{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,7]],"date-time":"2025-05-07T04:59:50Z","timestamp":1746593990451,"version":"3.28.0"},"reference-count":89,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016,12]]},"DOI":"10.1109\/pst.2016.7906998","type":"proceedings-article","created":{"date-parts":[[2017,4,24]],"date-time":"2017-04-24T21:12:50Z","timestamp":1493068370000},"page":"629-636","source":"Crossref","is-referenced-by-count":6,"title":["Taxonomy of malware detection techniques: A systematic literature review"],"prefix":"10.1109","author":[{"given":"Hanif Mohaddes","family":"Deylami","sequence":"first","affiliation":[]},{"given":"Ravie Chandren","family":"Muniyandi","sequence":"additional","affiliation":[]},{"given":"Iman Tabatabaei","family":"Ardekani","sequence":"additional","affiliation":[]},{"given":"Abdolhossein","family":"Sarrafzadeh","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref73","article-title":"lsGameOver() anyone?","author":"rutkowska","year":"2007","journal-title":"Invisible Things Lab Black Hat Briefings"},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.1145\/2835375"},{"key":"ref71","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSACW.2011.28"},{"key":"ref70","first-page":"746","article-title":"Detection of malicious software by Using Data Mining Tools and Other Techniques-a Survey","volume":"1","author":"kumar","year":"2012","journal-title":"IJCSM"},{"volume":"19","journal-title":"Internet security threat report 2014 trends","year":"0","key":"ref76"},{"key":"ref77","article-title":"Malware detection by applying knowledge discovery processes to application metadata on the Android Market (Google Play)","author":"teufl","year":"2013","journal-title":"Published online in Wiley Online Library"},{"key":"ref74","article-title":"Data-Driven Security: Analysis, Visualization and Dashboards","author":"jacobs","year":"2014","journal-title":"E-book Published in Wiley Online Library"},{"journal-title":"Malware Variant Detection","year":"2012","author":"alzarooni","key":"ref39"},{"journal-title":"E-book Published in Wiley Online Library","article-title":"Information Security: Principles and Practice 2nd Edition","year":"2011","key":"ref75"},{"journal-title":"Behavior based Approach for Intrusion Detection Systems","year":"2013","author":"andrey","key":"ref38"},{"key":"ref78","doi-asserted-by":"publisher","DOI":"10.1002\/sec.764"},{"key":"ref79","doi-asserted-by":"publisher","DOI":"10.1002\/sec.229"},{"journal-title":"When Harlie Was One Doubleday","year":"1972","author":"gerrold","key":"ref33"},{"journal-title":"Survey on Malware Detection Methods","year":"2009","author":"vinod","key":"ref32"},{"journal-title":"Method and apparatus for detecting malware infection","year":"2015","author":"guofei","key":"ref31"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/ICCNC.2016.7440587"},{"key":"ref37","article-title":"TT Analyze: A tool for analyzing malware","author":"bayer","year":"2006","journal-title":"Ikarus Software & Technical University of Vienna"},{"key":"ref36","first-page":"56","article-title":"Malware Analysis and Classification: A Survey","volume":"5","author":"ekta","year":"0","journal-title":"Journal of Information Security"},{"key":"ref35","article-title":"Malware Forensics-Detecting the Unknown","author":"overton","year":"2008","journal-title":"Virus Bulletin Conference"},{"key":"ref34","first-page":"311","author":"wang","year":"2006","journal-title":"Malware Detection"},{"key":"ref60","doi-asserted-by":"crossref","first-page":"8","DOI":"10.1109\/AINA.2012.62","article-title":"Malicious software detection using multiple sequence alignment and data mining","author":"chen","year":"2012","journal-title":"IEEE 26th International Conference on Advanced Information Networking and Applications (AINA)"},{"key":"ref62","article-title":"Metamorphic Malware Detection Using Statistical Analysis","volume":"2","author":"kevadia","year":"2012","journal-title":"International Journal of Soft Computing and Engineering (IJSCE)"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2012.01.127"},{"key":"ref63","article-title":"Static Detection of Malicious Code in Executable Programs","author":"bergeron","year":"2001","journal-title":"Symposium on Requirements Engineering for Information Security (SREIS)"},{"journal-title":"McAfee® Labs 2014 Threats Predictions Report MacAfee Lab","year":"0","author":"alme","key":"ref28"},{"journal-title":"Computer Viruses-Theory and Experiments Introduction and Abstract","year":"1984","author":"fred","key":"ref64"},{"journal-title":"Anders Kofod-Petersen How to do a Structured Literature Review in computer science Ver 0 1","year":"2012","key":"ref27"},{"key":"ref65","article-title":"Cybercrime