{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,4]],"date-time":"2026-02-04T17:05:53Z","timestamp":1770224753605,"version":"3.49.0"},"reference-count":15,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018,6]]},"DOI":"10.1109\/iscc.2018.8538691","type":"proceedings-article","created":{"date-parts":[[2018,11,20]],"date-time":"2018-11-20T01:49:31Z","timestamp":1542678571000},"page":"00825-00831","source":"Crossref","is-referenced-by-count":13,"title":["PSDEM: A Feasible De-Obfuscation Method for Malicious PowerShell Detection"],"prefix":"10.1109","author":[{"given":"Chao","family":"Liu","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Bin","family":"Xia","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Min","family":"Yu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yunzheng","family":"Liu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420987"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/3098954.3107009"},{"key":"ref12","author":"dechaux","year":"2010","journal-title":"Office Documents New Weapons of Cyberwarfare"},{"key":"ref13","year":"2014"},{"key":"ref14","year":"0","journal-title":"VirusTotal"},{"key":"ref15","year":"0","journal-title":"VirusShare"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2016.2631905"},{"key":"ref3","year":"2016","journal-title":"Ionut Arghire"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/CC.2014.6911083"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/Trustcom\/BigDataSE\/ICESS.2017.240"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2013.166"},{"key":"ref7","first-page":"183","article-title":"ShellOS: Enabling fast detection and forensic analysis of code injection attacks","author":"snow","year":"2011","journal-title":"Proceedings of the 20th USENIX Security Symposium"},{"key":"ref2","first-page":"1","year":"2016","journal-title":"The increased use of PowerShell in attacks"},{"key":"ref1","first-page":"53","year":"2017"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2014.92"}],"event":{"name":"2018 IEEE Symposium on Computers and Communications (ISCC)","location":"Natal","start":{"date-parts":[[2018,6,25]]},"end":{"date-parts":[[2018,6,28]]}},"container-title":["2018 IEEE Symposium on Computers and Communications (ISCC)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8510755\/8538441\/08538691.pdf?arnumber=8538691","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,27]],"date-time":"2022-01-27T04:49:08Z","timestamp":1643258948000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8538691\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,6]]},"references-count":15,"URL":"https:\/\/doi.org\/10.1109\/iscc.2018.8538691","relation":{},"subject":[],"published":{"date-parts":[[2018,6]]}}}