{"id":"https://openalex.org/W3167995052","doi":"https://doi.org/10.1007/s10207-021-00553-8","title":"Applying NLP techniques to malware detection in a practical environment","display_name":"Applying NLP techniques to malware detection in a practical environment","publication_year":2021,"publication_date":"2021-06-06","ids":{"openalex":"https://openalex.org/W3167995052","doi":"https://doi.org/10.1007/s10207-021-00553-8","mag":"3167995052"},"language":"en","primary_location":{"is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10207-021-00553-8","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10207-021-00553-8.pdf","source":{"id":"https://openalex.org/S164062316","display_name":"International Journal of Information Security","issn_l":"1615-5262","issn":["1615-5262","1615-5270"],"is_oa":false,"is_in_doaj":false,"is_indexed_in_scopus":true,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319965","https://openalex.org/P4310319900"],"host_organization_lineage_names":["Springer Nature","Springer Science+Business Media"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true},"type":"article","type_crossref":"journal-article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://link.springer.com/content/pdf/10.1007/s10207-021-00553-8.pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5023133164","display_name":"Mamoru Mimura","orcid":"https://orcid.org/0000-0003-4323-9911"},"institutions":[{"id":"https://openalex.org/I443798","display_name":"National Defense Academy of Japan","ror":"https://ror.org/05xszy717","country_code":"JP","type":"education","lineage":["https://openalex.org/I443798"]}],"countries":["JP"],"is_corresponding":true,"raw_author_name":"Mamoru Mimura","raw_affiliation_strings":["National Defense Academy 1-10-20 Hashirimizu, Yokosuka, Kanagawa, Japan"],"affiliations":[{"raw_affiliation_string":"National Defense Academy 1-10-20 Hashirimizu, Yokosuka, Kanagawa, Japan","institution_ids":["https://openalex.org/I443798"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5056318849","display_name":"Ryo Ito","orcid":null},"institutions":[],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Ryo Ito","raw_affiliation_strings":["Japan Ground Self-Defense Force 5-1 Honmura-cho, Ichigaya, Shinjuku-ku, Tokyo, Japan"],"affiliations":[{"raw_affiliation_string":"Japan Ground Self-Defense Force 5-1 Honmura-cho, Ichigaya, Shinjuku-ku, Tokyo, Japan","institution_ids":[]}]}],"institution_assertions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5023133164"],"corresponding_institution_ids":["https://openalex.org/I443798"],"apc_list":{"value":2590,"currency":"EUR","value_usd":3190,"provenance":"doaj"},"apc_paid":{"value":2590,"currency":"EUR","value_usd":3190,"provenance":"doaj"},"fwci":5.351,"has_fulltext":true,"fulltext_origin":"pdf","cited_by_count":40,"citation_normalized_percentile":{"value":0.83957,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":97,"max":98},"biblio":{"volume":"21","issue":"2","first_page":"279","last_page":"291"},"is_retracted":false,"is_paratext":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9985,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9969,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.73333025},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.5497152},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.42856643},{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.42761028}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9396217},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8861251},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.73333025},{"id":"https://openalex.org/C168065819","wikidata":"https://www.wikidata.org/wiki/Q845566","display_name":"Debugging","level":2,"score":0.67080206},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.59188056},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.5497152},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.46868947},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.42856643},{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.42761028},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.4132977},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.36035144},{"id":"https://openalex.org/C204321447","wikidata":"https://www.wikidata.org/wiki/Q30642","display_name":"Natural language processing","level":1,"score":0.33631638},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.2299563},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.15633205}],"mesh":[],"locations_count":1,"locations":[{"is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10207-021-00553-8","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10207-021-00553-8.pdf","source":{"id":"https://openalex.org/S164062316","display_name":"International Journal of Information Security","issn_l":"1615-5262","issn":["1615-5262","1615-5270"],"is_oa":false,"is_in_doaj":false,"is_indexed_in_scopus":true,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319965","https://openalex.org/P4310319900"],"host_organization_lineage_names":["Springer Nature","Springer Science+Business