detection techniques based on support vector machines","volume":"2","author":"hanif","year":"2013","journal-title":"Artificial Intelligence Research"},{"key":"ref66","article-title":"Data Mining Tools for Malware Detection","author":"mehedy","year":"2012","journal-title":"CRC Press is an imprint of Taylor & Francis Group an Informa business"},{"journal-title":"The Effects of Different Representations on Static Structure Analysis of Computer Malware Signatures","year":"2013","author":"narayanan","key":"ref29"},{"key":"ref67","article-title":"BitBlaze: A new approach to computer security via binary analysis","author":"dawn","year":"2008","journal-title":"Proceedings of the 4th International Conference on In-formation Systems Security (Keynote invited paper)"},{"journal-title":"Malware online scanners","year":"0","author":"steroids","key":"ref68"},{"key":"ref69","article-title":"Dynamic software application protection","author":"ravi","year":"2009","journal-title":"Technical report Intel Corporation"},{"key":"ref2","article-title":"Tracking and Tracing Cyber-Attacks: Technical Challenges and Global Policy Issues","author":"lipson","year":"0","journal-title":"PhD CERT ® Coordination Center Networked Systems Survivability Program"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-12"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1109\/FIE.1998.736875"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1016\/S0899-3467(07)60142-6"},{"journal-title":"Analyzing the past to prepare for the future writing","year":"2002","author":"webster","key":"ref21"},{"key":"ref24","first-page":"103","article-title":"Undertaking a structured literature review or structuring a literature review: tales from the field","volume":"6","author":"armitage","year":"2008","journal-title":"The Electronic Journal of Business Research Methods"},{"key":"ref23","first-page":"181","article-title":"A systems approach to conduct an effective literature review in support of information systems research","volume":"9","author":"levy","year":"2006","journal-title":"Inform Sci"},{"journal-title":"Literature review of information technology adoption models at firm level","year":"2011","author":"oliveira","key":"ref26"},{"journal-title":"EBSE Technical Report Guidelines for performing Systematic Literature Reviews in Software Engineering","year":"2007","key":"ref25"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1109\/ICNC.2012.6234576"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1109\/CIS.2012.27"},{"journal-title":"An Introduction to Malware","year":"2013","author":"sharp","key":"ref59"},{"key":"ref58","article-title":"Computers under Attack: Intruders, Worms and Viruses","author":"peter","year":"1990","journal-title":"Addison-Wesley Reading MASS"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-21554-4_2"},{"key":"ref56","first-page":"160","article-title":"Why securing smart grids is not just a straightforward consultancy exercise","volume":"7","author":"line","year":"2013","journal-title":"Published online in Wiley Online Library (wileyonlinelibrary com) Journal of Security and communication networks"},{"key":"ref55","article-title":"Mechanisms of Polymorphic and Metamorphic Viruses","author":"xufang","year":"2011","journal-title":"Intelligence and Security Informatics Conference (EISIC)"},{"key":"ref54","first-page":"4","article-title":"Effects of Software Security on Software Development Life Cycle and Related Security Issues","volume":"6","author":"mohaddes deylami","year":"2015","journal-title":"International Journal of Computational Intelligence and Information Security"},{"key":"ref53","article-title":"A Threat to cyber resilience: A malware rebirthing Botnet","author":"brand","year":"2011","journal-title":"Proceedings of the 2nd International Cyber Resilience Conference"},{"key":"ref52","doi-asserted-by":"crossref","first-page":"283","DOI":"10.3844\/ajassp.2012.283.288","article-title":"Malware detection based on hybrid signature behavior application programming interface call graph","volume":"9","author":"elhadi","year":"2012","journal-title":"American Journal of Applied Sciences"},{"journal-title":"Experiments with Computer Viruses","year":"1984","author":"cohen","key":"ref10"},{"key":"ref11","first-page":"172","author":"shoch","year":"1982","journal-title":"The Worms' Programs ? Early Experience with a Distributed Computation"},{"journal-title":"An integrated malware detection and classification system","year":"2011","author":"tian","key":"ref40"},{"journal-title":"A Survey of Malware Detection Techniques","year":"2007","author":"idika","key":"ref12"},{"key":"ref13","article-title":"AutoMal: automatic clustering and signature generation for malwares based