{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,1]],"date-time":"2026-05-01T03:57:27Z","timestamp":1777607847066,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":56,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,12,7]],"date-time":"2020-12-07T00:00:00Z","timestamp":1607299200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,12,7]]},"DOI":"10.1145\/3427228.3427242","type":"proceedings-article","created":{"date-parts":[[2020,12,9]],"date-time":"2020-12-09T22:20:18Z","timestamp":1607552418000},"page":"54-68","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":42,"title":["Advanced Windows Methods on Malware Detection and Classification"],"prefix":"10.1145","author":[{"given":"Dima","family":"Rabadi","sequence":"first","affiliation":[{"name":"Institute for Infocomm Research, Singapore"}]},{"given":"Sin G.","family":"Teo","sequence":"additional","affiliation":[{"name":"Institute for Infocomm Research Research, Singapore"}]}],"member":"320","published-online":{"date-parts":[[2020,12,8]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1654988.1655003"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/CTC.2010.8"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101760"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2018.04.019"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-015-0247-x"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2338965.2336768"},{"key":"e_1_3_2_1_7_1","volume-title":"Software similarity and classification","author":"Cesare Silvio"},{"key":"e_1_3_2_1_8_1","unstructured":"Steve Chamberlain and Cygnus Solutions. [n.d.]. Cygwin. ([n.\u00a0d.]). https:\/\/cygwin.com\/.  Steve Chamberlain and Cygnus Solutions. [n.d.]. Cygwin. ([n.\u00a0d.]). https:\/\/cygwin.com\/."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/2939672.2939785"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLC.2013.6890868"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2811411.2811543"},{"key":"e_1_3_2_1_12_1","volume-title":"Mar","author":"Crammer Koby","year":"2006"},{"key":"e_1_3_2_1_13_1","unstructured":"G DATA. [n.d.]. Malware Naming Hell Part 1: Taming the mess of AV detection names. ([n.\u00a0d.]). https:\/\/www.gdatasoftware.com\/blog\/2019\/08\/35146-taming-the-mess-of-av-detection-names.  G DATA. [n.d.]. Malware Naming Hell Part 1: Taming the mess of AV detection names. ([n.\u00a0d.]). https:\/\/www.gdatasoftware.com\/blog\/2019\/08\/35146-taming-the-mess-of-av-detection-names."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN.2015.7280815"},{"key":"e_1_3_2_1_15_1","volume-title":"A survey on automated dynamic malware-analysis techniques and tools. ACM computing surveys (CSUR) 44, 2","author":"Egele Manuel","year":"2012"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2986014"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-49445-6_15"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1656274.1656278"},{"key":"e_1_3_2_1_19_1","unstructured":"John\u00a0T. Haller. [n.d.]. Portable Apps. ([n.\u00a0d.]). https:\/\/portableapps.com\/.  John\u00a0T. Haller. [n.d.]. Portable Apps. ([n.\u00a0d.]). https:\/\/portableapps.com\/."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.02.007"},{"key":"e_1_3_2_1_21_1","unstructured":"Xiang Huang Li Ma Wenyin Yang and Yong Zhong. 2020. A Method for Windows Malware Detection Based on Deep Learning. Journal of Signal Processing Systems(2020) 1\u20139.  Xiang Huang Li Ma Wenyin Yang and Yong Zhong. 2020. A Method for Windows Malware Detection Based on Deep Learning. Journal of Signal Processing Systems(2020) 1\u20139."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2402599.2402604"},{"key":"e_1_3_2_1_23_1","volume-title":"International Conference on Security for Information Technology and Communications. Springer, 247\u2013258","author":"Kakisim Arzu\u00a0Gorgulu","year":"2018"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1155\/2015\/659101"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-50127-7_11"},{"key":"e_1_3_2_1_26_1","unstructured":"Malwarebytes Labs. [n.d.]. 2020 State of Malware Report. ([n.\u00a0d.]). https:\/\/resources.malwarebytes.com\/files\/2020\/02\/2020_State-of-Malware-Report.pdf.  Malwarebytes Labs. [n.d.]. 2020 State of Malware Report. ([n.\u00a0d.]). https:\/\/resources.malwarebytes.com\/files\/2020\/02\/2020_State-of-Malware-Report.pdf."},{"key":"e_1_3_2_1_27_1","unstructured":"Malshare Labs. [n.d.]. Malshare Website. ([n.\u00a0d.]). https:\/\/malshare.com\/.  Malshare Labs. [n.d.]. Malshare Website. ([n.\u00a0d.]). https:\/\/malshare.com\/."},{"key":"e_1_3_2_1_28_1","unstructured":"Malwarebytes Labs. [n.d.]. Malware Types. ([n.\u00a0d.]). https:\/\/www.malwarebytes.com\/malware\/.  Malwarebytes Labs. [n.d.]. Malware Types. ([n.