Media"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true}],"best_oa_location":{"is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10207-021-00553-8","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10207-021-00553-8.pdf","source":{"id":"https://openalex.org/S164062316","display_name":"International Journal of Information Security","issn_l":"1615-5262","issn":["1615-5262","1615-5270"],"is_oa":false,"is_in_doaj":false,"is_indexed_in_scopus":true,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319965","https://openalex.org/P4310319900"],"host_organization_lineage_names":["Springer Nature","Springer Science+Business Media"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true},"sustainable_development_goals":[],"grants":[],"datasets":[],"versions":[],"referenced_works_count":58,"referenced_works":["https://openalex.org/W101893524","https://openalex.org/W1497883910","https://openalex.org/W1558357780","https://openalex.org/W1559833478","https://openalex.org/W168564468","https://openalex.org/W1760401052","https://openalex.org/W1893133781","https://openalex.org/W1916732574","https://openalex.org/W1987214724","https://openalex.org/W1987684126","https://openalex.org/W2003094813","https://openalex.org/W2003791967","https://openalex.org/W2034329000","https://openalex.org/W2034938003","https://openalex.org/W2084979543","https://openalex.org/W2096921767","https://openalex.org/W2099053789","https://openalex.org/W2121749752","https://openalex.org/W2137314966","https://openalex.org/W2141599568","https://openalex.org/W2144112223","https://openalex.org/W2145056020","https://openalex.org/W2151300580","https://openalex.org/W2153616611","https://openalex.org/W2164163973","https://openalex.org/W2164463255","https://openalex.org/W2165612380","https://openalex.org/W2170529403","https://openalex.org/W2170770919","https://openalex.org/W2384622762","https://openalex.org/W2561675875","https://openalex.org/W2567697112","https://openalex.org/W2586608967","https://openalex.org/W2603093875","https://openalex.org/W2621204675","https://openalex.org/W2734713605","https://openalex.org/W2752241832","https://openalex.org/W2773479116","https://openalex.org/W2780450026","https://openalex.org/W2790556686","https://openalex.org/W2891782005","https://openalex.org/W2898503197","https://openalex.org/W2903746137","https://openalex.org/W2949547296","https://openalex.org/W2965263711","https://openalex.org/W2969612742","https://openalex.org/W2972512996","https://openalex.org/W2972877457","https://openalex.org/W2973109646","https://openalex.org/W2977300221","https://openalex.org/W2988276567","https://openalex.org/W2990968830","https://openalex.org/W3007070494","https://openalex.org/W3029868457","https://openalex.org/W3070794221","https://openalex.org/W3098789273","https://openalex.org/W3099388751","https://openalex.org/W3120667286"],"related_works":["https://openalex.org/W4285325964","https://openalex.org/W4240624848","https://openalex.org/W3214090987","https://openalex.org/W2964256930","https://openalex.org/W2929621094","https://openalex.org/W2768892939","https://openalex.org/W2469507153","https://openalex.org/W1996006176","https://openalex.org/W1995118279","https://openalex.org/W1599449514"],"abstract_inverted_index":{"Abstract":[0],"Executable":[1],"files":[2,13,25],"still":[3],"remain":[4],"popular":[5],"to":[6,17,57,83,125],"compromise":[7],"the":[8,27,43,63,130],"endpoint":[9],"computers.":[10],"These":[11],"executable":[12],"are":[14,95],"often":[15],"obfuscated":[16],"avoid":[18],"anti-virus":[19],"programs.":[20],"To":[21],"examine":[22],"all":[23],"suspicious":[24],"from":[26,113],"Internet,":[28],"dynamic":[29],"analysis":[30],"requires":[31],"too":[32],"much":[33],"time.":[34],"Therefore,":[35],"a":[36,73,101],"fast":[37],"filtering":[38,74],"method":[39,122,138],"is":[40,123,139],"required.":[41],"With":[42],"recent":[44],"development":[45],"of":[46,62,107,129],"natural":[47],"language":[48],"processing":[49],"(NLP)":[50],"techniques,":[51],"printable":[52,64,90],"strings":[53,65,91],"became":[54],"more":[55,108],"effective":[56,96,124,140],"detect":[58],"malware.":[59,136],"The":[60],"combination":[61],"and":[66,144],"NLP":[67,81,93],"techniques":[68,82,94],"can":[69],"be":[70],"used":[71],"as":[72],"method.":[75],"In":[76],"this":[77],"paper,":[78],"we":[79],"apply":[80],"malware":[84,99,143],"detection.":[85],"This":[86],"paper":[87],"reveals":[88],"that":[89,120],"with":[92],"for":[97],"detecting":[98],"in":[100],"practical":[102],"environment.":[103],"Our":[104,116,137],"dataset":[105],"consists":[106],"than":[109],"500,000":[110],"samples":[111],"obtained":[112],"multiple":[114],"sources.":[115],"experimental":[117],"results":[118],"demonstrate":[119],"our":[121],"not":[126],"only":[127],"subspecies":[128],"existing":[131],"malware,":[132],"but":[133],"also":[134],"new":[135],"against":[141],"packed":[142],"anti-debugging":[145],"techniques.":[146]},"cited_by_api_url":"https://api.openalex.org/works?filter=cites:W3167995052","counts_by_year":[{"year":2024,"cited_by_count":17},{"year":2023,"cited_by_count":10},{"year":2022,"cited_by_count":11},{"year":2021,"cited_by_count":2}],"updated_date":"2025-01-19T07:47:39.460243","created_date":"2021-06-22"}