{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T18:33:08Z","timestamp":1766428388225},"reference-count":32,"publisher":"IBM","issue":"4","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IBM J. Res. &amp; Dev."],"published-print":{"date-parts":[[2016,7]]},"DOI":"10.1147\/jrd.2016.2559358","type":"journal-article","created":{"date-parts":[[2016,7,27]],"date-time":"2016-07-27T18:48:29Z","timestamp":1469645309000},"page":"5:1-5:7","source":"Crossref","is-referenced-by-count":6,"title":["Identifying malicious activities from system execution traces"],"prefix":"10.1147","volume":"60","author":[{"given":"E.","family":"Aharoni","sequence":"first","affiliation":[]},{"given":"R.","family":"Peleg","sequence":"additional","affiliation":[]},{"given":"S.","family":"Regev","sequence":"additional","affiliation":[]},{"given":"T.","family":"Salman","sequence":"additional","affiliation":[]}],"member":"3082","reference":[{"key":"ref32","year":"2011","journal-title":"Rulequest Research See5\/c5 0"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1002\/0471200611"},{"key":"ref30","year":"0"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1145\/2487575.2488219"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2007.21"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/ACT.2010.33"},{"key":"ref13","first-page":"108","article-title":"Learning and classification of malware behavior","author":"rieck","year":"0","journal-title":"Proc Detection Intrusions Malware Vulnerability Assess"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.3233\/JCS-2010-0410"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1145\/1654988.1655003"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/IMIS.2012.92"},{"key":"ref17","first-page":"1","article-title":"A view on current malware behaviors","author":"bayer","year":"0","journal-title":"Proceedings of USENIX Workshop on LEET"},{"key":"ref18","year":"0","journal-title":"IBM Security Trusteer Apex Advanced Malware Protection"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866353"},{"key":"ref28","year":"0","journal-title":"IBM Security Trusteer Rapport"},{"key":"ref4","author":"cheswick","year":"2003","journal-title":"Firewalls and Internet Security Repelling the Wily Hacker"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.4236\/jis.2014.52006"},{"key":"ref3","article-title":"Anti-debugging and anti-emulation techniques","volume":"5","author":"danielescu","year":"2008","journal-title":"CodeBreakers J"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1145\/2523649.2523682"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.17487\/rfc1321"},{"key":"ref5","article-title":"An introduction to deep content inspection","author":"zhang","year":"0","journal-title":"Enterprise Syst J"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-19934-9_53"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1016\/j.istr.2009.03.003"},{"key":"ref2","first-page":"1","article-title":"The art of unpacking","author":"yason","year":"0","journal-title":"Proc Black Hat Brief USA"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/1014052.1014105"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/BWCCA.2010.85"},{"key":"ref20","first-page":"1","article-title":"An empirical study of real-world polymorphic code injection attacks","author":"polychronakis","year":"0","journal-title":"Proceedings of USENIX Workshop on LEET"},{"key":"ref22","first-page":"1","article-title":"Scalable, behavior-based malware clustering","volume":"9","author":"bayer","year":"0","journal-title":"Proc NDSS"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2008.58"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-33018-6_28"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1109\/ICCNC.2013.6504162"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1145\/2381896.2381900"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2012.10.004"}],"container-title":["IBM Journal of Research and Development"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/5288520\/7523342\/07523355.pdf?arnumber=7523355","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2016,8,20]],"date-time":"2016-08-20T03:35:25Z","timestamp":1471664125000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/lpdocs\/epic03\/wrapper.htm?arnumber=7523355"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,7]]},"references-count":32,"journal-issue":{"issue":"4"},"URL":"https:\/\/doi.org\/10.1147\/jrd.2016.2559358","relation":{},"ISSN":["0018-8646","0018-8646"],"issn-type":[{"value":"0018-8646","type":"print"},{"value":"0018-8646","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016,7]]}}}