{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T18:05:57Z","timestamp":1775066757113,"version":"3.50.1"},"reference-count":73,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2020,8,10]],"date-time":"2020-08-10T00:00:00Z","timestamp":1597017600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2020,8,10]],"date-time":"2020-08-10T00:00:00Z","timestamp":1597017600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cybersecur"],"published-print":{"date-parts":[[2020,12]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Although using machine learning techniques to solve computer security challenges is not a new idea, the rapidly emerging Deep Learning technology has recently triggered a substantial amount of interests in the computer security community. This paper seeks to provide a dedicated review of the very recent research works on using Deep Learning techniques to solve computer security challenges. In particular, the review covers eight computer security problems being solved by applications of Deep Learning: security-oriented program analysis, defending return-oriented programming (ROP) attacks, achieving control-flow integrity (CFI), defending network attacks, malware classification, system-event-based anomaly detection, memory forensics, and fuzzing for software security.<\/jats:p>","DOI":"10.1186\/s42400-020-00055-5","type":"journal-article","created":{"date-parts":[[2020,8,10]],"date-time":"2020-08-10T00:02:12Z","timestamp":1597017732000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":35,"title":["Using deep learning to solve computer security challenges: a survey"],"prefix":"10.1186","volume":"3","author":[{"given":"Yoon-Ho","family":"Choi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Peng","family":"Liu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zitong","family":"Shang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Haizhou","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhilong","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lan","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Junwei","family":"Zhou","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Qingtian","family":"Zou","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,8,10]]},"reference":[{"issue":"1","key":"55_CR1","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1145\/1609956.1609960","volume":"13","author":"M Abadi","year":"2009","unstructured":"Abadi, M, Budiu M, Erlingsson \u00da, Ligatti J (2009) Control-Flow Integrity Principles, Implementations, and Applications. ACM Trans Inf Syst Secur (TISSEC) 13(1):4.","journal-title":"ACM Trans Inf Syst Secur (TISSEC)"},{"key":"55_CR2","first-page":"845","volume-title":"23rd USENIX Security Symposium (USENIX Security 14)","author":"T Bao","year":"2014","unstructured":"Bao, T, Burket J, Woo M, Turner R, Brumley D (2014) BYTEWEIGHT: Learning to Recognize Functions in Binary Code In: 23rd USENIX Security Symposium (USENIX Security 14), 845\u2013860.. USENIX Association, San Diego."