{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,1]],"date-time":"2026-03-01T11:27:14Z","timestamp":1772364434367,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":51,"publisher":"ACM","license":[{"start":{"date-parts":[[2012,10,19]],"date-time":"2012-10-19T00:00:00Z","timestamp":1350604800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2012,10,19]]},"DOI":"10.1145\/2381896.2381900","type":"proceedings-article","created":{"date-parts":[[2012,10,19]],"date-time":"2012-10-19T13:41:01Z","timestamp":1350654061000},"page":"3-14","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":97,"title":["Improving malware classification"],"prefix":"10.1145","author":[{"given":"Blake","family":"Anderson","sequence":"first","affiliation":[{"name":"Los Alamos National Laboratory, Los Alamos, NM, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Curtis","family":"Storlie","sequence":"additional","affiliation":[{"name":"Los Alamos National Laboratory, Los Alamos, NM, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Terran","family":"Lane","sequence":"additional","affiliation":[{"name":"University of New Mexico, Albuquerque, NM, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2012,10,19]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Accessed","author":"Computing Offensive","year":"2011","unstructured":"Offensive Computing . http:\/\/www.offensivecomputing.net\/ , Accessed June 2011 . Offensive Computing. http:\/\/www.offensivecomputing.net\/, Accessed June 2011."},{"key":"e_1_3_2_1_2_1","volume-title":"Accessed","author":"Total Virus","year":"2011","unstructured":"Virus Total . http:\/\/www.virustotal.com\/ , Accessed October 2011 . Virus Total. http:\/\/www.virustotal.com\/, Accessed October 2011."},{"key":"e_1_3_2_1_3_1","volume-title":"Accessed","author":"Dentifier Portable Executable","year":"2011","unstructured":"Portable Executable i Dentifier . http:\/\/peid.info\/ , Accessed 6 October 2011 . Portable Executable iDentifier. http:\/\/peid.info\/, Accessed 6 October 2011."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-011-0152-x"},{"key":"e_1_3_2_1_5_1","volume-title":"http:\/\/anubis.iseclab.org\/","year":"2009","unstructured":"Anubis. http:\/\/anubis.iseclab.org\/ , 2009 . Anubis. http:\/\/anubis.iseclab.org\/, 2009."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1015330.1015424"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945462"},{"key":"e_1_3_2_1_8_1","volume-title":"Behavior-Based Malware Clustering. In ISOC Network and Distributed System Security Symposium.","author":"Bayer Ulrich","year":"2009","unstructured":"Ulrich Bayer , Paolo Milani Comparetti , Clemens Hlauschek , Christopher Kruegel , and Engin Kirda . Scalable , Behavior-Based Malware Clustering. In ISOC Network and Distributed System Security Symposium. 2009 . Ulrich Bayer, Paolo Milani Comparetti, Clemens Hlauschek, Christopher Kruegel, and Engin Kirda. Scalable, Behavior-Based Malware Clustering. In ISOC Network and Distributed System Security Symposium. 2009."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-006-0012-2"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1504\/IJESDF.2007.016865"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.5555\/1162264"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1009715923555"},{"key":"e_1_3_2_1_13_1","first-page":"169","volume-title":"Proceedings of the 12th USENIX Security Symposium","author":"Christodorescu Mihai","year":"2003","unstructured":"Mihai Christodorescu and Somesh Jha . Static Analysis of Executables to Detect Malicious Patterns . In Proceedings of the 12th USENIX Security Symposium , pages 169 -- 186 , 2003 . Mihai Christodorescu and Somesh Jha. Static Analysis of Executables to Detect Malicious Patterns. In Proceedings of the 12th USENIX Security Symposium, pages 169--186, 2003."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.4304\/jcp.4.5.405-414"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455779"},{"key":"e_1_3_2_1_16_1","series-title":"Series C (Applied Statistics), 28(1):100--108","volume-title":"Algorithm AS 136: A K-Means Clustering Algorithm. Journal of the Royal Statistical Society","author":"Hartigan J. A.","year":"1979","unstructured":"J. A. Hartigan and M. A. Wong . Algorithm AS 136: A K-Means Clustering Algorithm. Journal of the Royal Statistical Society . Series C (Applied Statistics), 28(1):100--108 , 1979 . J. A. Hartigan and M. A. Wong. Algorithm AS 136: A K-Means Clustering Algorithm. Journal of the Royal Statistical Society. Series C (Applied Statistics), 28(1):100--108, 1979."