{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,25]],"date-time":"2026-03-25T16:26:51Z","timestamp":1774456011489,"version":"3.50.1"},"reference-count":47,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018,10]]},"DOI":"10.1109\/malware.2018.8659358","type":"proceedings-article","created":{"date-parts":[[2019,3,8]],"date-time":"2019-03-08T00:23:21Z","timestamp":1552004601000},"page":"103-111","source":"Crossref","is-referenced-by-count":20,"title":["Behavioral Malware Classification using Convolutional Recurrent Neural Networks"],"prefix":"10.1109","author":[{"given":"Bander","family":"Alsulami","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Spiros","family":"Mancoridis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref39","first-page":"1929","article-title":"Dropout: a simple way to prevent neural networks from overfitting","volume":"15","author":"srivastava","year":"2014","journal-title":"Journal of Machine Learning Research"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2001.924286"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.3115\/v1\/D14-1162"},{"key":"ref32","first-page":"2825","article-title":"Scikit-learn: Machine learning in python","volume":"12","author":"pedregosa","year":"2011","journal-title":"Journal of Machine Learning Research"},{"key":"ref31","doi-asserted-by":"crossref","first-page":"204","DOI":"10.1007\/978-3-540-89900-6_21","article-title":"Unknown malcode detection using opcode representation","author":"moskovitch","year":"2008","journal-title":"Intelligence and Security Informatics"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-84927-0_12"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2009.5199486"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.3233\/JCS-2010-0410"},{"key":"ref35","article-title":"A virus by any other name: Virus naming practices","author":"raiu","year":"2002","journal-title":"Security Focus"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420999"},{"key":"ref10","first-page":"269","article-title":"Using an n-gram-based document representation with a vector processing retrieval model","author":"cavnar","year":"1995","journal-title":"NIST SPECIAL PUBLICATION SP"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.3233\/JCS-2005-13403"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1007\/0-387-25465-X_40"},{"key":"ref12","author":"chollet","year":"2017","journal-title":"Keras (2015)"},{"key":"ref13","article-title":"Fileless malware–a behavioural analysis of kovter persistence","author":"dove","year":"2016"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/2089125.2089126"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-006-0009-x"},{"key":"ref16","volume":"1","author":"goodfellow","year":"2016","journal-title":"Deep Learning"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1016\/j.neunet.2005.06.042"},{"key":"ref18","first-page":"2","article-title":"One class support vector machines for detecting anomalous windows registry accesses","author":"heller","year":"2003","journal-title":"ICDM Workshop on Data Mining for Computer Security (DMSEC)"},{"key":"ref19","article-title":"Doing more with less: A study of fileless infection attacks","author":"inocencio","year":"2015"},{"key":"ref28","author":"malin","year":"2011","journal-title":"Malware Forensics Field Guid for Windows Systems Digital Forensics Field Guides"},{"key":"ref4","author":"blunden","year":"2012","journal-title":"The Rootkit Arsenal Escape and Evasion in the Dark Corners of the System"},{"key":"ref27","doi-asserted-by":"crossref","first-page":"238","DOI":"10.1007\/978-3-642-15512-3_13","article-title":"On challenges in evaluating malware clustering","author":"li","year":"2010","journal-title":"International Workshop on Recent Advances in Intrusion Detection"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-74320-0_10"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1023\/A:1010933404324"},{"key":"ref29","first-page":"744","article-title":"Survey on malware evasion techniques: State of the art and challenges","author":"marpaung","year":"2012","journal-title":"2012 14th International Conference on Advanced Communication Technology (ICACT) ICACT"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-7908-2604-3_16"},{"key":"ref8","article-title":"Large scale malware collection: lessons learned","author":"canto","year":"2008","journal-title":"IEEE SRDS Workshop on Sharing Field Data and Experiment Measurements on Resilience of Distributed Computing Systems"},{"key":"ref7","author":"candid wueest","year":"2016","journal-title":"The increased use of PowerShell in attacks"},{"key":"ref2","first-page":"171","article-title":"Zero-day malware detection based on supervised learning algorithms of api call signatures","volume":"121","author":"alazab","year":"2011","journal-title":"Proceedings of the Australasian Data Mining Conference"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2015.7413681"},{"key":"ref1","first-page":"265","article-title":"Tensor-flow: A system for large-scale machine learning","volume":"16","author":"abadi","year":"2016","journal-title":"OSDI"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1002\/qre.392"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-008-0086-0"},{"key":"ref45","article-title":"Google’s neural machine translation system: Bridging the gap between human and machine translation","author":"wu","year":"2016"},{"key":"ref22","first-page":"37","article-title":"Dimension reduction in text classification with support vector machines","author":"kim","year":"2005","journal-title":"Journal of Machine Learning Research"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1145\/1015330.1015332"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1145\/2808769.2808780"},{"key":"ref42","first-page":"5","article-title":"Vilo: a shield in the malware variation battle","author":"venable","year":"2007","journal-title":"Virus Bulletin"},{"key":"ref24","first-page":"2721","article-title":"Learning to detect and classify malicious executables in the wild","volume":"7","author":"kolter","year":"2006","journal-title":"Journal of Machine Learning Research"},{"key":"ref41","author":"szor","year":"2005","journal-title":"The Art of Computer Virus Research and Defense"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.3115\/v1\/D14-1181"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1016\/j.inffus.2013.04.006"},{"key":"ref26","first-page":"120","article-title":"A data mining framework for building intrusion detection models","author":"lee","year":"1999","journal-title":"Security and Privacy 1999 Proceedings of the 1999 IEEE Symposium on"},{"key":"ref43","article-title":"One-class training for masquerade detection","author":"wang","year":"2003"},{"key":"ref25","first-page":"207","article-title":"Polymorphic worm detection using structural information of executables","author":"kruegel","year":"2005","journal-title":"International Workshop on Recent Advances in Intrusion Detection"}],"event":{"name":"2018 13th International Conference on Malicious and Unwanted Software (MALWARE)","location":"Nantucket, MA, USA","start":{"date-parts":[[2018,10,22]]},"end":{"date-parts":[[2018,10,24]]}},"container-title":["2018 13th International Conference on Malicious and Unwanted Software (MALWARE)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8653251\/8659351\/08659358.pdf?arnumber=8659358","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,27]],"date-time":"2022-01-27T07:37:17Z","timestamp":1643269037000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8659358\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,10]]},"references-count":47,"URL":"https:\/\/doi.org\/10.1109\/malware.2018.8659358","relation":{},"subject":[],"published":{"date-parts":[[2018,10]]}}}