乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T05:56:57Z","timestamp":1726034217219},"reference-count":57,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2021,6,6]],"date-time":"2021-06-06T00:00:00Z","timestamp":1622937600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2021,6,6]],"date-time":"2021-06-06T00:00:00Z","timestamp":1622937600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2022,4]]},"abstract":"Abstract<\/jats:title>Executable files still remain popular to compromise the endpoint computers. These executable files are often obfuscated to avoid anti-virus programs. To examine all suspicious files from the Internet, dynamic analysis requires too much time. Therefore, a fast filtering method is required. With the recent development of natural language processing (NLP) techniques, printable strings became more effective to detect malware. The combination of the printable strings and NLP techniques can be used as a filtering method. In this paper, we apply NLP techniques to malware detection. This paper reveals that printable strings with NLP techniques are effective for detecting malware in a practical environment. Our dataset consists of more than 500,000 samples obtained from multiple sources. Our experimental results demonstrate that our method is effective to not only subspecies of the existing malware, but also new malware. Our method is effective against packed malware and anti-debugging techniques.<\/jats:p>","DOI":"10.1007\/s10207-021-00553-8","type":"journal-article","created":{"date-parts":[[2021,6,6]],"date-time":"2021-06-06T12:04:17Z","timestamp":1622981057000},"page":"279-291","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":25,"title":["Applying NLP techniques to malware detection in a practical environment"],"prefix":"10.1007","volume":"21","author":[{"ORCID":"http:\/\/orcid.org\/0000-0003-4323-9911","authenticated-orcid":false,"given":"Mamoru","family":"Mimura","sequence":"first","affiliation":[]},{"given":"Ryo","family":"Ito","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,6,6]]},"reference":[{"key":"553_CR1","doi-asserted-by":"crossref","unstructured":"Abou-Assaleh, T., Cercone, N., Keselj, V., Sweidan, R.: Detection of new malicious code using n-grams signatures. In: PST, pp. 193\u2013196 (2004). http:\/\/dev.hil.unb.ca\/Texts\/PST\/pdf\/assaleh.pdf","DOI":"10.1109\/CMPSAC.2004.1342667"},{"key":"553_CR2","doi-asserted-by":"publisher","unstructured":"Aghakhani, H., Gritti, F., Mecca, F., Lindorfer, M., Ortolani, S., Balzarotti, D., Vigna, G., Kruegel, C. When malware is packin\u2019 heat; limits of machine learning classifiers based on static analysis features Network and Distributed Systems Security (NDSS) Symposium (2020). https:\/\/doi.org\/10.14722\/ndss.2020.24310","DOI":"10.14722\/ndss.2020.24310"},{"issue":"2","key":"553_CR3","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1504\/IJESDF.2007.016865","volume":"1","author":"D Bilar","year":"2007","unstructured":"Bilar, D.: Opcodes as predictor for malware. IJESDF. Int. J. Electron. Secur. Digit. Forensics 1(2), 156\u2013168 (2007)","journal-title":"Int. J. Electron. Secur. Digit. Forensics"},{"key":"553_CR4","doi-asserted-by":"publisher","unstructured":"Elovici, Y., Shabtai, A., Moskovitch, R., Tahan, G., Glezer, C.: Applying machine learning techniques for detection of malicious code in network traffic. In: J.\u00a0Hertzberg, M.\u00a0Beetz, R.