{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,17]],"date-time":"2025-09-17T23:47:09Z","timestamp":1758152829702,"version":"3.44.0"},"reference-count":71,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"5","license":[{"start":{"date-parts":[[2025,9,1]],"date-time":"2025-09-01T00:00:00Z","timestamp":1756684800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2025,9,1]],"date-time":"2025-09-01T00:00:00Z","timestamp":1756684800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,9,1]],"date-time":"2025-09-01T00:00:00Z","timestamp":1756684800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"name":"Strategic Priority Research Program of Chinese Academy of Sciences","award":["XDB0690100"],"award-info":[{"award-number":["XDB0690100"]}]},{"name":"Alibaba Innovative Research Program"},{"name":"Open Project Fund of Key Laboratory of Cyberspace Security and Defense","award":["2024-MS-02"],"award-info":[{"award-number":["2024-MS-02"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62372490","W2412110"],"award-info":[{"award-number":["62372490","W2412110"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"CCF-NOSFUS Kunpeng Fund"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Dependable and Secure Comput."],"published-print":{"date-parts":[[2025,9]]},"DOI":"10.1109\/tdsc.2025.3561052","type":"journal-article","created":{"date-parts":[[2025,4,14]],"date-time":"2025-04-14T13:42:02Z","timestamp":1744638122000},"page":"5060-5076","source":"Crossref","is-referenced-by-count":0,"title":["MalFocus: Locating Malicious Modules in Malware Based on Hybrid Deep Learning"],"prefix":"10.1109","volume":"22","author":[{"ORCID":"https:\/\/orcid.org\/0009-0000-1503-0964","authenticated-orcid":false,"given":"Weihao","family":"Huang","sequence":"first","affiliation":[{"name":"School of Cyber Science and Technology, Shenzhen Campus of Sun Yat-sen University, Shenzhen, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-5963-2886","authenticated-orcid":false,"given":"Chaoyang","family":"Lin","sequence":"additional","affiliation":[{"name":"Safety &#x0026; CyberSecurity, NIO, Shanghai, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-7959-7433","authenticated-orcid":false,"given":"Lu","family":"Xiang","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-7966-3107","authenticated-orcid":false,"given":"Zhiyu","family":"Zhang","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6388-2571","authenticated-orcid":false,"given":"Guozhu","family":"Meng","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-1952-885X","authenticated-orcid":false,"given":"Lei","family":"Xue","sequence":"additional","affiliation":[{"name":"School of Cyber Science and Technology, Shenzhen Campus of Sun Yat-sen University, Shenzhen, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5624-2987","authenticated-orcid":false,"given":"Kai","family":"Chen","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"}]},{"given":"Lei","family":"Meng","sequence":"additional","affiliation":[{"name":"Alibaba Cloud Computing, Hangzhou, China"}]},{"given":"Zongming","family":"Zhang","sequence":"additional","affiliation":[{"name":"Alibaba Cloud Computing, Hangzhou, China"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1145\/3691340"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1145\/3318216.3363379"},{"year":"2022","key":"ref3","article-title":"Malware statistics and trends report | AV-TEST"},{"key":"ref4","first-page":"3505","article-title":"The circle of life: A large-scale study of the IoT malware lifecycle","volume-title":"Proc. 30th USENIX Secur. Symp.","author":"Alrawi"},{"key":"ref5","first-page":"1310","article-title":"An empirical assessment of security risks of global Android banking apps","volume-title":"Proc. 42nd Int. Conf. Softw. Eng.","author":"Chen"},{"key":"ref6","first-page":"3469","article-title":"DeepReflect: Discovering malicious functionality through binary reconstruction","volume-title":"Proc. 30th USENIX Secur. Symp.","author":"Downing"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.3390\/app9224764"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2656460"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2963724"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101748"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-017-9539-8"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1145\/3490725.3490733"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1016\/j.jprocont.2018.02.004"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-61078-4_25"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2022.3150573"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2019.00130"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-34980-6_30"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/3329786"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315261"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1145\/2619091"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2017.190"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-006-0012-2"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/2463209.2488831"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1145\/3359789.3359835"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1109\/AMS.2007.31"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/JCN.2011.6157418"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/2567948.2579364"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2013.09.006"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2015.2491300"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2013.6693090"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2021.3087316"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1186\/s42400-018-0006-7"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2007.242"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2001.924286"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1109\/CMPSAC.2004.1342667"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-89900-6_21"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom\/BigDataSE.2019.00022"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1155\/2018\/7247095"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC.2016.151"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.3025436"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2866319"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2018.00040"},{"key":"ref45","first-page":"55","article-title":"Untangling parametric schemata: Enhancing collaboration through modular programming","volume-title":"Proc. 14th Int. Conf. Comput. Aided Architectural Des.","author":"Davis","year":"2011"},{"article-title":"The dynamics of software composition analysis","year":"2019","author":"Foo","key":"ref46"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1155\/2018\/4157156"},{"article-title":"Droidetec: Android malware detection and malicious code localization through deep learning","year":"2020","author":"Ma","key":"ref48"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1145\/2931037.2931043"},{"article-title":"Radare2: Unix-like reverse engineering framework","year":"2014","author":"\u00c0lvarez","key":"ref50"},{"year":"2022","key":"ref51","article-title":"UPX - The ultimate packer for executables"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1155\/2015\/659101"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.7717\/peerj-cs.285"},{"issue":"3","key":"ref54","article-title":"A hybrid attention network for malware detection based on multi-feature aligned and fusion","volume-title":"Electronics","volume":"12","author":"Yang","year":"2023"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1109\/CIC.2018.00044"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1109\/ISTEL.2016.7881800"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1145\/3375395.3387641"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1098\/rspa.2020.0447"},{"article-title":"Detecting large integer arithmetic for defense against crypto ransomware","year":"2017","author":"Kiraz","key":"ref60"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1016\/j.softx.2020.100403"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1109\/34.908974"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1007\/springerreference_1178"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-04726-2"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1109\/IPDPS.2015.59"},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.1016\/j.physa.2019.122058"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1103\/PhysRevE.69.066133"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1103\/PhysRevE.69.026113"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.1016\/j.istr.2009.03.003"},{"key":"ref70","first-page":"3541","article-title":"YARIX: Scalable YARA-based malware intelligence","volume-title":"Proc. 30th USENIX Secur. Symp.","author":"Brengel"},{"year":"2020","key":"ref72","article-title":"UPX - The ultimate packer for executables"},{"key":"ref74","first-page":"4768","article-title":"A unified approach to interpreting model predictions","volume-title":"Proc. 31st Int. Conf. Neural Inf. Process. Syst.","author":"Lundberg"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.1109\/SPRO.2015.10"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00054"}],"container-title":["IEEE Transactions on Dependable and Secure Computing"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/8858\/11150357\/10964846.pdf?arnumber=10964846","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,17]],"date-time":"2025-09-17T17:34:05Z","timestamp":1758130445000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10964846\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,9]]},"references-count":71,"journal-issue":{"issue":"5"},"URL":"https:\/\/doi.org\/10.1109\/tdsc.2025.3561052","relation":{},"ISSN":["1545-5971","1941-0018","2160-9209"],"issn-type":[{"type":"print","value":"1545-5971"},{"type":"electronic","value":"1941-0018"},{"type":"electronic","value":"2160-9209"}],"subject":[],"published":{"date-parts":[[2025,9]]}}}