{"id":"https:\/\/openalex.org\/W1994531415","doi":"https:\/\/doi.org\/10.1049\/iet-ifs.2012.0343","title":"Approach for malware identification using dynamic behaviour and outcome triggering","display_name":"Approach for malware identification using dynamic behaviour and outcome triggering","publication_year":2013,"publication_date":"2013-10-31","ids":{"openalex":"https:\/\/openalex.org\/W1994531415","doi":"https:\/\/doi.org\/10.1049\/iet-ifs.2012.0343","mag":"1994531415"},"language":"en","primary_location":{"id":"doi:10.1049\/iet-ifs.2012.0343","is_oa":true,"landing_page_url":"https:\/\/doi.org\/10.1049\/iet-ifs.2012.0343","pdf_url":"https:\/\/onlinelibrary.wiley.com\/doi\/pdfdirect\/10.1049\/iet-ifs.2012.0343","source":{"id":"https:\/\/openalex.org\/S58852226","display_name":"IET Information Security","issn_l":"1751-8709","issn":["1751-8709","1751-8717"],"is_oa":false,"is_in_doaj":true,"is_core":true,"host_organization":"https:\/\/openalex.org\/P4310311714","host_organization_name":"Institution of Engineering and Technology","host_organization_lineage":["https:\/\/openalex.org\/P4310311714"],"host_organization_lineage_names":["Institution of Engineering and Technology"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IET Information Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https:\/\/onlinelibrary.wiley.com\/doi\/pdfdirect\/10.1049\/iet-ifs.2012.0343","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https:\/\/openalex.org\/A5012076833","display_name":"Hao Bai","orcid":"https:\/\/orcid.org\/0000-0002-5339-4985"},"institutions":[{"id":"https:\/\/openalex.org\/I125839683","display_name":"Beijing Institute of Technology","ror":"https:\/\/ror.org\/01skt4w74","country_code":"CN","type":"education","lineage":["https:\/\/openalex.org\/I125839683","https:\/\/openalex.org\/I890469752"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Hao Bai","raw_affiliation_strings":["School of Computer Science and Technology Beijing Institute of Technology Beijing People's Republic of China","School of Computer Science and TechnologyBeijing Institute of TechnologyBeijingPeople's Republic of China"],"affiliations":[{"raw_affiliation_string":"School of Computer Science and Technology Beijing Institute of Technology Beijing People's Republic of China","institution_ids":["https:\/\/openalex.org\/I125839683"]},{"raw_affiliation_string":"School of Computer Science and TechnologyBeijing Institute of TechnologyBeijingPeople's Republic of China","institution_ids":["https:\/\/openalex.org\/I125839683"]}]},{"author_position":"middle","author":{"id":"https:\/\/openalex.org\/A5102753688","display_name":"Changzhen Hu","orcid":"https:\/\/orcid.org\/0000-0002-2711-7060"},"institutions":[{"id":"https:\/\/openalex.org\/I125839683","display_name":"Beijing Institute of Technology","ror":"https:\/\/ror.org\/01skt4w74","country_code":"CN","type":"education","lineage":["https:\/\/openalex.org\/I125839683","https:\/\/openalex.org\/I890469752"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chang\u2010zhen Hu","raw_affiliation_strings":["School of Computer Science and Technology Beijing Institute of Technology Beijing People's Republic of China","School of Computer Science and TechnologyBeijing Institute of TechnologyBeijingPeople's Republic of China"],"affiliations":[{"raw_affiliation_string":"School of Computer Science and Technology Beijing Institute of Technology Beijing People's Republic of China","institution_ids":["https:\/\/openalex.org\/I125839683"]},{"raw_affiliation_string":"School of Computer Science and TechnologyBeijing Institute of TechnologyBeijingPeople's Republic of China","institution_ids":["https:\/\/openalex.org\/I125839683"]}]},{"author_position":"middle","author":{"id":"https:\/\/openalex.org\/A5052259920","display_name":"Xiaochuan Jing","orcid":null},"institutions":[{"id":"https:\/\/openalex.org\/I4210110108","display_name":"Aerospace Center Hospital","ror":"https:\/\/ror.org\/01yb3sb52","country_code":"CN","type":"healthcare","lineage":["https:\/\/openalex.org\/I4210110108"]},{"id":"https:\/\/openalex.org\/I4210127390","display_name":"State Council of the People's Republic of China","ror":"https:\/\/ror.org\/02fzqav45","country_code":"CN","type":"government","lineage":["https:\/\/openalex.org\/I4210127390"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiao\u2010chuan Jing","raw_affiliation_strings":["China Aerospace Engineering Consultation Center Beijing People's Republic of China","China Aerospace Engineering Consultation CenterBeijingPeople's Republic of China"],"affiliations":[{"raw_affiliation_string":"China Aerospace Engineering Consultation Center Beijing