{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,4]],"date-time":"2026-02-04T16:40:35Z","timestamp":1770223235548,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":31,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,3,13]],"date-time":"2018-03-13T00:00:00Z","timestamp":1520899200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,3,13]]},"DOI":"10.1145\/3176258.3176306","type":"proceedings-article","created":{"date-parts":[[2018,3,15]],"date-time":"2018-03-15T13:22:14Z","timestamp":1521120134000},"page":"354-365","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":28,"title":["Beyond Precision and Recall"],"prefix":"10.1145","author":[{"given":"Fabio","family":"Pagani","sequence":"first","affiliation":[{"name":"EURECOM, Biot, France"}]},{"given":"Matteo","family":"Dell'Amico","sequence":"additional","affiliation":[{"name":"Symantec Research Labs, Biot, France"}]},{"given":"Davide","family":"Balzarotti","sequence":"additional","affiliation":[{"name":"EURECOM, Biot, France"}]}],"member":"320","published-online":{"date-parts":[[2018,3,13]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/CTC.2014.11"},{"key":"e_1_3_2_1_2_1","volume-title":"International Conference on Digital Forensics and Cyber Crime. Springer, 167--182","author":"Breitinger Frank","year":"2012","unstructured":"Frank Breitinger and Harald Baier . 2012 . Similarity preserving hashing: Eligible properties and a new algorithm MRSH-v2 . In International Conference on Digital Forensics and Cyber Crime. Springer, 167--182 . Frank Breitinger and Harald Baier. 2012. Similarity preserving hashing: Eligible properties and a new algorithm MRSH-v2. In International Conference on Digital Forensics and Cyber Crime. Springer, 167--182."},{"key":"e_1_3_2_1_3_1","first-page":"168","article-title":"Approximate matching: definition and terminology","volume":"800","author":"Breitinger Frank","year":"2014","unstructured":"Frank Breitinger , Barbara Guttman , Michael McCarrin , Vassil Roussev , and Douglas White . 2014 . Approximate matching: definition and terminology . NIST Special Publication 800 (2014), 168 . Frank Breitinger, Barbara Guttman, Michael McCarrin, Vassil Roussev, and Douglas White. 2014. Approximate matching: definition and terminology. NIST Special Publication 800 (2014), 168.","journal-title":"NIST Special Publication"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2014.03.002"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2013.06.006"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2020408.2020419"},{"key":"e_1_3_2_1_7_1","unstructured":"Andrei Costin Jonas Zaddach Aur\u00e9lien Francillon Davide Balzarotti and Sophia Antipolis. 2014. A Large-Scale Analysis of the Security of Embedded Firmwares.. In USENIX Security. 95--110.   Andrei Costin Jonas Zaddach Aur\u00e9lien Francillon Davide Balzarotti and Sophia Antipolis. 2014. A Large-Scale Analysis of the Security of Embedded Firmwares.. In USENIX Security. 95--110."},{"key":"e_1_3_2_1_8_1","volume-title":"An Open Digest-based Technique for Spam Detection. ISCA PDCS 2004","author":"Damiani Ernesto","year":"2004","unstructured":"Ernesto Damiani , Sabrina De Capitani di Vimercati , Stefano Paraboschi , and Pierangela Samarati . 2004 . An Open Digest-based Technique for Spam Detection. ISCA PDCS 2004 (2004), 559--564. Ernesto Damiani, Sabrina De Capitani di Vimercati, Stefano Paraboschi, and Pierangela Samarati. 2004. An Open Digest-based Technique for Spam Detection. ISCA PDCS 2004 (2004), 559--564."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2014.10.011"},{"key":"e_1_3_2_1_10_1","volume-title":"Two Fuzzy Hashing Techniques in Applied Malware Analysis. Results of SEI Line-Funded Exploratory New Starts Projects","author":"French David","year":"2012","unstructured":"David French and William Casey . 2012. Two Fuzzy Hashing Techniques in Applied Malware Analysis. Results of SEI Line-Funded Exploratory New Starts Projects ( 2012 ), 2. David French and William Casey. 2012. Two Fuzzy Hashing Techniques in Applied Malware Analysis. Results of SEI Line-Funded Exploratory New Starts Projects (2012), 2."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2009.06.016"},{"key":"e_1_3_2_1_12_1","unstructured":"Aristides Gionis Piotr Indyk Rajeev Motwani etal 1999. Similarity search in high dimensions via hashing. In VLDB. 518--529.   Aristides Gionis Piotr Indyk Rajeev Motwani et al. 1999. Similarity search in high dimensions via hashing. In VLDB. 518--529."},{"key":"e_1_3_2_1_13_1","unstructured":"Mariano Graziano Davide Canali Leyla Bilge Andrea Lanzi and Davide Balzarotti. 2015. Needles in a Haystack: Mining Information from Public Dynamic Analysis Sandboxes for Malware Intelligence.. In USENIX Security. 1057--1072.   Mariano Graziano Davide Canali Leyla Bilge Andrea Lanzi and Davide Balzarotti. 2015. Needles in a Haystack: Mining Information from Public Dynamic Analysis Sandboxes for Malware Intelligence.. In USENIX Security. 1057--1072."