{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,1]],"date-time":"2025-11-01T12:59:13Z","timestamp":1762001953866,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":73,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,12,5]],"date-time":"2022-12-05T00:00:00Z","timestamp":1670198400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Frontier Science and Technology Innovation Project","award":["2019QY1403"],"award-info":[{"award-number":["2019QY1403"]}]},{"name":"National Nature Science Foundation of China","award":["62102406,61902384"],"award-info":[{"award-number":["62102406,61902384"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,12,5]]},"DOI":"10.1145\/3564625.3567982","type":"proceedings-article","created":{"date-parts":[[2022,12,3]],"date-time":"2022-12-03T01:01:29Z","timestamp":1670029289000},"page":"227-239","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":10,"title":["DitDetector: Bimodal Learning based on Deceptive Image and Text for Macro Malware Detection"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1248-7114","authenticated-orcid":false,"given":"Jia","family":"Yan","sequence":"first","affiliation":[{"name":"TCA\/SKLCS, Institute of Software, Chinese Academy of Sciences, China and School of Computer Science and Technology, University of Chinese Academy of Sciences, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5309-888X","authenticated-orcid":false,"given":"Ming","family":"Wan","sequence":"additional","affiliation":[{"name":"QIANXIN Group Inc., China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3782-1526","authenticated-orcid":false,"given":"Xiangkun","family":"Jia","sequence":"additional","affiliation":[{"name":"TCA\/SKLCS, Institute of Software, Chinese Academy of Sciences, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7445-9103","authenticated-orcid":false,"given":"Lingyun","family":"Ying","sequence":"additional","affiliation":[{"name":"QIANXIN Group Inc., China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6701-0383","authenticated-orcid":false,"given":"Purui","family":"Su","sequence":"additional","affiliation":[{"name":"TCA\/SKLCS, Institute of Software, Chinese Academy of Sciences, China and School of Cyber Security, University of Chinese Academy of Sciences, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4346-6858","authenticated-orcid":false,"given":"Zhanyi","family":"Wang","sequence":"additional","affiliation":[{"name":"QIANXIN Group Inc., China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2022,12,5]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/2996758.2996768"},{"key":"e_1_3_2_1_2_1","volume-title":"Multimodal machine learning: A survey and taxonomy","author":"Baltru\u0161aitis Tadas","year":"2018","unstructured":"Tadas Baltru\u0161aitis , Chaitanya Ahuja , and Louis-Philippe Morency . 2018. Multimodal machine learning: A survey and taxonomy . IEEE transactions on pattern analysis and machine intelligence 41, 2( 2018 ), 423\u2013443. Tadas Baltru\u0161aitis, Chaitanya Ahuja, and Louis-Philippe Morency. 2018. Multimodal machine learning: A survey and taxonomy. IEEE transactions on pattern analysis and machine intelligence 41, 2(2018), 423\u2013443."},{"key":"e_1_3_2_1_3_1","volume-title":"25th USENIX Security Symposium (USENIX Security 16)","author":"Bartos Karel","year":"2016","unstructured":"Karel Bartos , Michal Sofka , and Vojtech Franc . 2016 . Optimized invariant representation of network traffic for detecting unseen malware variants . In 25th USENIX Security Symposium (USENIX Security 16) . 807\u2013822. Karel Bartos, Michal Sofka, and Vojtech Franc. 2016. Optimized invariant representation of network traffic for detecting unseen malware variants. In 25th USENIX Security Symposium (USENIX Security 16). 807\u2013822."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/BigData.2017.8258483"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2015.7346821"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10462-009-9109-6"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/3468791.3468814"},{"key":"e_1_3_2_1_8_1","unstructured":"Fran Casino Nikolaos Totosis Theodoros Apostolopoulos Nikolaos Lykousas and Constantinos Patsakis. 