{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,31]],"date-time":"2026-03-31T09:38:07Z","timestamp":1774949887757,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":48,"publisher":"ACM","license":[{"start":{"date-parts":[[2016,3,9]],"date-time":"2016-03-09T00:00:00Z","timestamp":1457481600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2016,3,9]]},"DOI":"10.1145\/2857705.2857713","type":"proceedings-article","created":{"date-parts":[[2016,3,4]],"date-time":"2016-03-04T20:57:50Z","timestamp":1457125070000},"page":"183-194","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":256,"title":["Novel Feature Extraction, Selection and Fusion for Effective Malware Family Classification"],"prefix":"10.1145","author":[{"given":"Mansour","family":"Ahmadi","sequence":"first","affiliation":[{"name":"University of Cagliari, Cagliari, Italy"}]},{"given":"Dmitry","family":"Ulyanov","sequence":"additional","affiliation":[{"name":"Skolkovo Institute of Science and Technology, Moscow, Russian Fed."}]},{"given":"Stanislav","family":"Semenov","sequence":"additional","affiliation":[{"name":"National Research University Higher School of Economics, Moscow, Russian Fed."}]},{"given":"Mikhail","family":"Trofimov","sequence":"additional","affiliation":[{"name":"Moscow Institute of Physics and Technology, Moscow, Russian Fed."}]},{"given":"Giorgio","family":"Giacinto","sequence":"additional","affiliation":[{"name":"University of Cagliari, Cagliari, Italy"}]}],"member":"320","published-online":{"date-parts":[[2016,3,9]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Disassembler and debugger. https:\/\/www.hex-rays.com\/products\/ida\/","author":"Ida","year":"2013","unstructured":"Ida : Disassembler and debugger. https:\/\/www.hex-rays.com\/products\/ida\/ , 2013 . Ida : Disassembler and debugger. https:\/\/www.hex-rays.com\/products\/ida\/, 2013."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2014.02.053"},{"key":"e_1_3_2_1_3_1","volume-title":"http:\/\/www.kaspersky.com\/about\/news\/virus\/2015\/Duqu-is-back","author":"Duqu","year":"2015","unstructured":"Duqu is back. http:\/\/www.kaspersky.com\/about\/news\/virus\/2015\/Duqu-is-back , 2015 . Duqu is back. http:\/\/www.kaspersky.com\/about\/news\/virus\/2015\/Duqu-is-back, 2015."},{"key":"e_1_3_2_1_4_1","volume-title":"http:\/\/mahotas.readthedocs.org\/en\/latest\/features.html","author":"Mahotas","year":"2015","unstructured":"Mahotas features. http:\/\/mahotas.readthedocs.org\/en\/latest\/features.html , 2015 . Mahotas features. http:\/\/mahotas.readthedocs.org\/en\/latest\/features.html, 2015."},{"key":"e_1_3_2_1_5_1","unstructured":"Mcafee labs threats report february. http:\/\/www.mcafee.com\/us\/resources\/reports\/rp-quarterly-threat-q4--2014.pdf 2015.  Mcafee labs threats report february. http:\/\/www.mcafee.com\/us\/resources\/reports\/rp-quarterly-threat-q4--2014.pdf 2015."},{"key":"e_1_3_2_1_6_1","volume-title":"may. https:\/\/www.symantec.com\/content\/en\/us\/enterprise\/other_resources\/intelligence_report_05--2015.en-us.pdf","author":"Symantec","year":"2015","unstructured":"Symantec intelligent report , may. https:\/\/www.symantec.com\/content\/en\/us\/enterprise\/other_resources\/intelligence_report_05--2015.en-us.pdf , 2015 . Symantec intelligent report, may. https:\/\/www.symantec.com\/content\/en\/us\/enterprise\/other_resources\/intelligence_report_05--2015.en-us.pdf, 2015."},{"key":"e_1_3_2_1_7_1","volume-title":"https:\/\/www.bnxnet.com\/top-maliciously-used-apis\/","author":"Top","year":"2015","unstructured":"Top maliciously used apis. https:\/\/www.bnxnet.com\/top-maliciously-used-apis\/ , 2015 . Top maliciously used apis. https:\/\/www.bnxnet.com\/top-maliciously-used-apis\/, 2015."},{"key":"e_1_3_2_1_8_1","volume-title":"https:\/\/github.com\/dmlc\/xgboost","year":"2015","unstructured":"Xgboost. https:\/\/github.com\/dmlc\/xgboost , 2015 . Xgboost. https:\/\/github.com\/dmlc\/xgboost, 2015."