{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:25:09Z","timestamp":1750220709624,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":64,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,3,16]],"date-time":"2020-03-16T00:00:00Z","timestamp":1584316800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1618631"],"award-info":[{"award-number":["CNS-1618631"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,3,16]]},"DOI":"10.1145\/3374664.3375741","type":"proceedings-article","created":{"date-parts":[[2020,3,13]],"date-time":"2020-03-13T17:06:53Z","timestamp":1584119213000},"page":"341-352","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":11,"title":["Deceiving Portable Executable Malware Classifiers into Targeted Misclassification with Practical Adversarial Examples"],"prefix":"10.1145","author":[{"given":"Yunus","family":"Kucuk","sequence":"first","affiliation":[{"name":"Binghamton University, State University of New York, Binghamton, NY, USA"}]},{"given":"Guanhua","family":"Yan","sequence":"additional","affiliation":[{"name":"Binghamton University, State University of New York, Binghamton, NY, USA"}]}],"member":"320","published-online":{"date-parts":[[2020,3,16]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"https:\/\/scipy.github.io\/devdocs\/generated\/scipy.spatial.distance.jensenshannon.html."},{"key":"e_1_3_2_1_2_1","unstructured":"Cuckoo Sandbox. https:\/\/cuckoosandbox.org."},{"key":"e_1_3_2_1_3_1","unstructured":"FakeNet. https:\/\/github.com\/fireeye\/flare-fakenet-ng."},{"key":"e_1_3_2_1_4_1","unstructured":"IDA Pro. https:\/\/www.hex-rays.com\/."},{"key":"e_1_3_2_1_5_1","unstructured":"Microsoft Malware Classification Challenge (BIG 2015). https:\/\/www.kaggle.com\/c\/malware-classification."},{"key":"e_1_3_2_1_6_1","unstructured":"Pin - A Dynamic Binary Instrumentation Tool. https:\/\/software.intel.com\/en-us\/articles\/pin-a-dynamic-binary-instrumentation-tool."},{"key":"e_1_3_2_1_7_1","unstructured":"Rbot source code 0.0.3. https:\/\/github.com\/ytisf\/theZoo\/tree\/master\/malwares\/Source\/Original\/rBot0.3.3_May2004."},{"key":"e_1_3_2_1_8_1","unstructured":"Stuxnet. https:\/\/en.wikipedia.org\/wiki\/Stuxnet."},{"key":"e_1_3_2_1_9_1","unstructured":"VirusShare.com - Because Sharing is Caring. https:\/\/virusshare.com\/."},{"key":"e_1_3_2_1_10_1","unstructured":"VirusTotal. https:\/\/www.virustotal.com\/."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-04283-1_6"},{"key":"e_1_3_2_1_12_1","volume-title":"Examining adversarial learning against graph-based iot malware detection systems. arXiv preprint arXiv:1902.04416","author":"Abusnaina A.","year":"2019","unstructured":"A. Abusnaina, A. Khormali, H. Alasmary, J. Park, A. Anwar, U. Meteriz, and A. Mohaisen. Examining adversarial learning against graph-based iot malware detection systems. arXiv preprint arXiv:1902.04416, 2019."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1654988.1655003"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/SPW.2018.00020"},{"key":"e_1_3_2_1_15_1","volume-title":"Learning to evade static PE machine learning malware models via reinforcement learning. arXiv preprint arXiv:1801.08917","author":"Anderson H.","year":"2018","unstructured":"H. Anderson, A. Kharkar, B. Filar, D. Evans, and P. Roth. Learning to evade static PE machine learning malware models via reinforcement learning. arXiv preprint arXiv:1801.08917, 2018."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23247"},{"key":"e_1_3_2_1_17_1","volume-title":"Accessed in March","author":"TEST.","year":"2018","unstructured":"AV-TEST. Malware statistics & trends report. https:\/\/www.av-test.org\/en\/statistics\/malware\/, Accessed in March 2018."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40994-3_25"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1504\/ijesdf.2007.016865"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2338965.2336768"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.49"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.5555\/1862294.1862301"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v32i1.11302"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2017.2700270"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2018.00957"},{"key":"e_1_3_2_1_27_1","volume-title":"Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572","author":"Goodfellow I. J.","year":"2014","unstructured":"I. J. Goodfellow, J. Shlens, and C. Szegedy. Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572, 2014."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-66399-9_4"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3097983.3098026"},{"key":"e_1_3_2_1_30_1","volume-title":"Generating adversarial malware examples for black-box attacks based on gan. arXiv preprint arXiv:1702.05983","author":"Hu W.","year":"2017","unstructured":"W. Hu and Y. Tan. Generating adversarial malware examples for black-box attacks based on gan. arXiv preprint arXiv:1702.05983, 2017."