\u00a0Englert (eds.) KI 2007: Advances in Artificial Intelligence, 30th Annual German Conference on AI, KI 2007, Osnabr\u00fcck, Germany, September 10-13, 2007, Proceedings, Lecture Notes in Computer Science, vol. 4667, pp. 44\u201350. Springer (2007). https:\/\/doi.org\/10.1007\/978-3-540-74565-5_5","DOI":"10.1007\/978-3-540-74565-5_5"},{"issue":"5","key":"553_CR5","doi-asserted-by":"publisher","first-page":"579","DOI":"10.2197\/ipsjjip.23.579","volume":"23","author":"M Hatada","year":"2015","unstructured":"Hatada, M., Akiyama, M., Matsuki, T., Kasama, T.: Empowering anti-malware research in japan by sharing the MWS datasets. JIP 23(5), 579\u2013588 (2015). https:\/\/doi.org\/10.2197\/ipsjjip.23.579","journal-title":"JIP"},{"key":"553_CR6","doi-asserted-by":"crossref","unstructured":"Henchiri, O., Japkowicz, N.: A feature selection and evaluation scheme for computer virus detection. In: ICDM, pp. 891\u2013895. IEEE Computer Society (2006). http:\/\/www.computer.org\/csdl\/proceedings\/icdm\/2006\/2701\/00\/index.html","DOI":"10.1109\/ICDM.2006.4"},{"key":"553_CR7","doi-asserted-by":"crossref","unstructured":"Ismail, I., Marsono, M.N., Nor, S.M.: Detecting worms using data mining techniques: Learning in the presence of class noise. In: K.\u00a0Y\u00c3tongnon, A.\u00a0Dipanda, R.\u00a0Chbeir (eds.) Sixth International Conference on Signal-Image Technology and Internet-Based Systems, SITIS 2010, Kuala Lumpur, Malaysia, December 15-18, 2010, pp. 187\u2013194. IEEE Computer Society (2010). http:\/\/www.computer.org\/csdl\/proceedings\/sitis\/2010\/4319\/00\/index.html","DOI":"10.1109\/SITIS.2010.41"},{"key":"553_CR8","doi-asserted-by":"publisher","unstructured":"Ito, R., Mimura, M.: Detecting unknown malware from ascii strings with natural language processing techniques. In: 2019 14th Asia Joint Conference on Information Security (AsiaJCIS), pp. 1\u20138 (2019). https:\/\/doi.org\/10.1109\/AsiaJCIS.2019.00-12","DOI":"10.1109\/AsiaJCIS.2019.00-12"},{"key":"553_CR9","series-title":"Lecture Notes in Computer Science","first-page":"102","volume-title":"DIMVA","author":"G Jacob","year":"2012","unstructured":"Jacob, G., Comparetti, P.M., Neugschwandtner, M., Kruegel, C., Vigna, G.: A static, packer-agnostic filter to detect similar malware samples. In: Flegel, U., Markatos, E.P., Robertson, W.K. (eds.) DIMVA. Lecture Notes in Computer Science, pp. 102\u2013122. Springer, Berlin (2012)"},{"issue":"1\u20132","key":"553_CR10","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1007\/s11416-005-0002-9","volume":"1","author":"ME Karim","year":"2005","unstructured":"Karim, M.E., Walenstein, A., Lakhotia, A., Parida, L.: Malware phylogeny generation using permutations of code. J. Comput. Virol. 1(1\u20132), 13\u201323 (2005)","journal-title":"J. Comput. Virol."},{"key":"553_CR11","doi-asserted-by":"publisher","unstructured":"Kolosnjaji, B., Eraisha, G., Webster, G.D., Zarras, A., Eckert, C.: Empowering convolutional networks for malware classification and analysis. In: 2017 International Joint Conference on Neural Networks, IJCNN 2017, Anchorage, AK, USA, May 14-19, 2017, pp. 3838\u20133845 (2017). https:\/\/doi.org\/10.1109\/IJCNN.2017.7966340","DOI":"10.1109\/IJCNN.2017.7966340"},{"key":"553_CR12","doi-asserted-by":"crossref","unstructured":"Kolter, J.Z., Maloof, M.A.: Learning to detect malicious executables in the wild. In: W.K. 0001, R.\u00a0Kohavi, J.\u00a0Gehrke, W.\u00a0DuMouchel (eds.) Proceedings of the Tenth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, Seattle, Washington, USA, August 22-25, 2004, pp. 470\u2013478. ACM (2004)","DOI":"10.1145\/1014052.1014105"},{"key":"553_CR13","first-page":"2721","volume":"7","author":"JZ Kolter","year":"2006","unstructured":"Kolter, J.Z., Maloof, M.A.: Learning to detect and classify malicious executables in the wild. J. Mach. Learn. Res 7, 2721\u20132744 (2006)","journal-title":"J. Mach. Learn. Res"},{"key":"553_CR14","doi-asserted-by":"crossref","unstructured":"Kong, D., Yan, G.: Discriminant malware distance learning on structural information for automated malware classification. In: I.S. Dhillon, Y.