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1016\/S1361-3723(13)70072-1"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-013-0185-4"},{"key":"e_1_3_2_1_11_1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"387","DOI":"10.1007\/978-3-642-40994-3_25","volume-title":"H. Blockeel, K. Kersting, S. Nijssen, and F. \u00c5elezn\u00fd","author":"Biggio B.","year":"2013","unstructured":"B. Biggio , I. Corona , D. Maiorca , B. Nelson , N. \u00c5\u0103rndi , P. Laskov , G. Giacinto , and F. Roli . Evasion attacks against machine learning at test time . In H. Blockeel, K. Kersting, S. Nijssen, and F. \u00c5elezn\u00fd , editors, Machine Learning and Knowledge Discovery in Databases, volume 8190 of Lecture Notes in Computer Science , pages 387 -- 402 . Springer Berlin Heidelberg , 2013 . B. Biggio, I. Corona, D. Maiorca, B. Nelson, N. \u00c5\u0103rndi, P. Laskov, G. Giacinto, and F. Roli. Evasion attacks against machine learning at test time. In H. Blockeel, K. Kersting, S. Nijssen, and F. \u00c5elezn\u00fd, editors, Machine Learning and Knowledge Discovery in Databases, volume 8190 of Lecture Notes in Computer Science, pages 387--402. Springer Berlin Heidelberg, 2013."},{"key":"e_1_3_2_1_12_1","volume-title":"Omnipress","author":"Biggio B.","year":"2012","unstructured":"B. Biggio , B. Nelson , and P. Laskov . Poisoning attacks against support vector machines. In 29th Int\\textquoterightl Conf. on Machine Learning (ICML) . Omnipress , Omnipress , 2012 . B. Biggio, B. Nelson, and P. Laskov. Poisoning attacks against support vector machines. In 29th Int\\textquoterightl Conf. on Machine Learning (ICML). Omnipress, Omnipress, 2012."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/2666652.2666666"},{"key":"e_1_3_2_1_14_1","volume-title":"Blackhat","author":"Bilar D.","year":"2006","unstructured":"D. Bilar . Statistical structures : Fingerprinting malware for classification and analysis . In Blackhat , 2006 . D. Bilar. Statistical structures: Fingerprinting malware for classification and analysis. In Blackhat, 2006."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1018054314350"},{"key":"e_1_3_2_1_16_1","volume-title":"Wadsworth and Brooks","author":"Breiman L.","year":"1984","unstructured":"L. Breiman , J. Friedman , R. Olshen , and C. Stone . Classification and Regression Trees . Wadsworth and Brooks , Monterey, CA , 1984 . new editioncitecart93 L. Breiman, J. Friedman, R. Olshen, and C. Stone. Classification and Regression Trees. Wadsworth and Brooks, Monterey, CA, 1984. new editioncitecart93"},{"key":"e_1_3_2_1_17_1","first-page":"12","volume-title":"Proceedings of the 12th Conference on USENIX Security Symposium -","volume":"12","author":"Christodorescu M.","year":"2003","unstructured":"M. Christodorescu and S. Jha . Static analysis of executables to detect malicious patterns . In Proceedings of the 12th Conference on USENIX Security Symposium - Volume 12 , SSYM'03, pages 12 -- 12 , Berkeley, CA, USA , 2003 . USENIX Association. M. Christodorescu and S. Jha. Static analysis of executables to detect malicious patterns. In Proceedings of the 12th Conference on USENIX Security Symposium - Volume 12, SSYM'03, pages 12--12, Berkeley, CA, USA, 2003. USENIX Association."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.20"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.5555\/2627435.2697065"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.11"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.engappai.2015.05.008"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-04342-0_6"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653736"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-37300-8_6"},{"key":"e_1_3_2_1_25_1","volume-title":"An Introduction to Statistical Learning: With Applications in R","author":"James G.","year":"2014","unstructured":"G. James , D. Witten , T. Hastie , and R. Tibshirani . An Introduction to Statistical Learning: With Applications in R . Springer Publishing Company, Inc orporated, 2014 . G. James, D. Witten, T. Hastie, and R. Tibshirani. An Introduction to Statistical Learning: With Applications in R. Springer Publishing Company, Incorporated, 2014."