},{"key":"55_CR3","doi-asserted-by":"publisher","unstructured":"Bekrar, S, Bekrar C, Groz R, Mounier L (2012) A Taint Based Approach for Smart Fuzzing In: 2012 IEEE Fifth International Conference on Software Testing, Verification and Validation.. IEEE. https:\/\/doi.org\/10.1109\/icst.2012.182.","DOI":"10.1109\/icst.2012.182"},{"issue":"8","key":"55_CR4","doi-asserted-by":"publisher","first-page":"1798","DOI":"10.1109\/TPAMI.2013.50","volume":"35","author":"Y Bengio","year":"2013","unstructured":"Bengio, Y, Courville A, Vincent P (2013) Representation Learning: A Review and New Perspectives. IEEE Trans Pattern Anal Mach Intell 35(8):1798\u20131828.","journal-title":"IEEE Trans Pattern Anal Mach Intell"},{"key":"55_CR5","doi-asserted-by":"publisher","unstructured":"Bertero, C, Roy M, Sauvanaud C, Tredan G (2017) Experience Report: Log Mining Using Natural Language Processing and Application to Anomaly Detection In: 2017 IEEE 28th International Symposium on Software Reliability Engineering (ISSRE).. IEEE. https:\/\/doi.org\/10.1109\/issre.2017.43.","DOI":"10.1109\/issre.2017.43"},{"key":"55_CR6","first-page":"1:1","volume-title":"Proceedings of the First Workshop on Machine Learning for Computing Systems, MLCS\u201918","author":"A Brown","year":"2018","unstructured":"Brown, A, Tuor A, Hutchinson B, Nichols N (2018) Recurrent Neural Network Attention Mechanisms for Interpretable System Log Anomaly Detection In: Proceedings of the First Workshop on Machine Learning for Computing Systems, MLCS\u201918, 1:1\u20131:8.. ACM, New York."},{"key":"55_CR7","doi-asserted-by":"publisher","unstructured":"B\u00f6ttinger, K, Godefroid P, Singh R (2018) Deep Reinforcement Fuzzing In: 2018 IEEE Security and Privacy Workshops (SPW), pages 116\u2013122.. IEEE. https:\/\/doi.org\/10.1109\/spw.2018.00026.","DOI":"10.1109\/spw.2018.00026"},{"key":"55_CR8","doi-asserted-by":"publisher","unstructured":"Chen, L, Sultana S, Sahita R (2018) Henet: A Deep Learning Approach on Intel \u24c7 Processor Trace for Effective Exploit Detection In: 2018 IEEE Security and Privacy Workshops (SPW).. IEEE. https:\/\/doi.org\/10.1109\/spw.2018.00025.","DOI":"10.1109\/spw.2018.00025"},{"key":"55_CR9","unstructured":"Chua, ZL, Shen S, Saxena P, Liang Z (2017) Neural Nets Can Learn Function Type Signatures from Binaries In: 26th USENIX Security Symposium (USENIX Security 17), 99\u2013116.. USENIX Association. https:\/\/dl.acm.org\/doi\/10.5555\/3241189.3241199."},{"issue":"7","key":"55_CR10","doi-asserted-by":"publisher","first-page":"3187","DOI":"10.1109\/TII.2018.2822680","volume":"14","author":"Z Cui","year":"2018","unstructured":"Cui, Z, Xue F, Cai X, Cao Y, Wang GG, Chen J (2018) Detection of Malicious Code Variants Based on Deep Learning. IEEE Trans Ind Inform 14(7):3187\u20133196.","journal-title":"IEEE Trans Ind Inform"},{"key":"55_CR11","doi-asserted-by":"publisher","unstructured":"Dahl, GE, Stokes JW, Deng L, Yu D (2013) Large-scale Malware Classification using Random Projections and Neural Networks In: IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP).. IEEE. https:\/\/doi.org\/10.1109\/icassp.2013.6638293.","DOI":"10.1109\/icassp.2013.6638293"},{"key":"55_CR12","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1016\/j.diin.2018.09.006","volume":"27","author":"Y Dai","year":"2018","unstructured":"Dai, Y, Li H, Qian Y, Lu X (2018) A Malware Classification Method Based on Memory Dump Grayscale Image. Digit Investig 27:30\u201337.","journal-title":"Digit Investig"},{"key":"55_CR13","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1145\/3208040.3208051","volume-title":"Proceedings of the 27th International Symposium on High-Performance Parallel and Distributed Computing, HPDC \u201918","author":"A Das","year":"2018","unstructured":"Das, A, Mueller F, Siegel C, Vishnu A (2018) Desh: Deep Learning for System Health Prediction of Lead Times to Failure in HPC In: Proceedings of the 27th International Symposium on High-Performance Parallel and Distributed Computing, HPDC \u201918, 40\u201351.. ACM, New York."