{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,2]],"date-time":"2025-10-02T00:30:27Z","timestamp":1759365027739,"version":"build-2065373602"},"reference-count":61,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"name":"Internal Funds from Montana State University"},{"name":"NSF EPSCoR RII Track-1 SMART FIRES","award":["2242802"],"award-info":[{"award-number":["2242802"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans.Inform.Forensic Secur."],"published-print":{"date-parts":[[2025]]},"DOI":"10.1109\/tifs.2025.3611649","type":"journal-article","created":{"date-parts":[[2025,9,18]],"date-time":"2025-09-18T17:45:04Z","timestamp":1758217504000},"page":"9965-9978","source":"Crossref","is-referenced-by-count":0,"title":["Unveiling Malware Visual Patterns: A Self-Analysis Perspective"],"prefix":"10.1109","volume":"20","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1125-7472","authenticated-orcid":false,"given":"Fangtian","family":"Zhong","sequence":"first","affiliation":[{"name":"Gianforte School of Computing, Montana State University, Bozeman, MT, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8847-8345","authenticated-orcid":false,"given":"Qin","family":"Hu","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Georgia State University, Atlanta, GA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0340-1152","authenticated-orcid":false,"given":"Yili","family":"Jiang","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Georgia State University, Atlanta, GA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9794-2103","authenticated-orcid":false,"given":"Jiaqi","family":"Huang","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Cybersecurity, University of Central Missouri, Warrensburg, MO, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5912-4647","authenticated-orcid":false,"given":"Xiuzhen","family":"Cheng","sequence":"additional","affiliation":[{"name":"College of Computer Science and Technology, Shandong University, Qingdao, Shandong, China"}]}],"member":"263","reference":[{"volume-title":"Malware Statistics and Facts in 2024-How to Best Protect Your Business and Yourself?","year":"2024","author":"Deli\u0107","key":"ref1"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.21236\/ADA449067"},{"key":"ref3","first-page":"1145","article-title":"Humans vs. machines in malware classification","volume-title":"Proc. 32nd USENIX Secur. Symp. (USENIX Secur.)","author":"Aonzo"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134099"},{"key":"ref5","first-page":"1","article-title":"BotHunter: Detecting malware infection through IDS-driven dialog correlation","volume-title":"Proc. USENIX Secur. Symp.","author":"Gu"},{"key":"ref6","first-page":"829","article-title":"X-force: Force-executing binary programs for security applications","volume-title":"Proc. 23rd USENIX Secur. Symp. (USENIX Secur.)","author":"Peng"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1145\/3643744"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.17"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00002"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2019.00082"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/3597926.3598054"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1145\/3597503.3623320"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/MASS50613.2020.00009"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2019.00155"},{"volume-title":"How it Works","year":"2024","author":"Darroch","key":"ref15"},{"volume-title":"Malpedia is a Free Service Offered by Fraunhofer FKIE","year":"2024","key":"ref16"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/FUZZY.2010.5584447"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1145\/3291061"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2018.2822680"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2024.3435362"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2022.3160357"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.63278\/1336"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2892500"},{"issue":"2","key":"ref24","doi-asserted-by":"crossref","first-page":"400","DOI":"10.13005\/ojcst\/10.02.20","article-title":"Wavelet statistical feature based malware class recognition and classification using supervised learning classifier","volume":"10","author":"Makandar","year":"2017","journal-title":"Oriental J. Comput. Sci. Technol."},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/2016904.2016908"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1109\/iccv.2003.1238354"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1023\/A:1011139631724"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101740"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1155\/2023\/6390023"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-63820-7_31"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2013.6703680"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1007\/s10586-024-04723-w"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.103084"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2015.7413680"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-37629-1_75"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1145\/3128572.3140457"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1145\/3660853.3660931"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1007\/s10618-024-01078-z"},{"volume-title":"Detect Packers on PE Files Using Signatures","year":"2024","key":"ref39"},{"volume-title":"Detect-it-Easy (Die): Program for Determining Types of Files for Windows, Linux and MacOS","year":"2025","key":"ref40"},{"volume-title":"Cyren Threat Intelligence","year":"2025","key":"ref41"},{"volume-title":"Frisk Software International","year":"2025","author":"Skulason","key":"ref42"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2024.3433372"},{"key":"ref44","first-page":"1","article-title":"Very deep convolutional networks for large-scale image recognition","volume-title":"Proc. Int. Conf. Learn. Represent.","author":"Simonyan"},{"volume-title":"The Ultimate Packer for Executables","year":"2024","key":"ref45"},{"volume-title":"Win32 Executable Compressor","year":"2024","key":"ref46"},{"volume-title":"PECompact-Windows (PE) Executable Compressor","year":"2024","key":"ref47"},{"volume-title":"MPRESS is a Free, High-Performance Executable Packer for PE32\/PE32+\/.NET\/MAC-DARWIN Executable Formats!","year":"2024","key":"ref48"},{"volume-title":"Unpacking PE Files Using Unicorn Engine","year":"2024","key":"ref49"},{"volume-title":"Automated Malware Unpacking and Artifact Extraction","year":"2024","key":"ref50"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2885512"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1145\/2931037.2931047"},{"key":"ref53","first-page":"583","article-title":"An in-depth analysis of disassembly on full-scale x86\/x64 binaries","volume-title":"Proc. 25th USENIX Secur. Symp. (USENIX Secur.)","author":"Andriesse"},{"volume-title":"Contrast Limited Adaptive Histogram Equalization","year":"1993","author":"Zuiderveld","key":"ref54"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1109\/34.993558"},{"issue":"4","key":"ref56","first-page":"21","article-title":"Image enhancement by histogram equalization","volume":"2","author":"Dorothy","year":"2015","journal-title":"Int. J. Nano. Corr. Sci. Engg"},{"volume-title":"Cuckoo Malware Analysis","year":"2013","author":"Oktavianto","key":"ref57"},{"volume-title":"Because Sharing is Caring","year":"2023","key":"ref58"},{"volume-title":"Malware Classification Guide","year":"2020","key":"ref59"},{"volume-title":"Adaptive Histogram Equalization","year":"2021","key":"ref60"},{"volume-title":"Revisiting the NSIS-Based Crypter","year":"2025","key":"ref61"}],"container-title":["IEEE Transactions on Information Forensics and Security"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/10206\/10810755\/11172343.pdf?arnumber=11172343","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,1]],"date-time":"2025-10-01T05:16:44Z","timestamp":1759295804000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11172343\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"references-count":61,"URL":"https:\/\/doi.org\/10.1109\/tifs.2025.3611649","relation":{},"ISSN":["1556-6013","1556-6021"],"issn-type":[{"type":"print","value":"1556-6013"},{"type":"electronic","value":"1556-6021"}],"subject":[],"published":{"date-parts":[[2025]]}}}