{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,29]],"date-time":"2026-04-29T22:44:36Z","timestamp":1777502676305,"version":"3.51.4"},"reference-count":17,"publisher":"IEEE","license":[{"start":{"date-parts":[[2023,5,11]],"date-time":"2023-05-11T00:00:00Z","timestamp":1683763200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2023,5,11]],"date-time":"2023-05-11T00:00:00Z","timestamp":1683763200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023,5,11]]},"DOI":"10.1109\/isdfs58141.2023.10131728","type":"proceedings-article","created":{"date-parts":[[2023,5,26]],"date-time":"2023-05-26T17:30:36Z","timestamp":1685122236000},"page":"1-5","source":"Crossref","is-referenced-by-count":12,"title":["Effectiveness of Multiple Memory-Images in detecting Fileless Malware"],"prefix":"10.1109","author":[{"given":"Swapna","family":"Mele Pottaraikkal","sequence":"first","affiliation":[{"name":"Amrita Vishwa Vidyapeetham,Centre for Cybersecurity Systems and Networks,Amritapuri,India"}]},{"given":"Akash","family":"Sujeer Sugatha","sequence":"additional","affiliation":[{"name":"Amrita Vishwa Vidyapeetham,Centre for Cybersecurity Systems and Networks,Amritapuri,India"}]}],"member":"263","reference":[{"key":"ref13","first-page":"41287","article-title":"A survey on memory forensics techniques","volume":"7","author":"silva","year":"2019","journal-title":"IEEE Access"},{"key":"ref12","year":"2018","journal-title":"Virustotal - Kronos sample"},{"key":"ref15","first-page":"416","article-title":"Detecting hidden user-mode rootkits in memory by Volatility","author":"tung","year":"2017","journal-title":"2017 IEEE 2nd International Conference on Cloud Computing and Big Data Analysis(ICCCBDA)"},{"key":"ref14","first-page":"743","article-title":"Windows memory forensics: Detecting efficiently external code injection in processes","author":"velazco","year":"2018","journal-title":"2018 IEEE 9th Annual Information Technology Electronics and Mobile Communication Conference (IEMCON)"},{"key":"ref11","year":"2018","journal-title":"Virustotal - Ghostminer sample"},{"key":"ref10","first-page":"1156","article-title":"FLARE: Hybrid Analysis for Detection of Fileless Malware","author":"park","year":"2020","journal-title":"Proceedings of the 2020 IEEE Symposium on Security and Privacy (SP)"},{"key":"ref2","first-page":"567","article-title":"Detecting Fileless Malware Using Machine Learning and Dynamic Analysis","volume":"2","author":"nguyen","year":"2019","journal-title":"2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC)"},{"key":"ref1","article-title":"APT trends report Q1 2019","author":"lab","year":"2019"},{"key":"ref17","year":"0","journal-title":"FRWS-USA-2019 research’s highlighted Ptenum plugin repository"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2019.04.008"},{"key":"ref8","first-page":"3816","article-title":"Reconstructing Execution History of Malicious Processes Using Multiple Memory Snapshots","volume":"16","author":"huang","year":"2021","journal-title":"IEEE Transactions on Information Forensics and Security"},{"key":"ref7","first-page":"573","article-title":"SIMF: A Framework for Detecting Sophisticated Memory-based Malware","author":"xu","year":"2019","journal-title":"Proceedings of the 34th Annual Computer Security Applications Conference (ACSAC)"},{"key":"ref9","first-page":"1601","article-title":"VMHunt: A Verifiable Approach to Partially-Virtualized Binary Code Simplification","author":"zhao","year":"2017","journal-title":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS)"},{"key":"ref4","first-page":"735","article-title":"OpCodeSeer: Detecting Fileless Malware by Building Memory-Based API Call Graphs","volume":"26","author":"santos","year":"2018","journal-title":"Journal of Computer Security"},{"key":"ref3","first-page":"57","article-title":"Fileless Malware: The Next Step in Cyber Stealth Technology","volume":"54","author":"alazab","year":"2021","journal-title":"IEEE Computer"},{"key":"ref6","author":"ligh","year":"2014","journal-title":"The Art of Memory Forensics Detecting Malware and Threats in Windows Linux and Mac Memory"},{"key":"ref5","first-page":"441","article-title":"A deep learning-based approach for detecting fileless malware","volume":"16","author":"ahmadi","year":"2020","journal-title":"Journal of Computer Virology and Hacking Techniques"}],"event":{"name":"2023 11th International Symposium on Digital Forensics and Security (ISDFS)","location":"Chattanooga, TN, USA","start":{"date-parts":[[2023,5,11]]},"end":{"date-parts":[[2023,5,12]]}},"container-title":["2023 11th International Symposium on Digital Forensics and Security (ISDFS)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10131120\/10131673\/10131728.pdf?arnumber=10131728","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,6,12]],"date-time":"2023-06-12T17:56:15Z","timestamp":1686592575000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10131728\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,5,11]]},"references-count":17,"URL":"https:\/\/doi.org\/10.1109\/isdfs58141.2023.10131728","relation":{},"subject":[],"published":{"date-parts":[[2023,5,11]]}}}