},{"key":"55_CR14","doi-asserted-by":"publisher","unstructured":"David, OE, Netanyahu NS (2015) DeepSign: Deep Learning for Automatic Malware Signature Generation and Classification In: 2015 International Joint Conference on Neural Networks (IJCNN).. IEEE. https:\/\/doi.org\/10.1109\/ijcnn.2015.7280815.","DOI":"10.1109\/ijcnn.2015.7280815"},{"key":"55_CR15","doi-asserted-by":"publisher","unstructured":"De La Rosa, L, Kilgallon S, Vanderbruggen T, Cavazos J (2018) Efficient Characterization and Classification of Malware Using Deep Learning In: 2018 Resilience Week (RWS).. IEEE. https:\/\/doi.org\/10.1109\/rweek.2018.8473556.","DOI":"10.1109\/rweek.2018.8473556"},{"key":"55_CR16","doi-asserted-by":"publisher","unstructured":"Du, M, Li F (2016) Spell: Streaming Parsing of System Event Logs In: 2016 IEEE 16th International Conference on Data Mining (ICDM).. IEEE. https:\/\/doi.org\/10.1109\/icdm.2016.0103.","DOI":"10.1109\/icdm.2016.0103"},{"key":"55_CR17","first-page":"1285","volume-title":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS \u201917","author":"M Du","year":"2017","unstructured":"Du, M, Li F, Zheng G, Srikumar V (2017) DeepLog: Anomaly Detection and Diagnosis from System Logs Through Deep Learning In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS \u201917, 1285\u20131298.. ACM, New York."},{"key":"55_CR18","doi-asserted-by":"publisher","unstructured":"Faker, O, Dogdu E (2019) Intrusion Detection Using Big Data and Deep Learning Techniques In: Proceedings of the 2019 ACM Southeast Conference on ZZZ - ACM SE \u201919, 86\u201393.. ACM. https:\/\/doi.org\/10.1145\/3299815.3314439.","DOI":"10.1145\/3299815.3314439"},{"key":"55_CR19","doi-asserted-by":"publisher","first-page":"259","DOI":"10.1109\/CSAC.1998.738646","volume-title":"Proceedings 14th annual computer security applications conference (Cat. No. 98Ex217)","author":"AK Ghosh","year":"1998","unstructured":"Ghosh, AK, Wanken J, Charron F (1998) Detecting Anomalous and Unknown Intrusions against Programs In: Proceedings 14th annual computer security applications conference (Cat. No. 98Ex217), 259\u2013267.. IEEE, Washington, DC."},{"key":"55_CR20","doi-asserted-by":"publisher","unstructured":"Godefroid, P, Peleg H, Singh R (2017) Learn&Fuzz: Machine Learning for Input Fuzzing In: 2017 32nd IEEE\/ACM International Conference on Automated Software Engineering (ASE).. IEEE. https:\/\/doi.org\/10.1109\/ase.2017.8115618.","DOI":"10.1109\/ase.2017.8115618"},{"key":"55_CR21","unstructured":"Google Developers (2016) Embeddings. https:\/\/developers.google.com\/machine-learning\/crash-course\/embeddings\/video-lecture."},{"key":"55_CR22","doi-asserted-by":"publisher","unstructured":"Guo, W, Mu D, Xu J, Su P, Wang G, Xing X (2018) Lemna: Explaining deep learning based security applications In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pages 364\u2013379. https:\/\/doi.org\/10.1145\/3243734.3243792.","DOI":"10.1145\/3243734.3243792"},{"key":"55_CR23","first-page":"1787","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"W Guo","year":"2019","unstructured":"Guo, W, Mu D, Xing X, Du M, Song D (2019) {DEEPVSA}: Facilitating Value-set Analysis with Deep Learning for Postmortem Program Analysis In: 28th USENIX Security Symposium (USENIX Security 19), 1787\u20131804.. USENIX Association, Santa Clara, CA. https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/guo."