627"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-60876-1_4"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1145\/2522968.2522972"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.46"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.2976559"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1145\/2463209.2488831"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1145\/2103799.2103807"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1145\/2508148.2485970"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/3203422.3203433"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11379-1_6"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1145\/3196494.3196515"},{"article-title":"Nearly 70 % of Packed Windows System files are labeled as Malware","year":"2013","author":"Nataraj","key":"ref22"},{"issue":"2","key":"ref23","first-page":"25","article-title":"Encoded executable file detection technique via executable file header analysis","volume":"2","author":"Choi","year":"2009","journal-title":"International Journal of Hybrid Information Technology"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.48"},{"year":"2022","key":"ref25","article-title":"Detect It Easy"},{"year":"2022","key":"ref26","article-title":"Manalyze"},{"year":"2022","key":"ref27","article-title":"Pefile"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1145\/356989.357008"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/258916.258924"},{"article-title":"Bypassing modern sandbox technologies an experiment on sandbox evasion techniques","year":"2016","author":"Lundsg\u00e5rd","key":"ref30"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243771"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1145\/1831708.1831722"},{"year":"2023","key":"ref33","article-title":"Intel VTune Profiler"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00021"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1109\/IISWC.2008.4636099"},{"key":"ref36","article-title":"Can Hardware Performance Counters Produce Expected, Deterministic Results?","volume-title":"FHPM \u201910","author":"Weaver","year":"2010"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1109\/ICCKE.2014.6993402"},{"volume-title":"Scikit","year":"2023","key":"ref38"},{"volume-title":"jupyterlab","year":"2023","key":"ref39"},{"volume-title":"pandas","year":"2023","key":"ref40"},{"volume-title":"packing-box dataset-packed-pe","year":"2022","key":"ref41"},{"volume-title":"download.com","year":"2022","key":"ref42"},{"volume-title":"DikeDataset","year":"2020","author":"Iosif","key":"ref43"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1017\/s0269888910000056"},{"key":"ref45","first-page":"616","article-title":"Tackling the poor assumptions of naive bayes text classifiers","volume-title":"ser. ICML\u201903. AAAI Press","author":"Rennie","year":"2003"},{"volume-title":"PEiD","year":"2022","key":"ref46"},{"article-title":"PEiDpython","year":"2022","author":"D\u2019Hondt","key":"ref47"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.05.007"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-14081-5_23"},{"issue":"8","key":"ref50","doi-asserted-by":"crossref","first-page":"e5082","DOI":"10.1002\/cpe.5082","article-title":"Packer identification method based on byte sequences","volume":"32","author":"Jung","year":"2020","journal-title":"Concurrency and Computation: Practice and Experience"},{"issue":"14","key":"ref51","doi-asserted-by":"crossref","first-page":"1941","DOI":"10.1016\/j.patrec.2008.06.016","article-title":"Classification of packed executables for accurate computer virus detection","volume":"29","author":"Perdisci","year":"2008","journal-title":"Pattern Recognition Letters"},{"volume-title":"Journal in Computer Virology and Hacking Techniques","key":"ref52","article-title":"Yara: The pattern matching swiss knife for malware researchers"},{"volume-title":"Clam antivirus","key":"ref53"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1145\/3291061"},{"volume-title":"Free Online Virus, Malware, and URL Scanner","key":"ref55"},{"volume-title":"Exeinfo pe","key":"ref56"},{"key":"ref57","article-title":"When Malware is Packing Heat","volume-title":"USENIX Enigma 2018","author":"Vigna","year":"2018"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-61078-4_3"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC.2019.00117"},{"volume-title":"Cuckoo sanbox, howpublished","key":"ref60"},{"issue":"3","key":"ref61","doi-asserted-by":"crossref","DOI":"10.3390\/e19030125","article-title":"Packer detection for multi-layer executables using entropy analysis","volume":"19","author":"Bat-Erdene","year":"2017","journal-title":"Entropy"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-016-0330-4"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3052999"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1145\/2857055"}],"event":{"name":"2025 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","start":{"date-parts":[[2025,5,5]]},"location":"San Jose, CA, USA","end":{"date-parts":[[2025,5,8]]}},"container-title":["2025 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/11050019\/11050011\/11050036.pdf?arnumber=11050036","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,8]],"date-time":"2025-07-08T04:45:52Z","timestamp":1751949952000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11050036\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,5,5]]},"references-count":64,"URL":"https:\/\/doi.org\/10.1109\/host64725.2025.11050036","relation":{},"subject":[],"published":{"date-parts":[[2025,5,5]]}}}