\u00a0Koren, R.\u00a0Ghani, T.E. Senator, P.\u00a0Bradley, R.\u00a0Parekh, J.\u00a0He, R.L. Grossman, R.\u00a0Uthurusamy (eds.) The 19th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD 2013, Chicago, IL, USA, August 11-14, 2013, pp. 1357\u20131365. ACM (2013). http:\/\/dl.acm.org\/citation.cfm?id=2487575","DOI":"10.1145\/2487575.2488219"},{"key":"553_CR15","unstructured":"Le, Q.V., Mikolov, T.: Distributed representations of sentences and documents. In: Proceedings of the 31th International Conference on Machine Learning, ICML 2014, Beijing, China, 21-26 June 2014, pp. 1188\u20131196 (2014). http:\/\/jmlr.org\/proceedings\/papers\/v32\/le14.html"},{"key":"553_CR16","doi-asserted-by":"publisher","unstructured":"Lee, J., Im, C., Jeong, H.: A study of malware detection and classification by comparing extracted strings. In: Proceedings of the 5th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2011, Seoul, Republic of Korea, February 21 - 23, 2011, p.\u00a075 (2011). https:\/\/doi.org\/10.1145\/1968613.1968704","DOI":"10.1145\/1968613.1968704"},{"key":"553_CR17","doi-asserted-by":"publisher","unstructured":"Li, B., Roundy, K.A., Gates, C.S., Vorobeychik, Y.: Large-scale identification of malicious singleton files. In: G.\u00a0Ahn, A.\u00a0Pretschner, G.\u00a0Ghinita (eds.) Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, CODASPY 2017, Scottsdale, AZ, USA, March 22-24, 2017, pp. 227\u2013238. ACM (2017). https:\/\/doi.org\/10.1145\/3029806.3029815","DOI":"10.1145\/3029806.3029815"},{"key":"553_CR18","doi-asserted-by":"crossref","unstructured":"Martignoni, L., Christodorescu, M., Jha, S.: Omniunpack: Fast, generic, and safe unpacking of malware. In: ACSAC, pp. 431\u2013441. IEEE Computer Society (2007). http:\/\/www.computer.org\/csdl\/proceedings\/acsac\/2007\/3060\/00\/index.html","DOI":"10.1109\/ACSAC.2007.15"},{"issue":"3","key":"553_CR19","first-page":"104","volume":"4","author":"F Mastjik","year":"2015","unstructured":"Mastjik, F., Varol, C., Varol, A.: Comparison of pattern matching techniques on identification of same family malware. Int. J. Inf. Secur. Sci. 4(3), 104\u2013111 (2015)","journal-title":"Int. J. Inf. Secur. Sci."},{"key":"553_CR20","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/s10796-007-9054-3","volume":"10","author":"M Masud","year":"2008","unstructured":"Masud, M., Khan, L., Thuraisingham, B.: A scalable multi-level feature extraction technique to detect malicious executables. Inf. Syst. Front. - ISF 10, 33\u201345 (2008). https:\/\/doi.org\/10.1007\/s10796-007-9054-3","journal-title":"Inf. Syst. Front. - ISF"},{"key":"553_CR21","unstructured":"Mikolov, T., Yih, W., Zweig, G.: Linguistic regularities in continuous space word representations. In: Human Language Technologies: Conference of the North American Chapter of the Association of Computational Linguistics, Proceedings, June 9-14, 2013, Westin Peachtree Plaza Hotel, Atlanta, Georgia, USA, pp. 746\u2013751 (2013). http:\/\/aclweb.org\/anthology\/N\/N13\/N13-1090.pdf"},{"key":"553_CR22","doi-asserted-by":"publisher","first-page":"711","DOI":"10.2197\/ipsjjip.27.711","volume":"27","author":"M Mimura","year":"2019","unstructured":"Mimura, M.: An attempt to read network traffic with doc2vec. J. Inf. Proces. 27, 711\u2013719 (2019). https:\/\/doi.org\/10.2197\/ipsjjip.27.711","journal-title":"J. Inf. Proces."