{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,24]],"date-time":"2026-03-24T22:48:12Z","timestamp":1774392492186,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":38,"publisher":"ACM","license":[{"start":{"date-parts":[[2012,8,17]],"date-time":"2012-08-17T00:00:00Z","timestamp":1345161600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2012,8,17]]},"DOI":"10.1145\/2490428.2490440","type":"proceedings-article","created":{"date-parts":[[2013,6,5]],"date-time":"2013-06-05T12:10:07Z","timestamp":1370434207000},"page":"85-91","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":10,"title":["Behavioural detection with\n            <i>API call-grams<\/i>\n            to identify malicious PE files"],"prefix":"10.1145","author":[{"given":"Parvez","family":"Faruki","sequence":"first","affiliation":[{"name":"Malaviya National Institute of Technology, Jaipur, India"}]},{"given":"Vijay","family":"Laxmi","sequence":"additional","affiliation":[{"name":"Malaviya National Institute of Technology, Jaipur, India"}]},{"given":"M. S.","family":"Gaur","sequence":"additional","affiliation":[{"name":"Malaviya National Institute of Technology, Jaipur, India"}]},{"given":"P.","family":"Vinod","sequence":"additional","affiliation":[{"name":"Malaviya National Institute of Technology, Jaipur, India"}]}],"member":"320","published-online":{"date-parts":[[2012,8,17]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1654988.1655003"},{"key":"e_1_3_2_1_2_1","unstructured":"ANUBIS. ANUBIS-Automated Sandbox Environment. http:\/\/anubis.iseclab.org.  ANUBIS. ANUBIS-Automated Sandbox Environment. http:\/\/anubis.iseclab.org."},{"key":"e_1_3_2_1_3_1","unstructured":"ApiMonitor. API Monitor--Spy and Display API Win32 Calls http:\/\/www.apimonitor.com.  ApiMonitor. API Monitor--Spy and Display API Win32 Calls http:\/\/www.apimonitor.com."},{"key":"e_1_3_2_1_4_1","first-page":"1137","volume-title":"IJCAI'95","author":"Bayer U.","year":"2009","unstructured":"U. Bayer , P. M. Comparetti , C. Hlauschek , C. Kr\u00fcgel , and E. Kirda . Scalable, Behavior-based Malware Clustering. In NDSS , IJCAI'95 , pages 1137 -- 1143 . NDSS, 2009 . U. Bayer, P. M. Comparetti, C. Hlauschek, C. Kr\u00fcgel, and E. Kirda. Scalable, Behavior-based Malware Clustering. In NDSS, IJCAI'95, pages 1137--1143. NDSS, 2009."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.5555\/1247360.1247401"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-008-0102-4"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1010933404324"},{"key":"e_1_3_2_1_8_1","unstructured":"Claudio-Guarnenieri. Cuckoo--Open Source Malware Analysis Sandbox--V.0.2. http:\/\/www.cuckoobox.org\/ Last Accessed March 2012.  Claudio-Guarnenieri. Cuckoo--Open Source Malware Analysis Sandbox--V.0.2. http:\/\/www.cuckoobox.org\/ Last Accessed March 2012."},{"key":"e_1_3_2_1_9_1","volume-title":"Last Accessed","author":"Free Software Downloads CNET.","year":"2012","unstructured":"CNET. Free Software Downloads and Software Reviews . http:\/\/download.cnet.com\/windows\/?tag=hdr;brandnav , Last Accessed March 2012 . CNET. Free Software Downloads and Software Reviews. http:\/\/download.cnet.com\/windows\/?tag=hdr;brandnav, Last Accessed March 2012."},{"key":"e_1_3_2_1_10_1","volume-title":"Threat Report","year":"2011","unstructured":"Damballa. DAMBALLA Threat Report 2011 . Technical report, DAMBALLA Malware Intelligence Labs , 2012. Damballa. DAMBALLA Threat Report 2011. Technical report, DAMBALLA Malware Intelligence Labs, 2012."},{"key":"e_1_3_2_1_11_1","unstructured":"Danny-Quist. Offensive Computing. http:\/\/offensivecomputing.net\/ Last Accessed March 2012.  Danny-Quist. Offensive Computing. http:\/\/offensivecomputing.net\/ Last Accessed March 2012."},{"key":"e_1_3_2_1_12_1","volume-title":"Malcode context of api abuse. Technical report","author":"Dunham K.","year":"2011","unstructured":"K. Dunham . Malcode context of api abuse. Technical report , SANS Institute , 2011 . K. Dunham. Malcode context of api abuse. Technical report, SANS Institute, 2011."