2021. Analysis and correlation of visual evidence in campaigns of malicious office documents. Digital Threats: Research and Practice(2021).  Fran Casino Nikolaos Totosis Theodoros Apostolopoulos Nikolaos Lykousas and Constantinos Patsakis. 2021. Analysis and correlation of visual evidence in campaigns of malicious office documents. Digital Threats: Research and Practice(2021)."},{"key":"e_1_3_2_1_9_1","unstructured":"CISA. 2020. Emotet Malware. https:\/\/www.cisa.gov\/uscert\/ncas\/alerts\/aa20-280a  CISA. 2020. Emotet Malware. https:\/\/www.cisa.gov\/uscert\/ncas\/alerts\/aa20-280a"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2018.05.031"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2016.07.010"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"crossref","unstructured":"Gordon\u00a0V Cormack 2008. Email spam filtering: A systematic review. Foundations and Trends\u00ae in Information Retrieval 1 4(2008) 335\u2013455.  Gordon\u00a0V Cormack 2008. Email spam filtering: A systematic review. Foundations and Trends\u00ae in Information Retrieval 1 4(2008) 335\u2013455.","DOI":"10.1561\/1500000006"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.heliyon.2019.e01802"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"crossref","unstructured":"Sergio De\u00a0los Santos and Jos\u00e9 Torres. 2017. Macro Malware Detection using Machine Learning Techniques-A New Approach.. In ICISSP. 295\u2013302.  Sergio De\u00a0los Santos and Jos\u00e9 Torres. 2017. Macro Malware Detection using Machine Learning Techniques-A New Approach.. In ICISSP. 295\u2013302.","DOI":"10.5220\/0006132202950302"},{"key":"e_1_3_2_1_15_1","unstructured":"decalage. 2020. oletools - python tools to analyze OLE and MS Office files. http:\/\/www.decalage.info\/python\/oletools  decalage. 2020. oletools - python tools to analyze OLE and MS Office files. http:\/\/www.decalage.info\/python\/oletools"},{"key":"e_1_3_2_1_16_1","volume-title":"Bert: Pre-training of deep bidirectional transformers for language understanding. arXiv preprint arXiv:1810.04805(2018).","author":"Devlin Jacob","year":"2018","unstructured":"Jacob Devlin , Ming-Wei Chang , Kenton Lee , and Kristina Toutanova . 2018 . Bert: Pre-training of deep bidirectional transformers for language understanding. arXiv preprint arXiv:1810.04805(2018). Jacob Devlin, Ming-Wei Chang, Kenton Lee, and Kristina Toutanova. 2018. Bert: Pre-training of deep bidirectional transformers for language understanding. arXiv preprint arXiv:1810.04805(2018)."},{"key":"e_1_3_2_1_17_1","unstructured":"Jacob Gildenblat and contributors. 2021. PyTorch library for CAM methods. https:\/\/github.com\/jacobgil\/pytorch-grad-cam.  Jacob Gildenblat and contributors. 2021. PyTorch library for CAM methods. https:\/\/github.com\/jacobgil\/pytorch-grad-cam."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/IIH-MSP.2015.72"},{"key":"e_1_3_2_1_19_1","volume-title":"Microsoft Office Macro Warnings: A Design Comedy of Errors with Tragic Security Consequences. In European Symposium on Usable Security","author":"Gutfleisch Marco","year":"2021","unstructured":"Marco Gutfleisch , Maximilian Peiffer , Selim Erk , and Martina\u00a0Angela Sasse . 2021 . Microsoft Office Macro Warnings: A Design Comedy of Errors with Tragic Security Consequences. In European Symposium on Usable Security 2021. 9\u201322. Marco Gutfleisch, Maximilian Peiffer, Selim Erk, and Martina\u00a0Angela Sasse. 2021. Microsoft Office Macro Warnings: A Design Comedy of Errors with Tragic Security Consequences. In European Symposium on Usable Security 2021. 9\u201322."