{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,25]],"date-time":"2026-04-25T15:22:12Z","timestamp":1777130532400,"version":"3.51.4"},"reference-count":24,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017,3]]},"DOI":"10.23919\/date.2017.7926977","type":"proceedings-article","created":{"date-parts":[[2017,5,15]],"date-time":"2017-05-15T16:34:41Z","timestamp":1494866081000},"page":"169-174","source":"Crossref","is-referenced-by-count":90,"title":["Malware detection using machine learning based analysis of virtual memory access patterns"],"prefix":"10.23919","author":[{"given":"Zhixing","family":"Xu","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sayak","family":"Ray","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Pramod","family":"Subramanyan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sharad","family":"Malik","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-008-0086-0"},{"key":"ref11","first-page":"351","article-title":"Effective and efficient malware detection at the end host","author":"kolbitsch","year":"2009","journal-title":"18th USENIX Security Symposium"},{"key":"ref12","article-title":"Ki-mon: A hardware-assisted event-triggered monitoring platform for mutable kernel object","author":"lee","year":"2013","journal-title":"Proceedings of the 22nd USENIX Conference on Security"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.21236\/ADA401496"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065034"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382202"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2007.21"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA.2015.7056070"},{"key":"ref18","first-page":"2825","article-title":"Scikit-learn: Machine learning in python","volume":"12","author":"pedregosa","year":"2011","journal-title":"The Journal of Machine Learning Research"},{"key":"ref19","article-title":"Copilot &#x2014; a Coprocessor-based Kernel Runtime Integrity Monitor","author":"petroni","year":"2004","journal-title":"13th USENIX Security Symposium"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/2744769.2744847"},{"key":"ref3","author":"charney","year":"2011","journal-title":"Xed2 user guide"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1145\/2485922.2485970"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1145\/2593069.2596656"},{"key":"ref8","first-page":"48","author":"idika","year":"2007","journal-title":"A Survey of Malware Detection Techniques"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1145\/1029618.1029625"},{"key":"ref2","first-page":"41","article-title":"Qemu, a fast and portable dynamic translator","author":"bellard","year":"2005","journal-title":"USENIX Annual Technical Conference Freenix track"},{"key":"ref1","article-title":"Digsig: Runtime authentication of binaries at kernel level","author":"apvrille","year":"2004","journal-title":"18th USENIX Conference on System Administration"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/32.372146"},{"key":"ref20","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-540-30143-1_11","article-title":"Anomalous payload-based network intrusion detection","author":"wang","year":"2004","journal-title":"Recent Advances in Intrusion Detection"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1145\/2076732.2076739"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/TVLSI.2014.2342153"},{"key":"ref24","article-title":"Attacking Antivirus","author":"xue","year":"2008","journal-title":"Black Hat Europe Briefings"},{"key":"ref23","article-title":"CFIMon: Detecting violation of control flow integrity using performance counters","author":"xia","year":"2012","journal-title":"IEEE\/IFIP International Conference on Dependable Systems and Networks"}],"event":{"name":"2017 Design, Automation & Test in Europe Conference & Exhibition (DATE)","location":"Lausanne, Switzerland","start":{"date-parts":[[2017,3,27]]},"end":{"date-parts":[[2017,3,31]]}},"container-title":["Design, Automation &amp; Test in Europe Conference &amp; Exhibition (DATE), 2017"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/7919927\/7926947\/07926977.pdf?arnumber=7926977","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,24]],"date-time":"2019-09-24T13:38:40Z","timestamp":1569332320000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/7926977\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,3]]},"references-count":24,"URL":"https:\/\/doi.org\/10.23919\/date.2017.7926977","relation":{},"subject":[],"published":{"date-parts":[[2017,3]]}}}