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1137\/1035089"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.5555\/1298081.1298084"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-005-0002-9"},{"key":"e_1_3_2_1_20_1","volume-title":"Kernels for Graphs","author":"Kashima H.","year":"2004","unstructured":"H. Kashima , K. Tsuda , and A. Inokuchi . Kernels for Graphs . MIT Press , 2004 . H. Kashima, K. Tsuda, and A. Inokuchi. Kernels for Graphs. MIT Press, 2004."},{"key":"e_1_3_2_1_21_1","first-page":"2721","article-title":"Learning to Detect and Classify Malicious Executables in the Wild","volume":"7","author":"Zico Kolter J.","year":"2006","unstructured":"J. Zico Kolter and Marcus A. Maloof . Learning to Detect and Classify Malicious Executables in the Wild . The Journal of Machine Learning Research , 7 : 2721 -- 2744 , December 2006 . J. Zico Kolter and Marcus A. Maloof. Learning to Detect and Classify Malicious Executables in the Wild. The Journal of Machine Learning Research, 7:2721--2744, December 2006.","journal-title":"The Journal of Machine Learning Research"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1007\/11663812_11"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2016904.2016908"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2010.5544291"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065034"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11222-007-9033-z"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.48"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.csda.2008.10.015"},{"key":"e_1_3_2_1_29_1","volume-title":"Engin Kirda. Limits of Static Analysis for Malware Detection. Computer Security Applications Conference, Annual, 0: 421--430","author":"Moser Andreas","year":"2007","unstructured":"Andreas Moser , Christopher Kruegel , and Engin Kirda. Limits of Static Analysis for Malware Detection. Computer Security Applications Conference, Annual, 0: 421--430 , 2007 . Andreas Moser, Christopher Kruegel, and Engin Kirda. Limits of Static Analysis for Malware Detection. Computer Security Applications Conference, Annual, 0:421--430, 2007."},{"key":"e_1_3_2_1_30_1","first-page":"91","volume-title":"Farnam Jahanian. CloudAV: N-version Antivirus in the Network Cloud. In Proceedings of the 17th Conference on Security Symposium","author":"Oberheide Jon","year":"2008","unstructured":"Jon Oberheide , Evan Cooke , and Farnam Jahanian. CloudAV: N-version Antivirus in the Network Cloud. In Proceedings of the 17th Conference on Security Symposium , pages 91 -- 106 , 2008 . Jon Oberheide, Evan Cooke, and Farnam Jahanian. CloudAV: N-version Antivirus in the Network Cloud. In Proceedings of the 17th Conference on Security Symposium, pages 91--106, 2008."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/1622103.1629656"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.26"},{"key":"e_1_3_2_1_33_1","volume-title":"http:\/\/www.hex-rays.com\/products\/ida\/index.shtml","author":"Pro IDA","year":"2012","unstructured":"IDA Pro . http:\/\/www.hex-rays.com\/products\/ida\/index.shtml , 2012 . IDA Pro. http:\/\/www.hex-rays.com\/products\/ida\/index.shtml, 2012."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-010-0142-4"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-70542-0_6"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2006.38"},{"key":"e_1_3_2_1_37_1","volume-title":"Learning with Kernels","author":"Sch\u00f6lkopf Bernhard","year":"2002","unstructured":"Bernhard Sch\u00f6lkopf and Alexander Johannes Smola . Learning with Kernels . MIT Press , 2002 . Bernhard Sch\u00f6lkopf and Alexander Johannes Smola. Learning with Kernels. MIT Press, 2002."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.5555\/882495.884433"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-70542-0_5"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-010-0141-5"},{"key":"e_1_3_2_1_41_1","first-page":"488","volume-title":"Proceedings of the Twelfth International Conference on Artificial Intelligence and Statistics (AISTATS)","volume":"5","author":"Shervashidze Nino","year":"2009","unstructured":"Nino Shervashidze , S. V. N. Vishwanathan , Tobias H. Petri , Kurt Mehlhorn , and Karsten M. Borgwardt . Efficient Graphlet Kernels for Large Graph Comparison . In Proceedings of the Twelfth International Conference on Artificial Intelligence and Statistics (AISTATS) , volume 5 , pages 488 -- 495 . CSAIL, 2009 . Nino Shervashidze, S. V. N. Vishwanathan, Tobias H. Petri, Kurt Mehlhorn, and Karsten M. Borgwardt. Efficient Graphlet Kernels for Large Graph Comparison. In Proceedings of the Twelfth International Conference on Artificial Intelligence and Statistics (AISTATS), volume 5, pages 488--495. CSAIL, 2009."