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2016.90"},{"key":"e_1_3_2_1_21_1","unstructured":"Rene Holt. 2022. How Emotet is changing tactics in response to Microsoft\u2019s tightening of Office macro security. https:\/\/www.welivesecurity.com\/2022\/06\/16\/how-emotet-is-changing-tactics-microsoft-tightening-office-macro-security\/  Rene Holt. 2022. How Emotet is changing tactics in response to Microsoft\u2019s tightening of Office macro security. https:\/\/www.welivesecurity.com\/2022\/06\/16\/how-emotet-is-changing-tactics-microsoft-tightening-office-macro-security\/"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCV.2019.00140"},{"key":"e_1_3_2_1_23_1","unstructured":"Microsoft Inc.2017. Microsoft Office\/WordPad Remote Code Execution Vulnerability w\/Windows CVE-2017-0199. https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2017-0199  Microsoft Inc.2017. Microsoft Office\/WordPad Remote Code Execution Vulnerability w\/Windows CVE-2017-0199. https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2017-0199"},{"key":"e_1_3_2_1_24_1","unstructured":"Microsoft Inc.2019. Antimalware Scan Interface (AMSI). https:\/\/docs.microsoft.com\/en-us\/windows\/win32\/amsi\/antimalware-scan-interface-portal  Microsoft Inc.2019. Antimalware Scan Interface (AMSI). https:\/\/docs.microsoft.com\/en-us\/windows\/win32\/amsi\/antimalware-scan-interface-portal"},{"key":"e_1_3_2_1_25_1","unstructured":"Microsoft Inc.2021. File format reference for Word Excel and PowerPoint. https:\/\/docs.microsoft.com\/en-us\/deployoffice\/compat\/office-file-format-reference  Microsoft Inc.2021. File format reference for Word Excel and PowerPoint. https:\/\/docs.microsoft.com\/en-us\/deployoffice\/compat\/office-file-format-reference"},{"key":"e_1_3_2_1_26_1","unstructured":"Microsoft Inc.2022. Description of behaviors of Auto-Exec and Auto-Open macros in Word. https:\/\/docs.microsoft.com\/en-us\/office\/troubleshoot\/word\/autoexec-autoopen-macros-word  Microsoft Inc.2022. Description of behaviors of Auto-Exec and Auto-Open macros in Word. https:\/\/docs.microsoft.com\/en-us\/office\/troubleshoot\/word\/autoexec-autoopen-macros-word"},{"key":"e_1_3_2_1_27_1","unstructured":"Microsoft Inc.2022. Macros from the internet will be blocked by default in Office. https:\/\/docs.microsoft.com\/en-us\/deployoffice\/security\/internet-macros-blocked  Microsoft Inc.2022. Macros from the internet will be blocked by default in Office. https:\/\/docs.microsoft.com\/en-us\/deployoffice\/security\/internet-macros-blocked"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.7763\/IJET.2016.V8.866"},{"key":"e_1_3_2_1_29_1","volume-title":"26th USENIX Security Symposium (USENIX Security 17)","author":"Jordaney Roberto","year":"2017","unstructured":"Roberto Jordaney , Kumar Sharad , Santanu\u00a0 K Dash , Zhi Wang , Davide Papini , Ilia Nouretdinov , and Lorenzo Cavallaro . 2017 . Transcend: Detecting concept drift in malware classification models . In 26th USENIX Security Symposium (USENIX Security 17) . 625\u2013642. Roberto Jordaney, Kumar Sharad, Santanu\u00a0K Dash, Zhi Wang, Davide Papini, Ilia Nouretdinov, and Lorenzo Cavallaro. 2017. Transcend: Detecting concept drift in malware classification models. In 26th USENIX Security Symposium (USENIX Security 17). 625\u2013642."},{"volume-title":"Obfuscated VBA macro detection using machine learning. In 2018 48th annual ieee\/ifip international conference on dependable systems and networks (dsn)","author":"Kim Sangwoo","key":"e_1_3_2_1_30_1","unstructured":"Sangwoo Kim , Seokmyung Hong , Jaesang Oh , and Heejo Lee . 2018. Obfuscated VBA macro detection using machine learning. In 2018 48th annual ieee\/ifip international conference on dependable systems and networks (dsn) . IEEE , 490\u2013501. Sangwoo Kim, Seokmyung Hong, Jaesang Oh, and Heejo Lee. 2018. Obfuscated VBA macro detection using machine learning. In 2018 48th annual ieee\/ifip international conference on dependable systems and networks (dsn). IEEE, 490\u2013501."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2866319"},{"key":"e_1_3_2_1_32_1","unstructured":"Ryan Kiros Ruslan Salakhutdinov and Richard\u00a0S Zemel. 2014. Unifying visual-semantic embeddings with multimodal neural language models. arXiv preprint arXiv:1411.2539(2014).  