{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T22:52:53Z","timestamp":1773183173017,"version":"3.50.1"},"reference-count":17,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010,10]]},"DOI":"10.1109\/malware.2010.5665794","type":"proceedings-article","created":{"date-parts":[[2010,12,21]],"date-time":"2010-12-21T18:39:39Z","timestamp":1292956779000},"page":"39-46","source":"Crossref","is-referenced-by-count":21,"title":["Memory behavior-based automatic malware unpacking in stealth debugging environment"],"prefix":"10.1109","author":[{"given":"Yuhei","family":"Kawakoya","sequence":"first","affiliation":[]},{"given":"Makoto","family":"Iwamura","sequence":"additional","affiliation":[]},{"given":"Mitsutaka","family":"Itoh","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref10","year":"0","journal-title":"PeiD"},{"key":"ref11","article-title":"Covert debugging circumventing software armoring techniques","author":"quist","year":"2007","journal-title":"Black Hat USA 2007"},{"key":"ref12","article-title":"Unpacking virtualization obfuscators","author":"rolles","year":"2009","journal-title":"Proceedings of the 3rd USENIX Workshop on Offensive Technologies"},{"key":"ref13","article-title":"Alternative medicine: The malware analyst's blue pill","author":"royal","year":"2008","journal-title":"Proc Black Hat USA 2008"},{"key":"ref14","first-page":"289","article-title":"Polyunpack: Automating the hidden-code extraction of unpack-executing malware","volume":"0","author":"royal","year":"2006","journal-title":"Computer Security Applications Conference Annual"},{"key":"ref15","article-title":"BitBlaze: A new approach to computer security via binary analysis","author":"song","year":"2008","journal-title":"Proceedings of the 4th International Conference on Information Systems Security Keynote Invited Paper"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-03095-6_21"},{"key":"ref17","article-title":"The art of unpacking","author":"yason","year":"2007","journal-title":"Black Hat USA 2007"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455779"},{"key":"ref3","first-page":"41","article-title":"Qemu, a fast and portable dynamic translator","author":"bellard","year":"2005","journal-title":"Proceedings of the Annual Conference on USENIX Annual Technical Conference"},{"key":"ref6","article-title":"Intel. Intel 64 and ia-32 architectures software developers manual","year":"2007","journal-title":"Specification"},{"key":"ref5","year":"0","journal-title":"HexRays"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065034"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1145\/1314389.1314399"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1145\/945461.945462"},{"key":"ref1","year":"0","journal-title":"The Volatility Framework"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2007.15"}],"event":{"name":"2010 5th International Conference on Malicious and Unwanted Software (MALWARE)","location":"Nancy, France","start":{"date-parts":[[2010,10,19]]},"end":{"date-parts":[[2010,10,20]]}},"container-title":["2010 5th International Conference on Malicious and Unwanted Software"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/5655114\/5665785\/05665794.pdf?arnumber=5665794","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,3,21]],"date-time":"2017-03-21T07:06:16Z","timestamp":1490079976000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/5665794\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010,10]]},"references-count":17,"URL":"https:\/\/doi.org\/10.1109\/malware.2010.5665794","relation":{},"subject":[],"published":{"date-parts":[[2010,10]]}}}