},{"key":"553_CR23","first-page":"102408","volume":"50","author":"M Mimura","year":"2020","unstructured":"Mimura, M.: Adjusting lexical features of actual proxy logs for intrusion detection. J. Inf. Secur. Appl. 50, 102408 (2020)","journal-title":"J. Inf. Secur. Appl."},{"key":"553_CR24","doi-asserted-by":"publisher","first-page":"204709","DOI":"10.1109\/ACCESS.2020.3037330","volume":"8","author":"M Mimura","year":"2020","unstructured":"Mimura, M.: An improved method of detecting macro malware on an imbalanced dataset. IEEE Access 8, 204709\u2013204717 (2020). https:\/\/doi.org\/10.1109\/ACCESS.2020.3037330","journal-title":"IEEE Access"},{"key":"553_CR25","first-page":"102600","volume":"54","author":"M Mimura","year":"2020","unstructured":"Mimura, M.: Using fake text vectors to improve the sensitivity of minority class for macro malware detection. J. Inf. Secur. Appl. 54, 102600 (2020)","journal-title":"J. Inf. Secur. Appl."},{"key":"553_CR26","doi-asserted-by":"publisher","first-page":"555","DOI":"10.2197\/ipsjjip.27.555","volume":"27","author":"M Mimura","year":"2019","unstructured":"Mimura, M., Miura, H.: Detecting unseen malicious VBA macros with NLP techniques. JIP 27, 555\u2013563 (2019). https:\/\/doi.org\/10.2197\/ipsjjip.27.555","journal-title":"JIP"},{"key":"553_CR27","doi-asserted-by":"crossref","unstructured":"Mimura, M., Ohminami, T.: Towards efficient detection of malicious vba macros with lsi. In: N.\u00a0Attrapadung, T.\u00a0Yagi (eds.) Advances in Information and Computer Security - 14th International Workshop on Security, IWSEC 2019, Tokyo, Japan, August 28-30, 2019, Proceedings, Lecture Notes in Computer Science, vol. 11689, pp. 168\u2013185. Springer (2019)","DOI":"10.1007\/978-3-030-26834-3_10"},{"key":"553_CR28","doi-asserted-by":"crossref","unstructured":"Mimura, M., Otsubo, Y., Tanaka, H.: Evaluation of a brute forcing tool that extracts the rat from a malicious document file. In: AsiaJCIS, pp. 147\u2013154. IEEE Computer Society (2016). http:\/\/ieeexplore.ieee.org\/xpl\/mostRecentIssue.jsp?punumber=7781470","DOI":"10.1109\/AsiaJCIS.2016.17"},{"key":"553_CR29","doi-asserted-by":"publisher","unstructured":"Mimura, M., Suga, Y.: Filtering malicious javascript code with doc2vec on an imbalanced dataset. In: 2019 14th Asia Joint Conference on Information Security (AsiaJCIS), pp. 24\u201331 (2019). https:\/\/doi.org\/10.1109\/AsiaJCIS.2019.000-9","DOI":"10.1109\/AsiaJCIS.2019.000-9"},{"key":"553_CR30","doi-asserted-by":"publisher","unstructured":"Mimura, M., Tanaka, H.: Heavy log reader: Learning the context of cyber attacks automatically with paragraph vector. In: Information Systems Security - 13th International Conference, ICISS 2017, Mumbai, India, December 16-20, 2017, Proceedings, pp. 146\u2013163 (2017). https:\/\/doi.org\/10.1007\/978-3-319-72598-7_9","DOI":"10.1007\/978-3-319-72598-7_9"},{"key":"553_CR31","doi-asserted-by":"publisher","unstructured":"Mimura, M., Tanaka, H.: Reading network packets as a natural language for intrusion detection. In: Information Security and Cryptology - ICISC 2017 - 20th International Conference, Seoul, South Korea, November 29 - December 1, 2017, Revised Selected Papers, pp. 339\u2013350 (2017). https:\/\/doi.org\/10.1007\/978-3-319-78556-1_19","DOI":"10.1007\/978-3-319-78556-1_19"},{"key":"553_CR32","doi-asserted-by":"publisher","first-page":"804","DOI":"10.2197\/ipsjjip.26.804","volume":"26","author":"M Mimura","year":"2018","unstructured":"Mimura, M., Tanaka, H.: Leaving all proxy server logs to paragraph vector. J. Inf. Process. 26, 804\u2013812 (2018). https:\/\/doi.org\/10.2197\/ipsjjip.26.804","journal-title":"J. Inf. Process."