{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,21]],"date-time":"2026-02-21T19:58:34Z","timestamp":1771703914799,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":35,"publisher":"ACM","license":[{"start":{"date-parts":[[2016,10,12]],"date-time":"2016-10-12T00:00:00Z","timestamp":1476230400000},"content-version":"vor","delay-in-days":366,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"DARPA","award":["N66001-13-2-4039"],"award-info":[{"award-number":["N66001-13-2-4039"]}]},{"name":"ARO","award":["W911NF-09-1-0553"],"award-info":[{"award-number":["W911NF-09-1-0553"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,10,12]]},"DOI":"10.1145\/2810103.2813642","type":"proceedings-article","created":{"date-parts":[[2015,10,6]],"date-time":"2015-10-06T11:22:12Z","timestamp":1444130532000},"page":"769-780","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":87,"title":["MalGene"],"prefix":"10.1145","author":[{"given":"Dhilung","family":"Kirat","sequence":"first","affiliation":[{"name":"University of California, Santa Barbara, Santa Barbara, CA, USA"}]},{"given":"Giovanni","family":"Vigna","sequence":"additional","affiliation":[{"name":"University of California, Santa Barbara, Santa Barbara, CA, USA"}]}],"member":"320","published-online":{"date-parts":[[2015,10,12]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Anubis. http:\/\/anubis.cs.ucsb.edu."},{"key":"e_1_3_2_1_2_1","unstructured":"Intel Virtualization Technology. http:\/\/www.intel.com\/technology\/virtualization\/."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1093\/nar\/25.17.3389"},{"key":"e_1_3_2_1_4_1","volume-title":"Efficient Detection of Split Personalities in Malware. In Symposium on Network and Distributed System Security (NDSS)","author":"Balzarotti D.","year":"2010","unstructured":"D. Balzarotti, M. Cova, C. Karlberger, C. Kruegel, E. Kirda, G. Vigna, and S. Antipolis. Efficient Detection of Split Personalities in Malware. In Symposium on Network and Distributed System Security (NDSS), 2010."},{"key":"e_1_3_2_1_5_1","volume-title":"Symposium on Network and Distributed System Security (NDSS)","author":"Bayer U.","year":"2009","unstructured":"U. Bayer, P. M. Comparetti, C. Hlauschek, C. Kruegel, and E. Kirda. Scalable, behavior-based malware clustering. In Symposium on Network and Distributed System Security (NDSS), 2009."},{"key":"e_1_3_2_1_6_1","volume-title":"Dependable Systems and Networks With FTCS and DCC","author":"Chen X.","year":"2008","unstructured":"X. Chen, J. Andersen, Z. M. Mao, M. Bailey, and J. Nazario. Towards an Understanding of Anti-Virtualization and Anti-Debugging Behavior in Modern Malware. In Dependable Systems and Networks With FTCS and DCC, 2008."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.12"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.csda.2008.01.022"},{"key":"e_1_3_2_1_9_1","volume-title":"Atlas of Protein Sequence and Structure","author":"Dayhoff M. O.","year":"1978","unstructured":"M. O. Dayhoff and R. M. Schwartz. A model of evolutionary change in proteins. In Atlas of Protein Sequence and Structure, 1978."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455779"},{"key":"e_1_3_2_1_11_1","volume-title":"multiple sequence alignment with high accuracy and high throughput. Nucleic acids research","author":"Edgar R. C.","year":"2004","unstructured":"R. C. Edgar. Muscle: multiple sequence alignment with high accuracy and high throughput. Nucleic acids research, 2004."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.5555\/936660"},{"key":"e_1_3_2_1_13_1","volume-title":"Attacks on virtual machine emulators. Technical report","author":"Ferrie P.","year":"2007","unstructured":"P. Ferrie. Attacks on virtual machine emulators. Technical report, Symantec Corporation, 2007."},{"key":"e_1_3_2_1_14_1","unstructured":"O. Gotoh. An improved algorithm for matching biological sequences. Journal of molecular biology."