},{"key":"55_CR24","volume-title":"Proceedings of the Workshop on Data Mining for Computer Security","author":"KA Heller","year":"2003","unstructured":"Heller, KA, Svore KM, Keromytis AD, Stolfo SJ (2003) One Class Support Vector Machines for Detecting Anomalous Windows Registry Accesses In: Proceedings of the Workshop on Data Mining for Computer Security.. IEEE, Dallas, TX."},{"issue":"1","key":"55_CR25","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/239912.239913","volume":"19","author":"S Horwitz","year":"1997","unstructured":"Horwitz, S (1997) Precise Flow-insensitive May-alias Analysis is NP-hard. ACM Trans Program Lang Syst 19(1):1\u20136.","journal-title":"ACM Trans Program Lang Syst"},{"key":"55_CR26","first-page":"282","volume-title":"Proceedings of the international conference on machine learning","author":"W Hu","year":"2003","unstructured":"Hu, W, Liao Y, Vemuri VR (2003) Robust Anomaly Detection using Support Vector Machines In: Proceedings of the international conference on machine learning, 282\u2013289.. Citeseer, Washington, DC."},{"key":"55_CR27","unstructured":"IDS 2017 Datasets (2019). https:\/\/www.unb.ca\/cic\/datasets\/ids-2017.html."},{"key":"55_CR28","doi-asserted-by":"publisher","unstructured":"Kalash, M, Rochan M, Mohammed N, Bruce NDB, Wang Y, Iqbal F (2018) Malware Classification with Deep Convolutional Neural Networks In: 2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS), 1\u20135. https:\/\/doi.org\/10.1109\/NTMS.2018.8328749.","DOI":"10.1109\/NTMS.2018.8328749"},{"key":"55_CR29","volume-title":"USENIX Security Symposium, volume 92, page 84","author":"V Kiriansky","year":"2002","unstructured":"Kiriansky, V, Bruening D, Amarasinghe SP, et al. (2002) Secure Execution via Program Shepherding In: USENIX Security Symposium, volume 92, page 84.. USENIX Association, Monterey, CA."},{"key":"55_CR30","first-page":"3838","volume":"2017-May","author":"B Kolosnjaji","year":"2017","unstructured":"Kolosnjaji, B, Eraisha G, Webster G, Zarras A, Eckert C (2017) Empowering Convolutional Networks for Malware Classification and Analysis. Proc Int Jt Conf Neural Netw 2017-May:3838\u20133845.","journal-title":"Proc Int Jt Conf Neural Netw"},{"key":"55_CR31","unstructured":"Krizhevsky, A, Nair V, Hinton G (2010) CIFAR-10 (Canadian Institute for Advanced Research). https:\/\/www.cs.toronto.edu\/~kriz\/cifar.html."},{"key":"55_CR32","unstructured":"LeCun, Y, Cortes C (2010) MNIST Handwritten Digit Database. http:\/\/yann.lecun.com\/exdb\/mnist\/."},{"issue":"1","key":"55_CR33","doi-asserted-by":"publisher","first-page":"6","DOI":"10.1186\/s42400-018-0002-y","volume":"1","author":"J Li","year":"2018","unstructured":"Li, J, Zhao B, Zhang C (2018) Fuzzing: A Survey. Cybersecurity 1(1):6.","journal-title":"Cybersecurity"},{"key":"55_CR34","unstructured":"Li, X, Hu Z, Fu Y, Chen P, Zhu M, Liu P (2018) ROPNN: Detection of ROP Payloads Using Deep Neural Networks. arXiv preprint arXiv:1807.11110."