Ryan Kiros Ruslan Salakhutdinov and Richard\u00a0S Zemel. 2014. Unifying visual-semantic embeddings with multimodal neural language models. arXiv preprint arXiv:1411.2539(2014)."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102582"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.5281\/zenodo.4559436"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2916886"},{"key":"e_1_3_2_1_36_1","volume-title":"The State of Consumer Cybersecurity","author":"Lab Reason","year":"2022","unstructured":"Reason Lab . 2022. The State of Consumer Cybersecurity 2022 . https:\/\/reasonlabs.com\/research\/cybersecurity-report Reason Lab. 2022. The State of Consumer Cybersecurity 2022. https:\/\/reasonlabs.com\/research\/cybersecurity-report"},{"key":"e_1_3_2_1_37_1","unstructured":"Vinh Lam. 2021. Excel 4.0 Macro: Old Feature New Attack Technique. https:\/\/www.opswat.com\/blog\/excel-4-0-macro-old-feature-new-attack-technique  Vinh Lam. 2021. Excel 4.0 Macro: Old Feature New Attack Technique. https:\/\/www.opswat.com\/blog\/excel-4-0-macro-old-feature-new-attack-technique"},{"key":"e_1_3_2_1_38_1","volume-title":"International conference on machine learning. PMLR, 1188\u20131196","author":"Le Quoc","year":"2014","unstructured":"Quoc Le and Tomas Mikolov . 2014 . Distributed representations of sentences and documents . In International conference on machine learning. PMLR, 1188\u20131196 . Quoc Le and Tomas Mikolov. 2014. Distributed representations of sentences and documents. In International conference on machine learning. PMLR, 1188\u20131196."},{"key":"e_1_3_2_1_39_1","volume-title":"Phishpedia: A Hybrid Deep Learning Based Approach to Visually Identify Phishing Webpages. In 30th {USENIX} Security Symposium ({USENIX} Security 21).","author":"Lin Yun","year":"2021","unstructured":"Yun Lin , Ruofan Liu , Dinil\u00a0Mon Divakaran , Jun\u00a0Yang Ng , Qing\u00a0Zhou Chan , Yiwen Lu , Yuxuan Si , Fan Zhang , and Jin\u00a0Song Dong . 2021 . Phishpedia: A Hybrid Deep Learning Based Approach to Visually Identify Phishing Webpages. In 30th {USENIX} Security Symposium ({USENIX} Security 21). Yun Lin, Ruofan Liu, Dinil\u00a0Mon Divakaran, Jun\u00a0Yang Ng, Qing\u00a0Zhou Chan, Yiwen Lu, Yuxuan Si, Fan Zhang, and Jin\u00a0Song Dong. 2021. Phishpedia: A Hybrid Deep Learning Based Approach to Visually Identify Phishing Webpages. In 30th {USENIX} Security Symposium ({USENIX} Security 21)."},{"key":"e_1_3_2_1_40_1","unstructured":"Xiang Ling Lingfei Wu Jiangyu Zhang Zhenqing Qu Wei Deng Xiang Chen Chunming Wu Shouling Ji Tianyue Luo Jingzheng Wu 2021. Adversarial Attacks against Windows PE Malware Detection: A Survey of the State-of-the-Art. arXiv preprint arXiv:2112.12310(2021).  Xiang Ling Lingfei Wu Jiangyu Zhang Zhenqing Qu Wei Deng Xiang Chen Chunming Wu Shouling Ji Tianyue Luo Jingzheng Wu 2021. Adversarial Attacks against Windows PE Malware Detection: A Survey of the State-of-the-Art. arXiv preprint arXiv:2112.12310(2021)."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISCC.2018.8538691"},{"key":"e_1_3_2_1_42_1","unstructured":"Trend Micro. 2015. 20 Years of Macro Malware: From Harmless Concept to Targeted Attacks. https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cybercrime-and-digital-threats\/20-years-of-macro-malware-from-harmless-concept-to-targeted-attacks  Trend Micro. 2015. 20 Years of Macro Malware: From Harmless Concept to Targeted Attacks. https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cybercrime-and-digital-threats\/20-years-of-macro-malware-from-harmless-concept-to-targeted-attacks"},{"key":"e_1_3_2_1_43_1","unstructured":"Microsoft. 2021. A closer look at Qakbot\u2019s latest building blocks (and how to knock them down). https:\/\/www.microsoft.com\/security\/blog\/2021\/12\/09\/a-closer-look-at-qakbots-latest-building-blocks-and-how-to-knock-them-down\/  Microsoft. 2021. A closer look at Qakbot\u2019s latest building blocks (and how to knock them down). https:\/\/www.microsoft.com\/security\/blog\/2021\/12\/09\/a-closer-look-at-qakbots-latest-building-blocks-and-how-to-knock-them-down\/"},{"key":"e_1_3_2_1_44_1","unstructured":"Microsoft. 