\u00a0d.]). https:\/\/www.malwarebytes.com\/malware\/."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866353"},{"key":"e_1_3_2_1_30_1","unstructured":"VirusTotal malware\u00a0intelligence services. [n.d.]. https:\/\/www.virustotal.com. ([n.\u00a0d.]).  VirusTotal malware\u00a0intelligence services. [n.d.]. https:\/\/www.virustotal.com. ([n.\u00a0d.])."},{"key":"e_1_3_2_1_31_1","volume-title":"Machine learning: an algorithmic perspective","author":"Marsland Stephen"},{"key":"e_1_3_2_1_32_1","unstructured":"Microsoft. [n.d.]. Overview of the Windows API. ([n.\u00a0d.]). https:\/\/docs.microsoft.com\/en-us\/previous-versions\/\/aa383723(v=vs.85).  Microsoft. [n.d.]. Overview of the Windows API. ([n.\u00a0d.]). https:\/\/docs.microsoft.com\/en-us\/previous-versions\/\/aa383723(v=vs.85)."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2007.21"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/1854099.1854152"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.3390\/app9020239"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICASSP.2015.7178304"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2017.10.005"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1049\/iet-ifs.2017.0430"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/CyberSA.2015.7166115"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom.2013.36"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.5120\/6194-8715"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.5555\/2011216.2011217"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/AISP.2012.6313810"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.engappai.2016.12.016"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/1774088.1774303"},{"key":"e_1_3_2_1_46_1","unstructured":"Cuckoo Sandbox. [n.d.]. Hooked APIs and Categories in Cuckoo. ([n.\u00a0d.]). https:\/\/github.com\/cuckoosandbox\/cuckoo\/wiki\/Hooked-APIs-and-Categories\/.  Cuckoo Sandbox. [n.d.]. Hooked APIs and Categories in Cuckoo. ([n.\u00a0d.]). https:\/\/github.com\/cuckoosandbox\/cuckoo\/wiki\/Hooked-APIs-and-Categories\/."},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-11747-3_3"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45719-2_11"},{"key":"e_1_3_2_1_49_1","volume-title":"Most Popular Windows File Types Used by Malware","year":"2018"},{"key":"e_1_3_2_1_50_1","unstructured":"FileHippo s.r.o. [n.d.]. File Hippo. ([n.\u00a0d.]). https:\/\/filehippo.com\/software\/desktop.  FileHippo s.r.o. [n.d.]. File Hippo. ([n.\u00a0d.]). https:\/\/filehippo.com\/software\/desktop."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2010.5665796"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICACCI.2014.6968547"},{"key":"e_1_3_2_1_53_1","unstructured":"Hashing Vectorizer. [n.d.]. Scikit-learn Machine Learning in Python. ([n.\u00a0d.]). https:\/\/scikit-learn.org\/stable\/modules\/generated\/sklearn.feature_extraction.text.HashingVectorizer.html.  Hashing Vectorizer. [n.d.]. Scikit-learn Machine Learning in Python. ([n.\u00a0d.]). https:\/\/scikit-learn.org\/stable\/modules\/generated\/sklearn.feature_extraction.text.HashingVectorizer.html."},{"key":"e_1_3_2_1_54_1","volume-title":"International conference on networks and cyber security, Vol.\u00a025","author":"Veeramani R","year":"2012"},{"key":"e_1_3_2_1_55_1","unstructured":"Eunjin\u00a0Kim Youngjoon\u00a0Ki and Huy\u00a0Kang Kim. [n.d.]. APIMDS-dataset. ([n.\u00a0d.]). http:\/\/ocslab.hksecurity.net\/apimds-dataset.  Eunjin\u00a0Kim Youngjoon\u00a0Ki and Huy\u00a0Kang Kim. [n.d.]. APIMDS-dataset. ([n.\u00a0d.]). http:\/\/ocslab.hksecurity.net\/apimds-dataset."},{"key":"e_1_3_2_1_56_1","unstructured":"Zhaoqi Zhang Panpan Qi and Wei Wang. 2019. Dynamic Malware Analysis with Feature Engineering and Feature Learning. arXiv preprint arXiv:1907.07352(2019).  Zhaoqi Zhang Panpan Qi and Wei Wang. 2019. Dynamic Malware Analysis with Feature Engineering and Feature Learning. arXiv preprint arXiv:1907.07352(2019)."}],"event":{"name":"ACSAC '20: Annual Computer Security Applications Conference","location":"Austin USA","acronym":"ACSAC '20"},"container-title":["Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3427228.3427242","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3427228.3427242","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:02:24Z","timestamp":1750197744000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3427228.3427242"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,12,7]]},"references-count":56,"alternative-id":["10.1145\/3427228.3427242","10.1145\/3427228"],"URL":"https:\/\/doi.org\/10.1145\/3427228.3427242","relation":{},"subject":[],"published":{"date-parts":[[2020,12,7]]},"assertion":[{"value":"2020-12-08","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}