},{"key":"55_CR35","doi-asserted-by":"publisher","unstructured":"McLaughlin, N, Martinez Del Rincon J, Kang BJ, Yerima S, Miller P, Sezer S, Safaei Y, Trickel E, Zhao Z, Doupe A, Ahn GJ (2017) Deep Android Malware Detection In: Proceedings of the 7th ACM Conference on Data and Application Security and Privacy, 301\u2013308. https:\/\/doi.org\/10.1145\/3029806.3029823.","DOI":"10.1145\/3029806.3029823"},{"key":"55_CR36","doi-asserted-by":"publisher","unstructured":"Meng, W, Liu Y, Zhu Y, Zhang S, Pei D, Liu Y, Chen Y, Zhang R, Tao S, Sun P, Zhou R (2019) Loganomaly: Unsupervised Detection of Sequential and Quantitative Anomalies in Unstructured Logs In: Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence.. International Joint Conferences on Artificial Intelligence Organization. https:\/\/doi.org\/10.24963\/ijcai.2019\/658.","DOI":"10.24963\/ijcai.2019\/658"},{"key":"55_CR37","volume-title":"Proceedings of the 2017 International Workshop on Managing Insider Security Threats, MIST \u201917, pages 57\u201366","author":"A Michalas","year":"2017","unstructured":"Michalas, A, Murray R (2017) MemTri: A Memory Forensics Triage Tool Using Bayesian Network and Volatility In: Proceedings of the 2017 International Workshop on Managing Insider Security Threats, MIST \u201917, pages 57\u201366.. ACM, New York."},{"key":"55_CR38","doi-asserted-by":"publisher","unstructured":"Millar, K, Cheng A, Chew HG, Lim C-C (2018) Deep Learning for Classifying Malicious Network Traffic In: Pacific-Asia Conference on Knowledge Discovery and Data Mining, 156\u2013161.. Springer. https:\/\/doi.org\/10.1007\/978-3-030-04503-6_15.","DOI":"10.1007\/978-3-030-04503-6_15"},{"key":"55_CR39","doi-asserted-by":"publisher","unstructured":"Moustafa, N, Slay J (2015) UNSW-NB15: A Comprehensive Data Set for Network Intrusion Detection Systems (UNSW-NB15 Network Data Set) In: 2015 Military Communications and Information Systems Conference (MilCIS).. IEEE. https:\/\/doi.org\/10.1109\/milcis.2015.7348942.","DOI":"10.1109\/milcis.2015.7348942"},{"key":"55_CR40","doi-asserted-by":"publisher","first-page":"128","DOI":"10.1016\/j.cose.2018.02.006","volume":"76","author":"MH Nguyen","year":"2018","unstructured":"Nguyen, MH, Nguyen DL, Nguyen XM, Quan TT (2018) Auto-Detection of Sophisticated Malware using Lazy-Binding Control Flow Graph and Deep Learning. Comput Secur 76:128\u2013155.","journal-title":"Comput Secur"},{"key":"55_CR41","first-page":"1871","volume":"2017-May","author":"R Nix","year":"2017","unstructured":"Nix, R, Zhang J (2017) Classification of Android Apps and Malware using Deep Neural Networks. Proc Int Jt Conf Neural Netw 2017-May:1871\u20131878.","journal-title":"Proc Int Jt Conf Neural Netw"},{"key":"55_CR42","unstructured":"NSCAI Intern Report for Congress (2019). https:\/\/drive.google.com\/file\/d\/153OrxnuGEjsUvlxWsFYauslwNeCEkvUb\/view."},{"key":"55_CR43","volume-title":"Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS \u201918, pages 2267\u20132269","author":"R Petrik","year":"2018","unstructured":"Petrik, R, Arik B, Smith JM (2018) Towards Architecture and OS-Independent Malware Detection via Memory Forensics In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS \u201918, pages 2267\u20132269.. ACM, New York."},{"key":"55_CR44","doi-asserted-by":"publisher","unstructured":"Phan, AV, Nguyen ML, Bui LT (2017) Convolutional Neural Networks over Control Flow Graphs for Software defect prediction In: 2017 IEEE 29th International Conference on Tools with Artificial Intelligence (ICTAI), 45\u201352.. IEEE. https:\/\/doi.org\/10.1109\/ictai.2017.00019.","DOI":"10.1109\/ictai.2017.00019"},{"key":"55_CR45","unstructured":"Rajpal, M, Blum W, Singh R (2017) Not All Bytes are Equal: Neural Byte Sieve for Fuzzing. arXiv preprint arXiv:1711.04596."