},{"issue":"1","key":"e_1_3_2_1_26_1","article-title":"Semantic malware detection by deploying graph mining","volume":"9","author":"Karbalaie F.","year":"2012","unstructured":"F. Karbalaie , A. Sami , and M. Ahmadi . Semantic malware detection by deploying graph mining . International Journal of Computer Science Issues , 9 ( 1 ), 2012 . F. Karbalaie, A. Sami, and M. Ahmadi. Semantic malware detection by deploying graph mining. International Journal of Computer Science Issues, 9(1), 2012.","journal-title":"International Journal of Computer Science Issues"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855768.1855790"},{"key":"e_1_3_2_1_28_1","first-page":"11","volume-title":"Proceedings of the 14th Conference on USENIX Security Symposium -","volume":"14","author":"Kruegel C.","year":"2005","unstructured":"C. Kruegel , E. Kirda , D. Mutz , W. Robertson , and G. Vigna . Automating mimicry attacks using static binary analysis . In Proceedings of the 14th Conference on USENIX Security Symposium - Volume 14 , SSYM'05, pages 11 -- 11 , Berkeley, CA, USA , 2005 . USENIX Association. C. Kruegel, E. Kirda, D. Mutz, W. Robertson, and G. Vigna. Automating mimicry attacks using static binary analysis. In Proceedings of the 14th Conference on USENIX Security Symposium - Volume 14, SSYM'05, pages 11--11, Berkeley, CA, USA, 2005. USENIX Association."},{"key":"e_1_3_2_1_29_1","first-page":"186","volume-title":"Ensemble Methods","author":"Kuncheva L. I.","year":"2014","unstructured":"L. I. Kuncheva . Ensemble Methods , pages 186 -- 229 . John Wiley & Sons, Inc. , 2014 . L. I. Kuncheva. Ensemble Methods, pages 186--229. John Wiley & Sons, Inc., 2014."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866353"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.48"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2007.17"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2007.21"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1002\/sec.1255"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/2016904.2016908"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2689702.2689704"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-70542-0_6"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.14"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/1774088.1774303"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2011.08.020"},{"key":"e_1_3_2_1_41_1","first-page":"45","volume-title":"Proceedings of the Ninth Working Conference on Reverse Engineering (WCRE'02)","author":"Schwarz B.","unstructured":"B. Schwarz , S. Debray , and G. Andrews . Disassembly of executable code revisited . In Proceedings of the Ninth Working Conference on Reverse Engineering (WCRE'02) , WCRE '02, pages 45 --, Washington, DC, USA, 2002. IEEE Computer Society. B. Schwarz, S. Debray, and G. Andrews. Disassembly of executable code revisited. In Proceedings of the Ninth Working Conference on Reverse Engineering (WCRE'02), WCRE '02, pages 45--, Washington, DC, USA, 2002. IEEE Computer Society."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-04342-0_7"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.2004.37"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/1599272.1599278"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.45"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/2590296.2590319"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.47"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-008-0082-4"}],"event":{"name":"CODASPY'16: Sixth ACM Conference on Data and Application Security and Privacy","location":"New Orleans Louisiana USA","acronym":"CODASPY'16","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2857705.2857713","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2857705.2857713","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T06:12:42Z","timestamp":1750227162000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2857705.2857713"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,3,9]]},"references-count":48,"alternative-id":["10.1145\/2857705.2857713","10.1145\/2857705"],"URL":"https:\/\/doi.org\/10.1145\/2857705.2857713","relation":{},"subject":[],"published":{"date-parts":[[2016,3,9]]},"assertion":[{"value":"2016-03-09","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}