{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,4,5]],"date-time":"2025-04-05T18:25:24Z","timestamp":1743877524134},"reference-count":25,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009,10]]},"DOI":"10.1109\/malware.2009.5403017","type":"proceedings-article","created":{"date-parts":[[2010,2,12]],"date-time":"2010-02-12T09:31:47Z","timestamp":1265967107000},"page":"55-62","source":"Crossref","is-referenced-by-count":7,"title":["Server-side dynamic code analysis"],"prefix":"10.1109","author":[{"given":"Wadie","family":"Guizani","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jean-Yves","family":"Marion","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Daniel","family":"Reynaud-Plantey","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref10","article-title":"Security applications for emulation","author":"cesare","year":"2008","journal-title":"Rux-con"},{"article-title":"Attacks on virtual machine emulators","year":"0","author":"ferrie","key":"ref11"},{"journal-title":"Anti-unpacker tricks","year":"2008","author":"ferrie","key":"ref12"},{"key":"ref13","article-title":"Formal model proposal for (malware) program stealth","author":"filiol","year":"2007","journal-title":"Virus Bulletin"},{"key":"ref14","article-title":"Generic unpacking - how to handle modified or unknown pe compression engines?","author":"graf","year":"2005","journal-title":"Virus Bulletin"},{"key":"ref15","doi-asserted-by":"crossref","first-page":"98","DOI":"10.1007\/978-3-540-87403-4_6","article-title":"A study of the packer problem and its solutions","author":"guo","year":"2008","journal-title":"In RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-007-0046-0"},{"journal-title":"Analyse et detection dynamique de code viraux dans un contexte cryptographique","year":"2009","author":"josse","key":"ref17"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1145\/1314389.1314399"},{"journal-title":"Scoopyng - the vmware detection tool","year":"2008","author":"klein","key":"ref19"},{"key":"ref4","first-page":"41","article-title":"Qemu, a fast and portable dynamic trans-lator","author":"bellard","year":"2005","journal-title":"ATEC'05 Proceedings of the USENIX Annual Technical Conference 2005 on USENIX Annual Technical Conference"},{"journal-title":"TTAnalyze A Tool for Analyzing Malware","year":"2006","author":"bayer","key":"ref3"},{"journal-title":"Efficient transparent and comprehensive runtime code manipulation","year":"2004","author":"bruening","key":"ref6"},{"journal-title":"Pandora's Bochs Automatic Unpacking of Malware","year":"2008","author":"boehne","key":"ref5"},{"key":"ref8","article-title":"4 &#x00D7; 5: Reverse engineering automation with python","author":"carrera","year":"2007","journal-title":"Black Hat USA"},{"journal-title":"Extending joebox - a scriptable malware analysis system","year":"2008","author":"b\u00fchlmann","key":"ref7"},{"key":"ref2","article-title":"Blue pill detection","author":"barbosa","year":"2007","journal-title":"SyScan05"},{"key":"ref9","article-title":"Malware - behavior, tools, scripting and advanced analysis","author":"carrera","year":"2008","journal-title":"HiTB"},{"key":"ref1","doi-asserted-by":"crossref","first-page":"165","DOI":"10.1007\/11856214_9","article-title":"The nepenthes platform: An efficient approach to collect malware","author":"baecher","year":"2006","journal-title":"In Proceedings of the 9 th International Symposium on Recent Advances in Intrusion Detection (RAID"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065034"},{"key":"ref22","article-title":"covert debugging, circumventing software armoring techniques","author":"quist","year":"2007","journal-title":"Black Hat USA"},{"key":"ref21","doi-asserted-by":"crossref","first-page":"231","DOI":"10.1109\/SP.2007.17","article-title":"Exploring multiple execution paths for malware analysis","author":"moser","year":"2007","journal-title":"Proceedings of the 2007 IEEE Symposium on Security and Privacy Ser SP 07"},{"article-title":"Red pili&#x2026; or how to detect vmm using (almost) one cpu instruction","year":"2004","author":"rutkowska","key":"ref24"},{"key":"ref23","article-title":"Alternative medicine: The malware analyst's bluepill","author":"royal","year":"2008","journal-title":"Black Hat USA"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.45"}],"event":{"name":"2009 4th International Conference on Malicious and Unwanted Software (MALWARE)","start":{"date-parts":[[2009,10,13]]},"location":"Montreal, Quebec, Canada","end":{"date-parts":[[2009,10,14]]}},"container-title":["2009 4th International Conference on Malicious and Unwanted Software (MALWARE)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/5392747\/5403012\/05403017.pdf?arnumber=5403017","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,6,19]],"date-time":"2017-06-19T00:43:04Z","timestamp":1497832984000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/5403017\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009,10]]},"references-count":25,"URL":"https:\/\/doi.org\/10.1109\/malware.2009.5403017","relation":{},"subject":[],"published":{"date-parts":[[2009,10]]}}}