},{"key":"553_CR33","doi-asserted-by":"publisher","unstructured":"Mimura, M., Tanaka, H.: A linguistic approach towards intrusion detection in actual proxy logs: 20th international conference, icics 2018, lille, france, october 29-31, 2018, proceedings. pp. 708\u2013718 (2018). https:\/\/doi.org\/10.1007\/978-3-030-01950-1_42","DOI":"10.1007\/978-3-030-01950-1_42"},{"key":"553_CR34","doi-asserted-by":"publisher","unstructured":"Miura, H., Mimura, M., Tanaka, H.: Macros finder: Do you remember loveletter? In: Information Security Practice and Experience - 14th International Conference, ISPEC 2018, Tokyo, Japan, September 25-27, 2018, Proceedings, pp. 3\u201318 (2018). https:\/\/doi.org\/10.1007\/978-3-319-99807-7_1","DOI":"10.1007\/978-3-319-99807-7_1"},{"key":"553_CR35","doi-asserted-by":"publisher","unstructured":"Moskovitch, R., Stopel, D., Feher, C., Nissim, N., Elovici, Y.: Unknown malcode detection via text categorization and the imbalance problem. International Conference on Intelligence and Security Informatics. In: ISI, pp. 156\u2013161. IEEE (2008). https:\/\/doi.org\/10.1109\/ISI.2008.4565046","DOI":"10.1109\/ISI.2008.4565046"},{"key":"553_CR36","doi-asserted-by":"crossref","unstructured":"Nagano, Y., Uda, R.: Static analysis with paragraph vector for malware detection. In: IMCOM, p.\u00a080. ACM (2017). http:\/\/dl.acm.org\/citation.cfm?id=3022306","DOI":"10.1145\/3022227.3022306"},{"key":"553_CR37","doi-asserted-by":"publisher","first-page":"105721","DOI":"10.1016\/j.asoc.2019.105721","volume":"84","author":"S Ndichu","year":"2019","unstructured":"Ndichu, S., Kim, S., Ozawa, S., Misu, T., Makishima, K.: A machine learning approach to detection of javascript-based attacks using ast features and paragraph vectors. Appl. Soft Comput. 84, 105721 (2019)","journal-title":"Appl. Soft Comput."},{"issue":"14","key":"553_CR38","doi-asserted-by":"publisher","first-page":"1941","DOI":"10.1016\/j.patrec.2008.06.016","volume":"29","author":"R Perdisci","year":"2008","unstructured":"Perdisci, R., Lanzi, A., Lee, W.: Classification of packed executables for accurate computer virus detection. Pattern Recognit. Lett. 29(14), 1941\u20131946 (2008). https:\/\/doi.org\/10.1016\/j.patrec.2008.06.016","journal-title":"Pattern Recognit. Lett."},{"key":"553_CR39","doi-asserted-by":"publisher","first-page":"100357","DOI":"10.1016\/j.iot.2021.100357","volume":"13","author":"NM Phung","year":"2021","unstructured":"Phung, N.M., Mimura, M.: Detection of malicious javascript on an imbalanced dataset. Internet of Things 13, 100357 (2021). https:\/\/doi.org\/10.1016\/j.iot.2021.100357","journal-title":"Internet of Things"},{"key":"553_CR40","doi-asserted-by":"publisher","unstructured":"Raff, E., Sylvester, J., Nicholas, C.: Learning the PE header, malware detection with minimal domain knowledge. In: B.M. Thuraisingham, B.\u00a0Biggio, D.M. Freeman, B.\u00a0Miller, A.\u00a0Sinha (eds.) Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, AISec@CCS 2017, Dallas, TX, USA, November 3, 2017, pp. 121\u2013132. ACM (2017). https:\/\/doi.org\/10.1145\/3128572.3140442","DOI":"10.1145\/3128572.3140442"},{"key":"553_CR41","doi-asserted-by":"publisher","unstructured":"Raff, E., Sylvester, J., Nicholas, C.K.: Learning the pe header, malware detection with minimal domain knowledge. CoRR abs\/1709.01471 (2017). https:\/\/doi.org\/10.1145\/3128572.3140442","DOI":"10.1145\/3128572.3140442"},{"key":"553_CR42","unstructured":"\u0158eh\u016f\u0159ek, R., Sojka, P.: Software Framework for Topic Modelling with Large Corpora. In: Proceedings of the LREC 2010 Workshop on New Challenges for NLP Frameworks, pp. 45\u201350. ELRA, Valletta, Malta (2010). http:\/\/is.muni.cz\/publication\/884893\/en"},{"issue":"11","key":"553_CR43","doi-asserted-by":"publisher","first-page":"613","DOI":"10.1145\/361219.361220","volume":"18","author":"G Salton","year":"1975","unstructured":"Salton, G., Wong, A., Yang, C.: A vector space model for automatic indexing. Commun. ACM 18(11), 613\u2013620 (1975). https:\/\/doi.org\/10.1145\/361219.361220","journal-title":"Commun. ACM"},{"key":"553_CR44","unstructured":"Sathyanarayan, V.S., Kohli, P., Bruhadeshwar, B.: Signature generation and detection of malware families. In: Y.M. 0001, W.\u00a0Susilo, J.\u00a0Seberry (eds.) Information Security and Privacy, 13th Australasian Conference, ACISP 2008, Wollongong, Australia, July 7-9, 2008, Proceedings, Lecture Notes in Computer Science, vol. 5107, pp. 336\u2013349. Springer (2008)"},{"key":"553_CR45","doi-asserted-by":"publisher","unstructured":"Saxe, J., Berlin, K.: Deep neural network based malware detection using two dimensional binary program features. In: 10th International Conference on Malicious and Unwanted Software, MALWARE 2015, Fajardo, PR, USA, October 20-22, 2015, pp. 11\u201320. IEEE Computer Society (2015). https:\/\/doi.org\/10.1109\/MALWARE.2015.7413680","DOI":"10.1109\/MALWARE.2015.7413680"},{"key":"553_CR46","doi-asserted-by":"publisher","unstructured":"Schultz, M.G., Eskin, E., Zadok, E., Stolfo, S.J.: Data mining methods for detection of new malicious executables. In: 2001 IEEE Symposium on Security and Privacy, Oakland, California, USA May 14-16, 2001, pp. 38\u201349. IEEE Computer Society (2001). https:\/\/doi.org\/10.1109\/SECPRI.2001.924286","DOI":"10.1109\/SECPRI.2001.924286"},{"issue":"1","key":"553_CR47","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1016\/j.istr.2009.03.003","volume":"14","author":"A Shabtai","year":"2009","unstructured":"Shabtai, A., Moskovitch, R., Elovici, Y., Glezer, C.: Detection of malicious code by applying machine learning classifiers on static features: a state-of-the-art survey. Inf. Sec. Techn. Rep. 14(1), 16\u201329 (2009)","journal-title":"Inf. Sec. Techn. Rep."},{"key":"553_CR48","doi-asserted-by":"publisher","unstructured":"Shafiq, M.Z., Tabish, S.M., Mirza, F., Farooq, M.: Pe-miner: Mining structural information to detect malicious executables in realtime. In: E.\u00a0Kirda, S.\u00a0Jha, D.\u00a0Balzarotti (eds.) Recent Advances in Intrusion Detection, 12th International Symposium, RAID 2009, Saint-Malo, France, September 23-25, 2009. Proceedings, Lecture Notes in Computer Science, vol. 5758, pp. 121\u2013141. Springer (2009). https:\/\/doi.org\/10.1007\/978-3-642-04342-0_7","DOI":"10.1007\/978-3-642-04342-0_7"},{"key":"553_CR49","unstructured":"Symantec: Internet Security Threat Report 24 (2019)"},{"key":"553_CR50","doi-asserted-by":"crossref","unstructured":"Tian, R., Batten, L.M., Versteeg, S.: Function length as a tool for malware classification. In: MALWARE, pp. 69\u201376. IEEE Computer Society (2008). http:\/\/doi.ieeecomputersociety.org\/10.1109\/MALWARE.2008.4690860","DOI":"10.1109\/MALWARE.2008.4690860"},{"key":"553_CR51","doi-asserted-by":"publisher","unstructured":"Tran, T.K., Sato, H.: Nlp-based approaches for malware classification from api sequences. In: 2017 21st Asia Pacific Symposium on Intelligent and Evolutionary Systems (IES), pp. 101\u2013105 (2017). https:\/\/doi.org\/10.1109\/IESYS.2017.8233569","DOI":"10.1109\/IESYS.2017.8233569"},{"key":"553_CR52","unstructured":"Wang, J., Ma, S., Zhang, Y., Li, J., Ma, Z., Mai, L., Chen, T., Gu, D.: NLP-EYE: detecting memory corruptions via semantic-aware memory operation function identification. In: 22nd International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2019, Chaoyang District, Beijing, China, September 23-25, 2019., pp. 309\u2013321 (2019). https:\/\/www.usenix.org\/conference\/raid2019\/presentation\/wang-0"},{"key":"553_CR53","doi-asserted-by":"publisher","unstructured":"Webster, G.D., Kolosnjaji, B., von Pentz, C., Kirsch, J., Hanif, Z.D., Zarras, A., Eckert, C.: Finding the needle: A study of the PE32 rich header and respective malware triage. In: M.