},{"key":"55_CR46","doi-asserted-by":"publisher","unstructured":"Rosenberg, I, Shabtai A, Rokach L, Elovici Y (2018) Generic Black-box End-to-End Attack against State of the Art API Call based Malware Classifiers In: Research in Attacks, Intrusions, and Defenses, 490\u2013510.. Springer. https:\/\/doi.org\/10.1007\/978-3-030-00470-5_23.","DOI":"10.1007\/978-3-030-00470-5_23"},{"key":"55_CR47","unstructured":"Salwant, J (2015) ROPGadget. https:\/\/github.com\/JonathanSalwan\/ROPgadget."},{"key":"55_CR48","doi-asserted-by":"publisher","unstructured":"Saxe, J, Berlin K (2015) Deep Neural Network based Malware Detection using Two Dimensional Binary Program Features In: 2015 10th International Conference on Malicious and Unwanted Software (MALWARE).. IEEE. https:\/\/doi.org\/10.1109\/malware.2015.7413680.","DOI":"10.1109\/malware.2015.7413680"},{"key":"55_CR49","doi-asserted-by":"publisher","unstructured":"Shacham, H, et al. (2007) The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86) In: ACM conference on Computer and communications security, pages 552\u2013561. https:\/\/doi.org\/10.1145\/1315245.1315313.","DOI":"10.1145\/1315245.1315313"},{"key":"55_CR50","unstructured":"Shi, D, Pei K (2019) NEUZZ: Efficient Fuzzing with Neural Program Smoothing. IEEE Secur Priv."},{"key":"55_CR51","unstructured":"Shin, ECR, Song D, Moazzezi R (2015) Recognizing Functions in Binaries with Neural Networks In: 24th USENIX Security Symposium (USENIX Security 15).. USENIX Association. https:\/\/dl.acm.org\/doi\/10.5555\/2831143.2831182."},{"key":"55_CR52","doi-asserted-by":"publisher","unstructured":"Sommer, R, Paxson V (2010) Outside the Closed World: On Using Machine Learning For Network Intrusion Detection In: 2010 IEEE Symposium on Security and Privacy (S&P).. IEEE. https:\/\/doi.org\/10.1109\/sp.2010.25.","DOI":"10.1109\/sp.2010.25"},{"key":"55_CR53","first-page":"606","volume-title":"Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS \u201918","author":"W Song","year":"2018","unstructured":"Song, W, Yin H, Liu C, Song D (2018) DeepMem: Learning Graph Neural Network Models for Fast and Robust Memory Forensic Analysis In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS \u201918, 606\u2013618.. ACM, New York."},{"key":"55_CR54","doi-asserted-by":"publisher","unstructured":"Stephens, N, Grosen J, Salls C, Dutcher A, Wang R, Corbetta J, Shoshitaishvili Y, Kruegel C, Vigna G (2016) Driller: Augmenting Fuzzing Through Selective Symbolic Execution In: Proceedings 2016 Network and Distributed System Security Symposium.. Internet Society. https:\/\/doi.org\/10.14722\/ndss.2016.23368.","DOI":"10.14722\/ndss.2016.23368"},{"key":"55_CR55","doi-asserted-by":"publisher","unstructured":"Tan, G, Jaeger T (2017) CFG Construction Soundness in Control-Flow Integrity In: Proceedings of the 2017 Workshop on Programming Languages and Analysis for Security - PLAS \u201917.. ACM. https:\/\/doi.org\/10.1145\/3139337.3139339.","DOI":"10.1145\/3139337.3139339"},{"key":"55_CR56","first-page":"577","volume":"2","author":"S Tobiyama","year":"2016","unstructured":"Tobiyama, S, Yamaguchi Y, Shimada H, Ikuse T, Yagi T (2016) Malware Detection with Deep Neural Network Using Process Behavior. Proc Int Comput Softw Appl Conf 2:577\u2013582.","journal-title":"Proc Int Comput Softw Appl Conf"},{"key":"55_CR57","unstructured":"Unicorn-The ultimate CPU emulator (2015). https:\/\/www.unicorn-engine.org\/."