2022. Getting started with VBA in Office. https:\/\/docs.microsoft.com\/en-us\/office\/vba\/library-reference\/concepts\/getting-started-with-vba-in-office  Microsoft. 2022. Getting started with VBA in Office. https:\/\/docs.microsoft.com\/en-us\/office\/vba\/library-reference\/concepts\/getting-started-with-vba-in-office"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2020.102600"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.2197\/ipsjjip.27.555"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-26834-3_10"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"crossref","unstructured":"Mamoru Mimura and Risa Yamamoto. 2022. A Feasibility Study on Evasion Attacks Against Nlp-Based Malware Detection Algorithms. (2022).  Mamoru Mimura and Risa Yamamoto. 2022. A Feasibility Study on Evasion Attacks Against Nlp-Based Malware Detection Algorithms. (2022).","DOI":"10.2139\/ssrn.4061102"},{"key":"e_1_3_2_1_49_1","unstructured":"MITRE. 2022. Gamaredon Group. https:\/\/attack.mitre.org\/groups\/G0047\/  MITRE. 2022. Gamaredon Group. https:\/\/attack.mitre.org\/groups\/G0047\/"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2016.2631905"},{"key":"e_1_3_2_1_51_1","unstructured":"Henri Nurmi 2019. Script and macro based malware classification by clustering abstract syntax trees. (2019).  Henri Nurmi 2019. Script and macro based malware classification by clustering abstract syntax trees. (2019)."},{"key":"e_1_3_2_1_52_1","unstructured":"Oracle. 2022. Oracle Outside In Technology Release 8.5. https:\/\/docs.oracle.com\/en\/middleware\/standalone\/outsidein\/8.5\/index.html  Oracle. 2022. Oracle Outside In Technology Release 8.5. https:\/\/docs.oracle.com\/en\/middleware\/standalone\/outsidein\/8.5\/index.html"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2016.497"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1109\/SPW.2017.8"},{"key":"e_1_3_2_1_55_1","unstructured":"redxorblue blog. 2018. Executing Macros From a DOCX With Remote Template Injection. http:\/\/blog.redxorblue.com\/2018\/07\/executing-macros-from-docx-with-remote.html  redxorblue blog. 2018. Executing Macros From a DOCX With Remote Template Injection. http:\/\/blog.redxorblue.com\/2018\/07\/executing-macros-from-docx-with-remote.html"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/1978672.1978682"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833765"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1109\/THS.2018.8574202"},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-70542-0_5"},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.3115\/v1\/P14-1068"},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1080\/19393555.2020.1723747"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDAR.2007.4376991"},{"key":"e_1_3_2_1_63_1","unstructured":"StCanny. 2015. Python-openxml. https:\/\/github.com\/orgs\/python-openxml\/repositories  StCanny. 2015. Python-openxml. https:\/\/github.com\/orgs\/python-openxml\/repositories"},{"key":"e_1_3_2_1_64_1","unstructured":"Microsoft Defender Security\u00a0Research Team. 2016. New feature in Office 2016 can block macros and help prevent infection. https:\/\/www.microsoft.com\/security\/blog\/2016\/03\/22\/new-feature-in-office-2016-can-block-macros-and-help-prevent-infection\/  Microsoft Defender Security\u00a0Research Team. 2016. New feature in Office 2016 can block macros and help prevent infection. https:\/\/www.microsoft.com\/security\/blog\/2016\/03\/22\/new-feature-in-office-2016-can-block-macros-and-help-prevent-infection\/"},{"key":"e_1_3_2_1_65_1","unstructured":"Vijay\u00a0Srinivas Tida and Sonya Hsu. 2022. Universal Spam Detection using Transfer Learning of BERT Model. arXiv preprint arXiv:2202.03480(2022).  Vijay\u00a0Srinivas Tida and Sonya Hsu. 2022. Universal Spam Detection using Transfer Learning of BERT Model. arXiv preprint arXiv:2202.03480(2022)."