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2011.41"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1655148.1655151"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.5555\/2671225.2671244"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046740"},{"issue":"22","key":"e_1_3_2_1_19_1","article-title":"Detection of malware by using sequence alignment strategy and data mining techniques","volume":"62","author":"Kumar V.","year":"2013","unstructured":"V. Kumar, S. K. Mishra, and L. Bhopal. Detection of malware by using sequence alignment strategy and data mining techniques. International Journal of Computer Applications, 62(22), 2013.","journal-title":"International Journal of Computer Applications"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-23644-0_18"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.5555\/1394399"},{"key":"e_1_3_2_1_22_1","volume-title":"Sequence and genome analysis","author":"Mount D. W.","year":"2004","unstructured":"D. W. Mount. Sequence and genome analysis. Bioinformatics: Cold Spring Harbour Laboratory Press: Cold Spring Harbour, 2, 2004."},{"key":"e_1_3_2_1_23_1","volume-title":"Algorithmica","author":"Myers E. W.","year":"1986","unstructured":"E. W. Myers. Ano (nd) difference algorithm and its variations. Algorithmica, 1986."},{"key":"e_1_3_2_1_24_1","volume-title":"A general method applicable to the search for similarities in the amino acid sequence of two proteins. Journal of molecular biology","author":"Needleman S. B.","year":"1970","unstructured":"S. B. Needleman and C. D. Wunsch. A general method applicable to the search for similarities in the amino acid sequence of two proteins. Journal of molecular biology, 1970."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855876.1855878"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1972551.1972554"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1186\/1748-7188-6-25"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.5555\/2396231.2396233"},{"key":"e_1_3_2_1_29_1","volume-title":"Red pill... or how to detect vmm using (almost) one cpu instruction","author":"Rutkowska J.","year":"2004","unstructured":"J. Rutkowska. Red pill... or how to detect vmm using (almost) one cpu instruction, 2004."},{"key":"e_1_3_2_1_30_1","volume-title":"Identification of common molecular subsequences. Journal of molecular biology","author":"Smith T. F.","year":"1981","unstructured":"T. F. Smith and M. S. Waterman. Identification of common molecular subsequences. Journal of molecular biology, 1981."},{"key":"e_1_3_2_1_31_1","volume-title":"A statistical interpretation of term specificity and its application in retrieval. Journal of documentation","author":"Jones K. Sparck","year":"1972","unstructured":"K. Sparck Jones. A statistical interpretation of term specificity and its application in retrieval. Journal of documentation, 1972."},{"key":"e_1_3_2_1_32_1","volume-title":"A comparative investigation of hierarchical clustering techniques and dissimilarity measures applied to the cell formation problem. Journal of operations management","author":"Vakharia A. J.","year":"1995","unstructured":"A. J. Vakharia and U. Wemmerl\u00f6v. A comparative investigation of hierarchical clustering techniques and dissimilarity measures applied to the cell formation problem. Journal of operations management, 1995."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1831708.1831740"},{"key":"e_1_3_2_1_34_1","volume-title":"IBM Thomas J. Watson Research Division","author":"Wespi A.","year":"1999","unstructured":"A. Wespi, M. Dacier, and H. Debar. An intrusion-detection system based on the Teiresias pattern-discovery algorithm. IBM Thomas J. Watson Research Division, 1999."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.11"}],"event":{"name":"CCS'15: The 22nd ACM Conference on Computer and Communications Security","location":"Denver Colorado USA","acronym":"CCS'15","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2810103.2813642","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2810103.2813642","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2810103.2813642","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T09:32:27Z","timestamp":1763458347000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2810103.2813642"}},"subtitle":["Automatic Extraction of Malware Analysis Evasion Signature"],"short-title":[],"issued":{"date-parts":[[2015,10,12]]},"references-count":35,"alternative-id":["10.1145\/2810103.2813642","10.1145\/2810103"],"URL":"https:\/\/doi.org\/10.1145\/2810103.2813642","relation":{},"subject":[],"published":{"date-parts":[[2015,10,12]]},"assertion":[{"value":"2015-10-12","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}