{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,31]],"date-time":"2026-03-31T21:06:55Z","timestamp":1774991215510,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":37,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,10,24]],"date-time":"2023-10-24T00:00:00Z","timestamp":1698105600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,10,24]]},"DOI":"10.1145\/3618257.3624800","type":"proceedings-article","created":{"date-parts":[[2023,10,23]],"date-time":"2023-10-23T00:19:52Z","timestamp":1698020392000},"page":"253-267","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["Re-measuring the Label Dynamics of Online Anti-Malware Engines from Millions of Samples"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0004-8483-1844","authenticated-orcid":false,"given":"Jingjing","family":"Wang","sequence":"first","affiliation":[{"name":"Beijing University of Posts and Telecommunications, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3982-4993","authenticated-orcid":false,"given":"Liu","family":"Wang","sequence":"additional","affiliation":[{"name":"Beijing University of Posts and Telecommunications, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7091-2169","authenticated-orcid":false,"given":"Feng","family":"Dong","sequence":"additional","affiliation":[{"name":"Huazhong University of Science and Technology, Wuhan, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1100-8633","authenticated-orcid":false,"given":"Haoyu","family":"Wang","sequence":"additional","affiliation":[{"name":"Huazhong University of Science and Technology, Wuhan, China"}]}],"member":"320","published-online":{"date-parts":[[2023,10,24]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2022. Statistics - VirusTotal. https:\/\/www.virustotal.com\/en\/statistics\/."},{"key":"e_1_3_2_1_2_1","unstructured":"2022. VirusTotal. https:\/\/www.virustotal.com\/."},{"key":"e_1_3_2_1_3_1","first-page":"23","article-title":"Drebin: Effective and explainable detection of android malware in your pocket","volume":"14","author":"Arp Daniel","year":"2014","unstructured":"Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon, Konrad Rieck, and CERT Siemens. 2014. Drebin: Effective and explainable detection of android malware in your pocket.. In Ndss, Vol. 14. 23--26.","journal-title":"Ndss"},{"key":"e_1_3_2_1_4_1","first-page":"8","article-title":"Scalable, behavior-based malware clustering","volume":"9","author":"Bayer Ulrich","year":"2009","unstructured":"Ulrich Bayer, Paolo Milani Comparetti, Clemens Hlauschek, Christopher Kruegel, and Engin Kirda. 2009. Scalable, behavior-based malware clustering.. In NDSS, Vol. 9. 8--11.","journal-title":"NDSS"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/2872427.2883056"},{"key":"e_1_3_2_1_6_1","volume-title":"24th {USENIX} security symposium ({USENIX} security 15). 659--674.","author":"Chen Kai","unstructured":"Kai Chen, Peng Wang, Yeonjoon Lee, XiaoFeng Wang, Nan Zhang, Heqing Huang, Wei Zou, and Peng Liu. 2015. Finding unknown malice in 10 seconds: Mass vetting for new threats at the google-play scale. In 24th {USENIX} security symposium ({USENIX} security 15). 659--674."},{"key":"e_1_3_2_1_7_1","volume-title":"Ting Yu, and Issa Khalil.","author":"Choo Euijin","year":"2022","unstructured":"Euijin Choo, Mohamed Nabeel, Ravindu De Silva, Ting Yu, and Issa Khalil. 2022. A Large Scale Study and Classification of VirusTotal Reports on Phishing and Malware URLs. arXiv preprint arXiv:2205.13155 (2022)."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274700"},{"key":"e_1_3_2_1_9_1","unstructured":"Wayne W Daniel et al. 1978. Applied nonparametric statistics. Houghton Mifflin."},{"key":"e_1_3_2_1_10_1","volume-title":"Heng Yin, Xiaorui Pan, Tongxin Li, Xueqiang Wang, and XiaoFeng Wang.","author":"Duan Yue","year":"2018","unstructured":"Yue Duan, Mu Zhang, Abhishek Vasisht Bhaskar, Heng Yin, Xiaorui Pan, Tongxin Li, Xueqiang Wang, and XiaoFeng Wang. 2018. Things You May Not Know About Android (Un) Packers: A Systematic Study based on Whole-System Emulation.. In NDSS."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2635868.2635869"},{"key":"e_1_3_2_1_12_1","volume-title":"24th {USENIX} Security Symposium ({USENIX} Security 15). 1057--1072.","author":"Graziano Mariano","unstructured":"Mariano Graziano, Davide Canali, Leyla Bilge, Andrea Lanzi, and Davide Balzarotti. 2015. Needles in a haystack: Mining information from public dynamic analysis sandboxes for malware intelligence. In 24th {USENIX} Security Symposium ({USENIX} Security 15). 1057--1072."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3180155.3180228"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/BigData.2016.7840712"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/2808769.2808780"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3133958"},{"key":"e_1_3_2_1_17_1","volume-title":"Roberto Perdisci, Jienan Liu, Babak Rahbarinia, Kang Li, and Manos Antonakakis.","author":"Li Bo","year":"2018","unstructured":"Bo Li, Phani Vadrevu, Kyu Hyung Lee, Roberto Perdisci, Jienan Liu, Babak Rahbarinia, Kang Li, and Manos Antonakakis. 