},{"key":"e_1_3_2_1_66_1","unstructured":"Liam Tung. 2022. Security researchers: Here\u2019s how the Lazarus hackers start their attacks. https:\/\/www.zdnet.com\/article\/security-researchers-heres-how-the-lazarus-hackers-start-their-attacks\/  Liam Tung. 2022. Security researchers: Here\u2019s how the Lazarus hackers start their attacks. https:\/\/www.zdnet.com\/article\/security-researchers-heres-how-the-lazarus-hackers-start-their-attacks\/"},{"key":"e_1_3_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40203-6_31"},{"key":"e_1_3_2_1_68_1","volume-title":"Office Productivity Software Global Market Share","author":"Vailshery Lionel\u00a0Sujay","year":"2022","unstructured":"Lionel\u00a0Sujay Vailshery . 2022. Office Productivity Software Global Market Share 2022 . https:\/\/www.statista.com\/statistics\/983299\/worldwide-market-share-of-office-productivity-software\/ Lionel\u00a0Sujay Vailshery. 2022. Office Productivity Software Global Market Share 2022. https:\/\/www.statista.com\/statistics\/983299\/worldwide-market-share-of-office-productivity-software\/"},{"key":"e_1_3_2_1_69_1","unstructured":"VirusTotal. 2022. Contributors. https:\/\/support.virustotal.com\/hc\/en-us\/articles\/115002146809-Contributors  VirusTotal. 2022. Contributors. https:\/\/support.virustotal.com\/hc\/en-us\/articles\/115002146809-Contributors"},{"key":"e_1_3_2_1_70_1","volume-title":"Seeing Traffic Paths: Encrypted Traffic Classification with Path Signature Features","author":"Xu Shi-Jie","year":"2022","unstructured":"Shi-Jie Xu , Guang-Gang Geng , Xiao-Bo Jin , Dong-Jie Liu , and Jian Weng . 2022. Seeing Traffic Paths: Encrypted Traffic Classification with Path Signature Features . IEEE Transactions on Information Forensics and Security ( 2022 ). Shi-Jie Xu, Guang-Gang Geng, Xiao-Bo Jin, Dong-Jie Liu, and Jian Weng. 2022. Seeing Traffic Paths: Encrypted Traffic Classification with Path Signature Features. IEEE Transactions on Information Forensics and Security (2022)."},{"key":"e_1_3_2_1_71_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-30215-3_17"},{"key":"e_1_3_2_1_72_1","volume-title":"A sensitivity analysis of (and practitioners","author":"Zhang Ye","year":"2015","unstructured":"Ye Zhang and Byron Wallace . 2015. A sensitivity analysis of (and practitioners \u2019 guide to) convolutional neural networks for sentence classification. arXiv preprint arXiv:1510.03820( 2015 ). Ye Zhang and Byron Wallace. 2015. A sensitivity analysis of (and practitioners\u2019 guide to) convolutional neural networks for sentence classification. arXiv preprint arXiv:1510.03820(2015)."},{"key":"e_1_3_2_1_73_1","volume-title":"29th USENIX Security Symposium (USENIX Security 20)","author":"Zhu Shuofei","year":"2020","unstructured":"Shuofei Zhu , Jianjun Shi , Limin Yang , Boqin Qin , Ziyi Zhang , Linhai Song , and Gang Wang . 2020 . Measuring and Modeling the Label Dynamics of Online {Anti-Malware} Engines . In 29th USENIX Security Symposium (USENIX Security 20) . 2361\u20132378. Shuofei Zhu, Jianjun Shi, Limin Yang, Boqin Qin, Ziyi Zhang, Linhai Song, and Gang Wang. 2020. Measuring and Modeling the Label Dynamics of Online {Anti-Malware} Engines. In 29th USENIX Security Symposium (USENIX Security 20). 2361\u20132378."}],"event":{"name":"ACSAC: Annual Computer Security Applications Conference","acronym":"ACSAC","location":"Austin TX USA"},"container-title":["Proceedings of the 38th Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3564625.3567982","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3564625.3567982","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T18:09:12Z","timestamp":1750183752000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3564625.3567982"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,12,5]]},"references-count":73,"alternative-id":["10.1145\/3564625.3567982","10.1145\/3564625"],"URL":"https:\/\/doi.org\/10.1145\/3564625.3567982","relation":{},"subject":[],"published":{"date-parts":[[2022,12,5]]},"assertion":[{"value":"2022-12-05","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}