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/SPRO.2015.10"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.23919\/EUSIPCO.2018.8553214"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1014052.1014105"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/2487575.2488219"},{"key":"e_1_3_2_1_35_1","volume-title":"Deceiving end-to-end deep learning malware detectors using adversarial examples. arXiv preprint arXiv:1802.04528","author":"Kreuk F.","year":"2018","unstructured":"F. Kreuk, A. Barak, S. Aviv-Reuven, M. Baruch, B. Pinkas, and J. Keshet. Deceiving end-to-end deep learning malware detectors using adversarial examples. arXiv preprint arXiv:1802.04528, 2018."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/18.61115"},{"key":"e_1_3_2_1_37_1","volume-title":"Adversarial examples: Attacks on machine learning-based malware visualization detection methods. arXiv preprint arXiv:1808.01546","author":"Liu X.","year":"2018","unstructured":"X. Liu, Y. Lin, H. Li, and J. Zhang. Adversarial examples: Attacks on machine learning-based malware visualization detection methods. arXiv preprint arXiv:1808.01546, 2018."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/1569901.1570109"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.42"},{"key":"e_1_3_2_1_40_1","first-page":"52","article-title":"Amal: High-fidelity, behavior-based automated malware analysis and classification","author":"Mohaisen A.","year":"2015","unstructured":"A. Mohaisen, O. Alrawi, and M. Mohaisen. Amal: High-fidelity, behavior-based automated malware analysis and classification. Computers & Security, 52, 2015.","journal-title":"Computers & Security"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2016.282"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-89900-6_21"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2014.10.014"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2016.36"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2008.22"},{"key":"e_1_3_2_1_46_1","volume-title":"Proceedings of InfoSec Southwest","author":"Raman K.","year":"2012","unstructured":"K. Raman. Selecting features to classify malware. In Proceedings of InfoSec Southwest, 2012."},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-70542-0_6"},{"volume-title":"International Symposium on Research in Attacks, Intrusions, and Defenses.","author":"Rosenberg I.","key":"e_1_3_2_1_48_1","unstructured":"I. Rosenberg, A. Shabtai, L. Rokach, and Y. Elovici. Generic black-box end-to-end attack against state of the art api call based malware classifiers. In International Symposium on Research in Attacks, Intrusions, and Defenses."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.14"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1109\/EISIC.2012.34"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/1774088.1774303"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.5555\/882495.884439"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1186\/2190-8532-1-1"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-04342-0_7"},{"key":"e_1_3_2_1_55_1","volume-title":"Elf-miner: Using structural knowledge and data mining methods to detect new (linux) malicious executables. Knowledge and information systems, 30(3):589--612","author":"Shahzad F.","year":"2012","unstructured":"F. Shahzad and M. Farooq. Elf-miner: Using structural knowledge and data mining methods to detect new (linux) malicious executables. Knowledge and information systems, 30(3):589--612, 2012."},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420987"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23078"},{"key":"e_1_3_2_1_58_1","volume-title":"Proceedings of the IEEE symposium on security and privacy","author":"N.","year":"2014","unstructured":"N. vS rndi\u0107 and P. Laskov. Practical evasion of a learning-based classifier: A case study. In Proceedings of the IEEE symposium on security and privacy, 2014."},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1186\/s13635-016-0045-0"},{"key":"e_1_3_2_1_60_1","volume-title":"Symantec Security Response","author":"Suenaga M.","year":"2009","unstructured":"M. Suenaga. A museum of API obfuscation on win32. Symantec Security Response, 2009."},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.2200\/S00861ED1V01Y201806AIM039"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23115"},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-39235-1_3"},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134642"},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/1281192.1281308"}],"event":{"name":"CODASPY '20: Tenth ACM Conference on Data and Application Security and Privacy","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"New Orleans LA USA","acronym":"CODASPY '20"},"container-title":["Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3374664.3375741","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/abs\/10.1145\/3374664.3375741","content-type":"text\/html","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3374664.3375741","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3374664.3375741","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:33:08Z","timestamp":1750199588000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3374664.3375741"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,3,16]]},"references-count":64,"alternative-id":["10.1145\/3374664.3375741","10.1145\/3374664"],"URL":"https:\/\/doi.org\/10.1145\/3374664.3375741","relation":{},"subject":[],"published":{"date-parts":[[2020,3,16]]},"assertion":[{"value":"2020-03-16","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}