\u00a0Polychronakis, M.\u00a0Meier (eds.) Detection of Intrusions and Malware, and Vulnerability Assessment - 14th International Conference, DIMVA 2017, Bonn, Germany, July 6-7, 2017, Proceedings, Lecture Notes in Computer Science, vol. 10327, pp. 119\u2013138. Springer (2017). https:\/\/doi.org\/10.1007\/978-3-319-60876-1_6","DOI":"10.1007\/978-3-319-60876-1_6"},{"issue":"4","key":"553_CR54","doi-asserted-by":"publisher","first-page":"283","DOI":"10.1007\/s11416-008-0108-y","volume":"5","author":"Y Ye","year":"2009","unstructured":"Ye, Y., Chen, L., Wang, D., Li, T., Jiang, Q., Zhao, M.: SBMDS: an interpretable string based malware detection system using SVM ensemble with bagging. J Comput Virol 5(4), 283\u2013293 (2009). https:\/\/doi.org\/10.1007\/s11416-008-0108-y","journal-title":"J Comput Virol"},{"key":"553_CR55","unstructured":"Zhang, B., Yin, J., Hao, J., Zhang, D., Wang, S.: Malicious codes detection based on ensemble learning. In: B.X. 0001, L.T. Yang, J.\u00a0Ma, C.\u00a0M\u00c3$$1\/4$$ller-Schloer, Y.H. 0001 (eds.) Autonomic and Trusted Computing, 4th International Conference, ATC 2007, Hong Kong, China, July 11-13, 2007, Proceedings, Lecture Notes in Computer Science, vol. 4610, pp. 468\u2013477. Springer (2007)"},{"key":"553_CR56","unstructured":"Zhu, S., Shi, J., Yang, L., Qin, B., Zhang, Z., Song, L., Wang, G.: Measuring and modeling the label dynamics of online anti-malware engines. In: S.\u00a0Capkun, F.\u00a0Roesner (eds.) 29th USENIX Security Symposium, USENIX Security 2020, August 12-14, 2020, pp. 2361\u20132378. USENIX Association (2020). https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/zhu"},{"key":"553_CR57","doi-asserted-by":"publisher","unstructured":"Zolotukhin, M., Hamalainen, T.: Detection of zero-day malware based on the analysis of opcode sequences. In: 2014 IEEE 11th Consumer Communications and Networking Conference (CCNC), pp. 386\u2013391 (2014). https:\/\/doi.org\/10.1109\/CCNC.2014.6866599","DOI":"10.1109\/CCNC.2014.6866599"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-021-00553-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-021-00553-8\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-021-00553-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,3,21]],"date-time":"2022-03-21T08:07:33Z","timestamp":1647850053000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-021-00553-8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,6,6]]},"references-count":57,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2022,4]]}},"alternative-id":["553"],"URL":"https:\/\/doi.org\/10.1007\/s10207-021-00553-8","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,6,6]]},"assertion":[{"value":"6 June 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declaration"}},{"value":"The authors declare that they have no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"This work was supported by JSPS KAKENHI Grant Number 21K11898.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Funding"}},{"value":"This article does not contain any studies with human participants or animals performed by any of the authors.","order":4,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethical approval"}}]}}