on the network flow","author":"hao","year":"2014","journal-title":"Security Comm Networks"},{"journal-title":"Muazzam Ahmed Siddiqui Data mining methods for malware detection","year":"2008","key":"ref14"},{"key":"ref15","article-title":"Design and implementation of a malware detection system based on network behavior","author":"xue","year":"2014","journal-title":"Security Comm Networks"},{"key":"ref82","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4471-1774-2"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1002\/sec.524"},{"journal-title":"Malware Detection Methods","year":"2014","author":"danfeng","key":"ref81"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1002\/sec.902"},{"key":"ref84","first-page":"56","article-title":"Detection & Preservation of New & Unknown Malware using Honeypots","volume":"1","author":"kumar","year":"2009","journal-title":"International Journal on Computer Science and Engineering"},{"key":"ref18","article-title":"A dynamic malware analyzer against virtual machine aware malicious software","author":"pektas","year":"2013","journal-title":"Security Comm Networks"},{"journal-title":"Rogue Programs Viruses Worms and Trojan Horses (Vnr Computer Library)","year":"1990","author":"hoffman","key":"ref83"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1002\/sec.619"},{"key":"ref80","doi-asserted-by":"publisher","DOI":"10.1002\/sec.390"},{"key":"ref89","doi-asserted-by":"publisher","DOI":"10.1002\/9780470087923.hhs421"},{"journal-title":"Fox IT Joostbijl Malicious advertisements served via Yahoo","year":"0","key":"ref4"},{"journal-title":"Malware Forensics Investigating and Analyzing Malicious Code","year":"2008","author":"aquilina","key":"ref3"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.20"},{"journal-title":"Carol Spyware viruses & security forum NEWS CNET","year":"0","key":"ref5"},{"key":"ref85","doi-asserted-by":"publisher","DOI":"10.5120\/11480-7108"},{"key":"ref8","article-title":"Technical and human issues in computer-based systems security","author":"arief","year":"2003","journal-title":"University of Newcastle upon Tyne (CS-T R-790)"},{"journal-title":"Malicious Software Copyright 1998-2001","year":"2001","author":"mahan","key":"ref86"},{"key":"ref7","first-page":"33","article-title":"Attacking malicious code: A report to the infosec research council","volume":"26","author":"mcgraw","year":"2003","journal-title":"IEEE Software"},{"key":"ref49","article-title":"Cracking the Perimeter v.1.1","author":"aharoni","year":"0","journal-title":"Anti-Virus Comparative"},{"journal-title":"CERT Coordination Center","article-title":"Which Best Practices are Right For Me?","year":"0","key":"ref87"},{"key":"ref88","first-page":"251","volume":"4","author":"jacob","year":"2008","journal-title":"Behavioral detection of malware from a survey towards an established taxonomy"},{"journal-title":"Malware Fighting Malicious Code","year":"2004","author":"skoudis","key":"ref9"},{"key":"ref46","first-page":"173","author":"szczepanik","year":"2010","journal-title":"Detecting New and Unknown Malwares Using Honeynet"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1145\/586143.586146"},{"key":"ref48","article-title":"A virtual machine introspection based architecture for intrusion detection","author":"garfnkel","year":"2003","journal-title":"Proceedings of the Symposium on Network and Distributed Systems Security (NDSS)"},{"journal-title":"CSI Computer Crime & Security Survey","year":"2008","author":"richardson","key":"ref47"},{"journal-title":"Robust & Efficient Malware Analysis and host based monitoring","year":"2010","author":"sharif","key":"ref42"},{"journal-title":"Dealing with next generation Malware","year":"2011","author":"paleari","key":"ref41"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-44599-1_4"},{"key":"ref43","article-title":"Privacy theft malware multiprocess collaboration analysis","author":"fan","year":"2013","journal-title":"Security Comm Networks"}],"event":{"name":"2016 14th Annual Conference on Privacy, Security and Trust (PST)","start":{"date-parts":[[2016,12,12]]},"location":"Auckland, New Zealand","end":{"date-parts":[[2016,12,14]]}},"container-title":["2016 14th Annual Conference on Privacy, Security and Trust (PST)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/7899233\/7906913\/07906998.pdf?arnumber=7906998","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,21]],"date-time":"2019-09-21T19:55:30Z","timestamp":1569095730000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/7906998\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,12]]},"references-count":89,"URL":"https:\/\/doi.org\/10.1109\/pst.2016.7906998","relation":{},"subject":[],"published":{"date-parts":[[2016,12]]}}}