},{"key":"55_CR58","doi-asserted-by":"publisher","unstructured":"Ustebay, S, Turgut Z, Aydin MA (2019) Cyber Attack Detection by Using Neural Network Approaches: Shallow Neural Network, Deep Neural Network and AutoEncoder In: Computer Networks, 144\u2013155.. Springer. https:\/\/doi.org\/10.1007\/978-3-030-21952-9_11.","DOI":"10.1007\/978-3-030-21952-9_11"},{"key":"55_CR59","doi-asserted-by":"publisher","unstructured":"Varenne, R, Delorme JM, Plebani E, Pau D, Tomaselli V (2019) Intelligent Recognition of TCP Intrusions for Embedded Micro-controllers In: International Conference on Image Analysis and Processing, 361\u2013373.. Springer. https:\/\/doi.org\/10.1007\/978-3-030-30754-7_36.","DOI":"10.1007\/978-3-030-30754-7_36"},{"key":"55_CR60","unstructured":"Wang, Z, Liu P (2019) GPT Conjecture: Understanding the Trade-offs between Granularity, Performance and Timeliness in Control-Flow Integrity. eprint 1911.07828, archivePrefix arXiv, primaryClass cs.CR, arXiv."},{"key":"55_CR61","doi-asserted-by":"publisher","first-page":"36340","DOI":"10.1109\/ACCESS.2019.2903291","volume":"7","author":"Y Wang","year":"2019","unstructured":"Wang, Y, Wu Z, Wei Q, Wang Q (2019) NeuFuzz: Efficient Fuzzing with Deep Neural Network. IEEE Access 7:36340\u201336352.","journal-title":"IEEE Access"},{"key":"55_CR62","doi-asserted-by":"publisher","first-page":"117","DOI":"10.1145\/1629575.1629587","volume-title":"Proceedings of the ACM SIGOPS 22Nd Symposium on Operating Systems Principles SOSP \u201909","author":"W Xu","year":"2009","unstructured":"Xu, W, Huang L, Fox A, Patterson D, Jordan MI (2009) Detecting Large-Scale System Problems by Mining Console Logs In: Proceedings of the ACM SIGOPS 22Nd Symposium on Operating Systems Principles SOSP \u201909, 117\u2013132.. ACM, New York."},{"key":"55_CR63","doi-asserted-by":"publisher","unstructured":"Xu, X, Liu C, Feng Q, Yin H, Song L, Song D (2017) Neural Network-Based Graph Embedding for Cross-Platform Binary Code Similarity Detection In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 363\u2013376.. ACM. https:\/\/doi.org\/10.1145\/3133956.3134018.","DOI":"10.1145\/3133956.3134018"},{"key":"55_CR64","doi-asserted-by":"crossref","unstructured":"Xu, L, Zhang D, Jayasena N, Cavazos J (2018) HADM: Hybrid Analysis for Detection of Malware 16:702\u2013724.","DOI":"10.1007\/978-3-319-56991-8_51"},{"key":"55_CR65","volume-title":"28th USENIX Security Symposium (USENIX Security 19), pages 1805\u20131821","author":"X Xu","year":"2019","unstructured":"Xu, X, Ghaffarinia M, Wang W, Hamlen KW, Lin Z (2019) CONFIRM: Evaluating Compatibility and Relevance of Control-flow Integrity Protections for Modern Software In: 28th USENIX Security Symposium (USENIX Security 19), pages 1805\u20131821.. USENIX Association, Santa Clara."},{"key":"55_CR66","doi-asserted-by":"publisher","unstructured":"Yagemann, C, Sultana S, Chen L, Lee W (2019) Barnum: Detecting Document Malware via Control Flow Anomalies in Hardware Traces In: Lecture Notes in Computer Science, 341\u2013359.. Springer. https:\/\/doi.org\/10.1007\/978-3-030-30215-3_17.","DOI":"10.1007\/978-3-030-30215-3_17"},{"key":"55_CR67","doi-asserted-by":"publisher","first-page":"21954","DOI":"10.1109\/ACCESS.2017.2762418","volume":"5","author":"C Yin","year":"2017","unstructured":"Yin, C, Zhu Y, Fei J, He X (2017) A Deep Learning Approach for Intrusion Detection using Recurrent Neural Networks. IEEE Access 5:21954\u201321961.","journal-title":"IEEE