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-25512-5_4"},{"key":"e_1_3_2_1_15_1","first-page":"59","article-title":"Bytewise Approximate Matching: The Good, The Bad, and The Unknown","volume":"11","author":"Harichandran Vikram S","year":"2016","unstructured":"Vikram S Harichandran , Frank Breitinger , and Ibrahim Baggili . 2016 . Bytewise Approximate Matching: The Good, The Bad, and The Unknown . The Journal of Digital Forensics, Security and Law: JDFSL 11 , 2 (2016), 59 . Vikram S Harichandran, Frank Breitinger, and Ibrahim Baggili. 2016. Bytewise Approximate Matching: The Good, The Bad, and The Unknown. The Journal of Digital Forensics, Security and Law: JDFSL 11, 2 (2016), 59.","journal-title":"The Journal of Digital Forensics, Security and Law: JDFSL"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046742"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2523649.2523682"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2006.06.015"},{"key":"e_1_3_2_1_19_1","volume-title":"8th Workshop on Cyber Security Experimentation and Test (CSET 15)","author":"Li Yuping","year":"2015","unstructured":"Yuping Li , Sathya Chandran Sundaramurthy , Alexandru G Bardas , Xinming Ou , Doina Caragea , Xin Hu , and Jiyong Jang . 2015 . Experimental study of fuzzy hashing in malware clustering analysis . In 8th Workshop on Cyber Security Experimentation and Test (CSET 15) . Yuping Li, Sathya Chandran Sundaramurthy, Alexandru G Bardas, Xinming Ou, Doina Caragea, Xin Hu, and Jiyong Jang. 2015. Experimental study of fuzzy hashing in malware clustering analysis. In 8th Workshop on Cyber Security Experimentation and Test (CSET 15)."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/502059.502052"},{"key":"e_1_3_2_1_21_1","volume-title":"Fuzzy Clarity: Using Fuzzy Hashing Techniques to Identify Malicious Code","author":"Ninja Digital","year":"2007","unstructured":"Digital Ninja . 2007 . Fuzzy Clarity: Using Fuzzy Hashing Techniques to Identify Malicious Code . http:\/\/www.shadowserver.org\/wiki\/uploads\/Information\/FuzzyHashing.pdf. (2007). Digital Ninja. 2007. Fuzzy Clarity: Using Fuzzy Hashing Techniques to Identify Malicious Code. http:\/\/www.shadowserver.org\/wiki\/uploads\/Information\/FuzzyHashing.pdf. (2007)."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/CTC.2013.9"},{"key":"e_1_3_2_1_23_1","unstructured":"Michael O Rabin etal 1981. Fingerprinting by random polynomials. Center for Research in Computing Techn. Aiken Computation Laboratory Univ.  Michael O Rabin et al. 1981. Fingerprinting by random polynomials. Center for Research in Computing Techn. Aiken Computation Laboratory Univ."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-15506-2_15"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2011.05.005"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2007.06.011"},{"key":"e_1_3_2_1_27_1","volume-title":"Ninja Correlation of APT Binaries. First","author":"Soman Bhavna","year":"2015","unstructured":"Bhavna Soman . 2015. Ninja Correlation of APT Binaries. First ( 2015 ). Bhavna Soman. 2015. Ninja Correlation of APT Binaries. First (2015)."},{"key":"e_1_3_2_1_28_1","unstructured":"Andrew Tridgell. 2002. spamsum. https:\/\/www.samba.org\/ftp\/unpacked\/junkcode\/spamsum\/README. (2002).  Andrew Tridgell. 2002. spamsum. https:\/\/www.samba.org\/ftp\/unpacked\/junkcode\/spamsum\/README. (2002)."},{"key":"e_1_3_2_1_29_1","unstructured":"Andrew Tridgell. 2002. Spamsum readme. https:\/\/www.samba.org\/ftp\/unpacked\/junkcode\/spamsum\/README. (2002).  Andrew Tridgell. 2002. Spamsum readme. https:\/\/www.samba.org\/ftp\/unpacked\/junkcode\/spamsum\/README. (2002)."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2015.7413682"},{"key":"e_1_3_2_1_31_1","first-page":"8","article-title":"peHash: A Novel Approach to Fast Malware Clustering","volume":"9","author":"Wicherski Georg","year":"2009","unstructured":"Georg Wicherski . 2009 . peHash: A Novel Approach to Fast Malware Clustering . LEET 9 (2009), 8 . Georg Wicherski. 2009. peHash: A Novel Approach to Fast Malware Clustering. LEET 9 (2009), 8.","journal-title":"LEET"}],"event":{"name":"CODASPY '18: Eighth ACM Conference on Data and Application Security and Privacy","location":"Tempe AZ USA","acronym":"CODASPY '18","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3176258.3176306","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3176258.3176306","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T19:04:50Z","timestamp":1750273490000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3176258.3176306"}},"subtitle":["Understanding Uses (and Misuses) of Similarity Hashes in Binary Analysis"],"short-title":[],"issued":{"date-parts":[[2018,3,13]]},"references-count":31,"alternative-id":["10.1145\/3176258.3176306","10.1145\/3176258"],"URL":"https:\/\/doi.org\/10.1145\/3176258.3176306","relation":{},"subject":[],"published":{"date-parts":[[2018,3,13]]},"assertion":[{"value":"2018-03-13","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}