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-89862-7_1"},{"key":"e_1_3_2_1_43_1","volume-title":"Christin Schaefer. A General and Efficient Multiple Kernel Learning Algorithm. Nineteenth Annual Conference on Neural Information Processing Systems","author":"Sonnenburg S\u00f6ren","year":"2005","unstructured":"S\u00f6ren Sonnenburg , Gunnar R\u00e4tsch , and Christin Schaefer. A General and Efficient Multiple Kernel Learning Algorithm. Nineteenth Annual Conference on Neural Information Processing Systems , 2005 . S\u00f6ren Sonnenburg, Gunnar R\u00e4tsch, and Christin Schaefer. A General and Efficient Multiple Kernel Learning Algorithm. Nineteenth Annual Conference on Neural Information Processing Systems, 2005."},{"key":"e_1_3_2_1_44_1","first-page":"1799","article-title":"The SHOGUN Machine Learning Toolbox","volume":"99","author":"Sonnenburg S\u00f6ren","year":"2010","unstructured":"S\u00f6ren Sonnenburg , Gunnar R\u00e4tsch , Sebastian Henschel , Christian Widmer , Jonas Behr , Alexander Zien , Fabio de Bona , Alexander Binder , Christian Gehl , and Vojtvech Franc . The SHOGUN Machine Learning Toolbox . The Journal of Machine Learning Research , 99 : 1799 -- 1802 , August 2010 . S\u00f6ren Sonnenburg, Gunnar R\u00e4tsch, Sebastian Henschel, Christian Widmer, Jonas Behr, Alexander Zien, Fabio de Bona, Alexander Binder, Christian Gehl, and Vojtvech Franc. The SHOGUN Machine Learning Toolbox. The Journal of Machine Learning Research, 99:1799--1802, August 2010.","journal-title":"The Journal of Machine Learning Research"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-44599-1_11"},{"key":"e_1_3_2_1_46_1","volume-title":"Wei-Jen Li. Fileprint Analysis for Malware Detection. In ACM Workshop on Recurring\/Rapid Malcode","author":"Stolfo Salvatore J.","year":"2005","unstructured":"Salvatore J. Stolfo , Ke Wang , and Wei-Jen Li. Fileprint Analysis for Malware Detection. In ACM Workshop on Recurring\/Rapid Malcode , 2005 . Salvatore J. Stolfo, Ke Wang, and Wei-Jen Li. Fileprint Analysis for Malware Detection. In ACM Workshop on Recurring\/Rapid Malcode, 2005."},{"key":"e_1_3_2_1_47_1","volume-title":"Internet Security Threat Report","year":"2011","unstructured":"Symantec. Internet Security Threat Report , Volume 16 . White Paper , April 2011 . Symantec. Internet Security Threat Report, Volume 16. White Paper, April 2011."},{"key":"e_1_3_2_1_48_1","unstructured":"The Silicon Realms Toolworks. Armadillo Software Protection System. http:\/\/www.siliconrealms.com\/ Accessed 6 October 2011.  The Silicon Realms Toolworks. Armadillo Software Protection System. http:\/\/www.siliconrealms.com\/ Accessed 6 October 2011."},{"key":"e_1_3_2_1_49_1","unstructured":"UPX\n  : The Ultimate Packer for eXecutables. http:\/\/upx.sourceforge.net\/ Accessed 6 October 2011.  UPX: The Ultimate Packer for eXecutables. http:\/\/upx.sourceforge.net\/ Accessed 6 October 2011."},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/2020408.2020448"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315261"}],"event":{"name":"CCS'12: the ACM Conference on Computer and Communications Security","location":"Raleigh North Carolina USA","acronym":"CCS'12","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 5th ACM workshop on Security and artificial intelligence"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2381896.2381900","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2381896.2381900","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T09:34:46Z","timestamp":1750239286000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2381896.2381900"}},"subtitle":["bridging the static\/dynamic gap"],"short-title":[],"issued":{"date-parts":[[2012,10,19]]},"references-count":51,"alternative-id":["10.1145\/2381896.2381900","10.1145\/2381896"],"URL":"https:\/\/doi.org\/10.1145\/2381896.2381900","relation":{},"subject":[],"published":{"date-parts":[[2012,10,19]]},"assertion":[{"value":"2012-10-19","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}