{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,22]],"date-time":"2026-04-22T20:35:02Z","timestamp":1776890102288,"version":"3.51.2"},"reference-count":49,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017,10]]},"DOI":"10.1109\/malware.2017.8323963","type":"proceedings-article","created":{"date-parts":[[2018,3,26]],"date-time":"2018-03-26T21:04:19Z","timestamp":1522098259000},"page":"109-118","source":"Crossref","is-referenced-by-count":34,"title":["What can N-grams learn for malware detection?"],"prefix":"10.1109","author":[{"given":"Richard","family":"Zak","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Edward","family":"Raff","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Charles","family":"Nicholas","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref39","first-page":"408","article-title":"A Dual Coordinate Descent Method for Large-scale Linear SVM","author":"hsieh","year":"0","journal-title":"ICML 2008 Proc 25th Int Conf Mach Learning"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1023\/A:1010933404324"},{"key":"ref33","first-page":"801","article-title":"Arcing Classifiers","volume":"26","author":"breiman","year":"1998","journal-title":"The Annals of Statistics"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1007\/BF00058655"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-010-0141-5"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1504\/IJESDF.2007.016865"},{"key":"ref37","first-page":"1","article-title":"Support vector machines and malware detection","author":"singh","year":"2015","journal-title":"Journal of Computer Virology and Hacking Techniques"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1016\/S0893-6080(05)80023-1"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1145\/1015330.1015435"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1111\/j.1467-9868.2005.00503.x"},{"key":"ref28","first-page":"845","article-title":"BYTEWEIGHT: Learning to Recognize Functions in Binary Code","author":"bao","year":"2014","journal-title":"23rd USENIX Security Symposium (USENIX Security 14)"},{"key":"ref27","first-page":"187","article-title":"MutantX-S: Scalable Malware Clustering Based on Static Features","author":"hu","year":"2013","journal-title":"Presented As Part of the 2013 USENIX Annual Technical Conference (USENIX ATC 13)"},{"key":"ref29","doi-asserted-by":"crossref","first-page":"35","DOI":"10.1007\/978-3-642-11747-3_3","article-title":"Idea: Opcode-sequence-based Malware Detection","author":"santos","year":"2010","journal-title":"Proceedings of the Second international conference on Engineering Secure Software and Systems"},{"key":"ref2","first-page":"2721","article-title":"Learning to Detect and Classify Malicious Executables in the Wild","volume":"7","author":"kolter","year":"2006","journal-title":"Journal of Machine Learning Research"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-44599-1_11"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2015.7413680"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/ICASSP.2013.6638293"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2015.33"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1037\/0033-2909.86.3.638"},{"key":"ref23","article-title":"Using File Relationships in Malware Classification","author":"karampatziakis","year":"2012","journal-title":"Detection of Intrusions and Malware and Vulnerability Assessment"},{"key":"ref26","first-page":"134","article-title":"Robust static analysis of portable executable malware","author":"hahn","year":"2014","journal-title":"HTWK Leipzig"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1016\/0021-9681(79)90012-2"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2001.924286"},{"key":"ref11","doi-asserted-by":"crossref","first-page":"51","DOI":"10.1007\/978-3-642-22786-8_6","article-title":"Computer Networks and Intelligent Computing: 5th International Conference on Information Processing, ICIP 2011, Bangalore, India, August 5&#x2013;7, 2011. Proceedings","author":"jain","year":"2011","journal-title":"Computer Networks and Intelligent Computing"},{"key":"ref40","first-page":"1","article-title":"JSAT: Java Statistical Analysis Tool, a Library for Machine Learning","volume":"18","author":"raff","year":"2017","journal-title":"Journal of Machine Learning Research"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/ICDM.2006.4"},{"key":"ref13","first-page":"44","article-title":"Applying Machine Learning Techniques for Detection of Malicious Code in Network Traffic","author":"elovici","year":"2007","journal-title":"30th Annual German Conference on Advances in Artificial Intelligence"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1186\/2190-8532-1-1"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-012-0160-5"},{"key":"ref16","first-page":"1","article-title":"A comparison of static, dynamic, and hybrid analysis for malware detection","author":"damodaran","year":"2015","journal-title":"Journal of Computer Virology and Hacking Techniques"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1007\/s10796-007-9054-3"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1016\/j.csda.2008.10.015"},{"key":"ref19","doi-asserted-by":"crossref","first-page":"41","DOI":"10.1007\/978-3-642-39235-1_3","article-title":"Exploring Discriminatory Features for Automated Malware Classification","author":"yan","year":"2013","journal-title":"Proceedings of the 2nd International Conference on Intrusion and Malware Detection and Vulnerability Assessment"},{"key":"ref4","first-page":"35","article-title":"Idea: Opcode-Sequence-Based Malware Detection","author":"santos","year":"2010","journal-title":"Proceedings 2010"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1109\/CMPSAC.2004.1342667"},{"key":"ref6","article-title":"Exploiting similarity between variants to defeat malware","author":"walen stein","year":"2007","journal-title":"Proc BlackHat DC Conf"},{"key":"ref5","doi-asserted-by":"crossref","first-page":"204","DOI":"10.1007\/978-3-540-89900-6_21","article-title":"Unknown Malcode Detection Using OPCODE Representation","author":"moskovitch","year":"2008","journal-title":"Proceedings of the European Intelligence and Security Informatics Conference"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.14"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2008.22"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1145\/1835804.1835820"},{"key":"ref9","article-title":"An investigation of byte n-gram features for malware classification","author":"raff","year":"2016","journal-title":"Journal of Computer Virology and Hacking Techniques"},{"key":"ref46","article-title":"A Taxonomy of Obfuscating Transformations","author":"collberg","year":"1997","journal-title":"University of Auckland Technical Report"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2002.1027797"},{"key":"ref48","first-page":"1063","article-title":"Static Analysis of Binary Executables U sing Structural SVMs","author":"karampatziakis","year":"2010","journal-title":"Proceedings of the 23rd International Conference on Neural Information Processing Systems"},{"key":"ref47","first-page":"18","article-title":"Static Disassembly of Obfuscated Binaries","volume":"13","author":"kruegel","year":"2004","journal-title":"Proceedings of the 13th conference on USENIX Security Symposium"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1016\/S0031-3203(96)00142-2"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1109\/ICPR.2010.764"},{"key":"ref44","doi-asserted-by":"crossref","first-page":"290","DOI":"10.1145\/948109.948149","article-title":"Obfuscation of executable code to improve resistance to static disassembly","author":"linn","year":"2003","journal-title":"Proceedings of the 10th ACM Conference on Computer and Communication Security - CCS '03"},{"key":"ref43","first-page":"313","article-title":"AUC Optimization vs. Error Rate Minimization","author":"cortes","year":"2004","journal-title":"Advances in Neural Information Processing Systems 16"}],"event":{"name":"2017 12th International Conference on Malicious and Unwanted Software (MALWARE)","location":"Fajardo","start":{"date-parts":[[2017,10,11]]},"end":{"date-parts":[[2017,10,14]]}},"container-title":["2017 12th International Conference on Malicious and Unwanted Software (MALWARE)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8318523\/8323944\/08323963.pdf?arnumber=8323963","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,26]],"date-time":"2022-01-26T06:51:00Z","timestamp":1643179860000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/8323963\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,10]]},"references-count":49,"URL":"https:\/\/doi.org\/10.1109\/malware.2017.8323963","relation":{},"subject":[],"published":{"date-parts":[[2017,10]]}}}