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/2089125.2089126"},{"key":"e_1_3_2_1_14_1","volume-title":"Finn Michael Halvorsen and ard H \u00cc\u0141avard Vegge. Zero--Day Malware. Master's thesis","author":"R. W. N.","year":"2008","unstructured":"R. W. N. \u00cc. Finn Michael Halvorsen and ard H \u00cc\u0141avard Vegge. Zero--Day Malware. Master's thesis , Norwegian University of Science and Technology , Trondheim , 2008 . R. W. N. \u00cc. Finn Michael Halvorsen and ard H \u00cc\u0141avard Vegge. Zero--Day Malware. Master's thesis, Norwegian University of Science and Technology, Trondheim, 2008."},{"key":"e_1_3_2_1_15_1","volume-title":"FireEye Advanced Threat Report Second Half","year":"2011","unstructured":"FireEye. FireEye Advanced Threat Report Second Half , 2011 . Technical report, FireEye Malware Intelligence Labs , 2012. FireEye. FireEye Advanced Threat Report Second Half, 2011. Technical report, FireEye Malware Intelligence Labs, 2012."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/279943.279985"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1007662407062"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/NPSEC.2010.5634444"},{"key":"e_1_3_2_1_19_1","first-page":"1","volume-title":"Proceedings of the 3rd conference on USENIX Windows NT Symposium -","volume":"3","author":"Hunt G.","year":"1999","unstructured":"G. Hunt and D. Brubacher . Detours: Binary Interception of Win32 Functions . In Proceedings of the 3rd conference on USENIX Windows NT Symposium - Volume 3 , WINSYM'99, pages 1 -- 9 . ACM, 1999 . G. Hunt and D. Brubacher. Detours: Binary Interception of Win32 Functions. In Proceedings of the 3rd conference on USENIX Windows NT Symposium - Volume 3, WINSYM'99, pages 1--9. ACM, 1999."},{"key":"e_1_3_2_1_20_1","first-page":"1020","volume-title":"Proceedings of the Student International conference for IT Security for the next generation","author":"Karbalaei F.","year":"2010","unstructured":"F. Karbalaei , A. Sami , and M. Ahmedi . Semantic Malware Detection by Deploying Graph Mining . In Proceedings of the Student International conference for IT Security for the next generation , pages 1020 -- 1025 . City University of HongKong and Kaspersky Academy , 2010 . F. Karbalaei, A. Sami, and M. Ahmedi. Semantic Malware Detection by Deploying Graph Mining. In Proceedings of the Student International conference for IT Security for the next generation, pages 1020--1025. City University of HongKong and Kaspersky Academy, 2010."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/2076732.2076790"},{"key":"e_1_3_2_1_22_1","first-page":"1137","volume-title":"Proceedings of the 14th international joint conference on Artificial intelligence -","volume":"2","author":"Kohavi R.","year":"1995","unstructured":"R. Kohavi . A Study of Cross-Validation and Bootstrap for Accuracy Estimation and Model Selection . In Proceedings of the 14th international joint conference on Artificial intelligence - Volume 2 , IJCAI'95, pages 1137 -- 1143 , San Francisco, CA, USA , 1995 . Morgan Kaufmann Publishers Inc. R. Kohavi. A Study of Cross-Validation and Bootstrap for Accuracy Estimation and Model Selection. In Proceedings of the 14th international joint conference on Artificial intelligence - Volume 2, IJCAI'95, pages 1137--1143, San Francisco, CA, USA, 1995. Morgan Kaufmann Publishers Inc."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-29280-4_28"},{"key":"e_1_3_2_1_24_1","unstructured":"Microsoft. Windows XP Service Pack-3. http:\/\/windows.microsoft.com\/en-IN\/windows\/products\/windows-xp.  Microsoft. Windows XP Service Pack-3. http:\/\/windows.microsoft.com\/en-IN\/windows\/products\/windows-xp."},{"key":"e_1_3_2_1_25_1","volume-title":"Microsoft Portable Executable and Common Object File Format Specificaton","author":"MICROSOFT","year":"1999","unstructured":"MICROSOFT CORPORATION. Microsoft Portable Executable and Common Object File Format Specificaton , 1999 . MICROSOFT CORPORATION. Microsoft Portable Executable and Common Object File Format Specificaton, 1999."