2018. JSgraph: Enabling Reconstruction of Web Attacks via Efficient Tracking of Live In-Browser JavaScript Executions.. In NDSS."},{"key":"e_1_3_2_1_18_1","volume-title":"USENIX Security Symposium.","author":"Li Vector Guo","year":"2019","unstructured":"Vector Guo Li, Matthew Dunn, Paul Pearce, Damon McCoy, Geoffrey M Voelker, Stefan Savage, and Kirill Levchenko. 2019. Reading the tea leaves: A comparative analysis of threat intelligence. In USENIX Security Symposium."},{"key":"e_1_3_2_1_19_1","first-page":"2221","article-title":"Understanding the label process of virus total: A phishing URL perspective","volume":"15","author":"Peng Hui","year":"2019","unstructured":"Hui Peng, Yan Zhang, Weiping Shi, and Xiaofeng Chen. 2019b. Understanding the label process of virus total: A phishing URL perspective. IEEE Transactions on Information Forensics and Security, Vol. 15 (2019), 2221--2234.","journal-title":"IEEE Transactions on Information Forensics and Security"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/3355369.3355585"},{"key":"e_1_3_2_1_21_1","volume-title":"CAMP: Content-agnostic malware protection.","author":"Rajab Moheeb Abu","year":"2013","unstructured":"Moheeb Abu Rajab, Lucas Ballard, No\u00e9 Lutz, Panayiotis Mavrommatis, and Niels Provos. 2013. CAMP: Content-agnostic malware protection. (2013)."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.14"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45719-2_11"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243779"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/2967360.2967367"},{"key":"e_1_3_2_1_26_1","volume-title":"Proceedings of the 20th Annual Network & Distributed System Security Symposium. Citeseer, 1--16","author":"Nedim","unstructured":"Nedim vS rndic and Pavel Laskov. 2013. Detection of malicious pdf files based on hierarchical document structure. In Proceedings of the 20th Annual Network & Distributed System Security Symposium. Citeseer, 1--16."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2989064"},{"key":"e_1_3_2_1_28_1","volume-title":"SIRAJ: A Unified Framework for Aggregation of Malicious Entity Detectors. In 2022 IEEE Symposium on Security and Privacy (SP). IEEE, 507--521","author":"Thirumuruganathan Saravanan","year":"2022","unstructured":"Saravanan Thirumuruganathan, Mohamed Nabeel, Euijin Choo, Issa Khalil, and Ting Yu. 2022. SIRAJ: A Unified Framework for Aggregation of Malicious Entity Detectors. In 2022 IEEE Symposium on Security and Privacy (SP). IEEE, 507--521."},{"key":"e_1_3_2_1_29_1","volume-title":"Proceedings of the Internet Measurement Conference","author":"Tian Ke","year":"2018","unstructured":"Ke Tian, Steve TK Jan, Hang Hu, Danfeng Yao, and Gang Wang. 2018. Needle in a haystack: Tracking down elite phishing domains in the wild. In Proceedings of the Internet Measurement Conference 2018. 429--442."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3278532.3278558"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2663716.2663742"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3551349.3560418"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.60"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660352"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134642"},{"key":"e_1_3_2_1_36_1","volume-title":"29th USENIX Security Symposium (USENIX Security 20)","author":"Zhu Shuofei","year":"2020","unstructured":"Shuofei Zhu, Jianjun Shi, Limin Yang, Boqin Qin, Ziyi Zhang, Linhai Song, and Gang Wang. 2020. Measuring and Modeling the Label Dynamics of Online {Anti-Malware} Engines. In 29th USENIX Security Symposium (USENIX Security 20). 2361--2378."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/3038912.3052609"}],"event":{"name":"IMC '23: ACM Internet Measurement Conference","location":"Montreal QC Canada","acronym":"IMC '23","sponsor":["SIGCOMM ACM Special Interest Group on Data Communication"]},"container-title":["Proceedings of the 2023 ACM on Internet Measurement Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3618257.3624800","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3618257.3624800","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T13:16:12Z","timestamp":1755868572000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3618257.3624800"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,24]]},"references-count":37,"alternative-id":["10.1145\/3618257.3624800","10.1145\/3618257"],"URL":"https:\/\/doi.org\/10.1145\/3618257.3624800","relation":{},"subject":[],"published":{"date-parts":[[2023,10,24]]},"assertion":[{"value":"2023-10-24","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}