Access"},{"key":"55_CR68","doi-asserted-by":"publisher","unstructured":"Yuan, X, Li C, Li X (2017) DeepDefense: Identifying DDoS Attack via Deep Learning In: 2017 IEEE International Conference on Smart Computing (SMARTCOMP).. IEEE. https:\/\/doi.org\/10.1109\/smartcomp.2017.7946998.","DOI":"10.1109\/smartcomp.2017.7946998"},{"key":"55_CR69","volume-title":"27th USENIX Security Symposium (USENIX Security 18), pages 745\u2013761","author":"I Yun","year":"2018","unstructured":"Yun, I, Lee S, Xu M, Jang Y, Kim T (2018) QSYM : A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing In: 27th USENIX Security Symposium (USENIX Security 18), pages 745\u2013761.. USENIX Association, Baltimore."},{"key":"55_CR70","doi-asserted-by":"publisher","unstructured":"Zhang, S, Meng W, Bu J, Yang S, Liu Y, Pei D, Xu J, Chen Y, Dong H, Qu X, Song L (2017) Syslog Processing for Switch Failure Diagnosis and Prediction in Datacenter Networks In: 2017 IEEE\/ACM 25th International Symposium on Quality of Service (IWQoS).. IEEE. https:\/\/doi.org\/10.1109\/iwqos.2017.7969130.","DOI":"10.1109\/iwqos.2017.7969130"},{"key":"55_CR71","unstructured":"Zhang, J, Chen W, Niu Y (2019) DeepCheck: A Non-intrusive Control-flow Integrity Checking based on Deep Learning. arXiv preprint arXiv:1905.01858."},{"key":"55_CR72","volume-title":"Proceedings of the 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ESEC\/FSE 2019, pages 807\u2013817","author":"X Zhang","year":"2019","unstructured":"Zhang, X, Xu Y, Lin Q, Qiao B, Zhang H, Dang Y, Xie C, Yang X, Cheng Q, Li Z, Chen J, He X, Yao R, Lou J-G, Chintalapati M, Shen F, Zhang D (2019) Robust Log-based Anomaly Detection on Unstable Log Data In: Proceedings of the 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ESEC\/FSE 2019, pages 807\u2013817.. ACM, New York."},{"key":"55_CR73","doi-asserted-by":"publisher","first-page":"119904","DOI":"10.1109\/ACCESS.2019.2933165","volume":"7","author":"Y Zhang","year":"2019","unstructured":"Zhang, Y, Chen X, Guo D, Song M, Teng Y, Wang X (2019) PCCN: Parallel Cross Convolutional Neural Network for Abnormal Network Traffic Flows Detection in Multi-Class Imbalanced Network Traffic Flows. IEEE Access 7:119904\u2013119916.","journal-title":"IEEE Access"}],"container-title":["Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-020-00055-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1186\/s42400-020-00055-5\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-020-00055-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,8,9]],"date-time":"2021-08-09T23:07:08Z","timestamp":1628550428000},"score":1,"resource":{"primary":{"URL":"https:\/\/cybersecurity.springeropen.com\/articles\/10.1186\/s42400-020-00055-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,8,10]]},"references-count":73,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2020,12]]}},"alternative-id":["55"],"URL":"https:\/\/doi.org\/10.1186\/s42400-020-00055-5","relation":{},"ISSN":["2523-3246"],"issn-type":[{"value":"2523-3246","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,8,10]]},"assertion":[{"value":"11 March 2020","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"17 June 2020","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"10 August 2020","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"PL is currently serving on the editorial board for Journal of Cybersecurity.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"15"}}