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISI.2008.4565046"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/1854099.1854152"},{"key":"e_1_3_2_1_28_1","volume-title":"Advances in Kernel Methods -- Support Vector Learning","author":"Piatt J.","year":"1998","unstructured":"J. Piatt . Fast Training of Support Vector Machines using Sequential Minimal Optimization . In B. Schoelkopf, C. Burges, and A. Smola, editors, Advances in Kernel Methods -- Support Vector Learning . MIT Press , 1998 . J. Piatt. Fast Training of Support Vector Machines using Sequential Minimal Optimization. In B. Schoelkopf, C. Burges, and A. Smola, editors, Advances in Kernel Methods -- Support Vector Learning. MIT Press, 1998."},{"key":"e_1_3_2_1_29_1","volume-title":"Programs for Machine Learning","author":"Quinlan R.","year":"1993","unstructured":"R. Quinlan . C4.5 : Programs for Machine Learning . Morgan Kaufmann Publishers , San Mateo, CA , 1993 . R. Quinlan. C4.5: Programs for Machine Learning. Morgan Kaufmann Publishers, San Mateo, CA, 1993."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1774088.1774303"},{"key":"e_1_3_2_1_31_1","volume-title":"MAY","author":"Tan P.-N.","year":"2006","unstructured":"P.-N. Tan , M. Steinbach , and V. Kumar . Introduction to Data Mining. Pearson Education Inc. South Asia, Noida, India, 1 edition , MAY 2006 . P.-N. Tan, M. Steinbach, and V. Kumar. Introduction to Data Mining. Pearson Education Inc. South Asia, Noida, India, 1 edition, MAY 2006."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2010.5665796"},{"key":"e_1_3_2_1_33_1","volume-title":"Last Accessed","author":"University","year":"2012","unstructured":"University OfWaikato. WEKA: Data Mining with Open Source Machine Learning Software. http:\/\/www.cs.waikato.ac.nz\/ml\/weka , Last Accessed March 2012 . UniversityOfWaikato. WEKA:Data Mining with Open Source Machine Learning Software. http:\/\/www.cs.waikato.ac.nz\/ml\/weka, Last Accessed March 2012."},{"key":"e_1_3_2_1_34_1","unstructured":"VirtualBox. An x86 amd64\/intel64 virtualization product. https:\/\/www.virtualbox.org\/wiki\/Linuxdownloads.  VirtualBox. An x86 amd64\/intel64 virtualization product. https:\/\/www.virtualbox.org\/wiki\/Linux downloads ."},{"key":"e_1_3_2_1_35_1","volume-title":"Last Accessed","year":"2012","unstructured":"VirusTotal. VirusTotal - Free Online Virus, Malware and URL Scanner, https:\/\/www.virustotal.com\/ , Last Accessed January 2012 . VirusTotal. VirusTotal - Free Online Virus, Malware and URL Scanner, https:\/\/www.virustotal.com\/, Last Accessed January 2012."},{"key":"e_1_3_2_1_36_1","volume-title":"Last Accessed","author":"Virus Collections","year":"2012","unstructured":"VX-Heavens. Virus Collections (VXheavens). http:\/\/vl.netlux.org\/vl.php\/ , Last Accessed February 2012 . VX-Heavens. Virus Collections (VXheavens). http:\/\/vl.netlux.org\/vl.php\/, Last Accessed February 2012."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-007-0074-9"},{"key":"e_1_3_2_1_38_1","volume-title":"USA","year":"2011","unstructured":"WikiPedia. Type-i and type-ii errors. http:\/\/en.wikipedia.org\/wiki\/TypeI and TypeIIerrors. NY , USA , 2011 . ACM. WikiPedia. Type-i and type-ii errors. http:\/\/en.wikipedia.org\/wiki\/TypeI and TypeIIerrors. NY, USA, 2011. ACM."}],"event":{"name":"SECURIT '12: First International Conference on Security of Internet of Things","location":"Kollam India","acronym":"SECURIT '12","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control","TCG Trusted Computing Group","Amrita Amrita Vishwa Vidyapeetham","CSA Computer Science Association"]},"container-title":["Proceedings of the First International Conference on Security of Internet of Things"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2490428.2490440","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2490428.2490440","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T07:34:35Z","timestamp":1750232075000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2490428.2490440"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012,8,17]]},"references-count":38,"alternative-id":["10.1145\/2490428.2490440","10.1145\/2490428"],"URL":"https:\/\/doi.org\/10.1145\/2490428.2490440","relation":{},"subject":[],"published":{"date-parts":[[2012,8,17]]},"assertion":[{"value":"2012-08-17","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}