People's Republic of China","institution_ids":["https:\/\/openalex.org\/I4210127390"]},{"raw_affiliation_string":"China Aerospace Engineering Consultation CenterBeijingPeople's Republic of China","institution_ids":["https:\/\/openalex.org\/I4210110108"]}]},{"author_position":"middle","author":{"id":"https:\/\/openalex.org\/A5100369033","display_name":"Ning Li","orcid":"https:\/\/orcid.org\/0000-0002-6224-1809"},"institutions":[{"id":"https:\/\/openalex.org\/I4210127390","display_name":"State Council of the People's Republic of China","ror":"https:\/\/ror.org\/02fzqav45","country_code":"CN","type":"government","lineage":["https:\/\/openalex.org\/I4210127390"]},{"id":"https:\/\/openalex.org\/I4210110108","display_name":"Aerospace Center Hospital","ror":"https:\/\/ror.org\/01yb3sb52","country_code":"CN","type":"healthcare","lineage":["https:\/\/openalex.org\/I4210110108"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ning Li","raw_affiliation_strings":["China Aerospace Engineering Consultation Center Beijing People's Republic of China","China Aerospace Engineering Consultation CenterBeijingPeople's Republic of China"],"affiliations":[{"raw_affiliation_string":"China Aerospace Engineering Consultation Center Beijing People's Republic of China","institution_ids":["https:\/\/openalex.org\/I4210127390"]},{"raw_affiliation_string":"China Aerospace Engineering Consultation CenterBeijingPeople's Republic of China","institution_ids":["https:\/\/openalex.org\/I4210110108"]}]},{"author_position":"last","author":{"id":"https:\/\/openalex.org\/A5103418844","display_name":"Xiao\u2010yin Wang","orcid":null},"institutions":[{"id":"https:\/\/openalex.org\/I4210127390","display_name":"State Council of the People's Republic of China","ror":"https:\/\/ror.org\/02fzqav45","country_code":"CN","type":"government","lineage":["https:\/\/openalex.org\/I4210127390"]},{"id":"https:\/\/openalex.org\/I4210110108","display_name":"Aerospace Center Hospital","ror":"https:\/\/ror.org\/01yb3sb52","country_code":"CN","type":"healthcare","lineage":["https:\/\/openalex.org\/I4210110108"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiao\u2010yin Wang","raw_affiliation_strings":["China Aerospace Engineering Consultation Center Beijing People's Republic of China","China Aerospace Engineering Consultation CenterBeijingPeople's Republic of China"],"affiliations":[{"raw_affiliation_string":"China Aerospace Engineering Consultation Center Beijing People's Republic of China","institution_ids":["https:\/\/openalex.org\/I4210127390"]},{"raw_affiliation_string":"China Aerospace Engineering Consultation CenterBeijingPeople's Republic of China","institution_ids":["https:\/\/openalex.org\/I4210110108"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https:\/\/openalex.org\/A5012076833"],"corresponding_institution_ids":["https:\/\/openalex.org\/I125839683"],"apc_list":{"value":2000,"currency":"EUR","value_usd":2200},"apc_paid":null,"fwci":0,"has_fulltext":true,"cited_by_count":9,"citation_normalized_percentile":{"value":0.07120618,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":"8","issue":"2","first_page":"140","last_page":"151"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https:\/\/openalex.org\/T11241","display_name":"Advanced Malware Detection Techniques","score":1,"subfield":{"id":"https:\/\/openalex.org\/subfields\/1711","display_name":"Signal Processing"},"field":{"id":"https:\/\/openalex.org\/fields\/17","display_name":"Computer Science"},"domain":{"id":"https:\/\/openalex.org\/domains\/3","display_name":"Physical Sciences"}},"topics":[{"id":"https:\/\/openalex.org\/T11241","display_name":"Advanced Malware Detection Techniques","score":1,"subfield":{"id":"https:\/\/openalex.org\/subfields\/1711","display_name":"Signal Processing"},"field":{"id":"https:\/\/openalex.org\/fields\/17","display_name":"Computer Science"},"domain":{"id":"https:\/\/openalex.org\/domains\/3","display_name":"Physical Sciences"}},{"id":"https:\/\/openalex.org\/T10400","display_name":"Network Security and Intrusion Detection","score":0.9976999759674072,"subfield":{"id":"https:\/\/openalex.org\/subfields\/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https:\/\/openalex.org\/fields\/17","display_name":"Computer Science"},"domain":{"id":"https:\/\/openalex.org\/domains\/3","display_name":"Physical Sciences"}},{"id":"https:\/\/openalex.org\/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9621999859809875,"subfield":{"id":"https:\/\/openalex.org\/subfields\/1712","display_name":"Software"},"field":{"id":"https:\/\/openalex.org\/fields\/17","display_name":"Computer Science"},"domain":{"id":"https:\/\/openalex.org\/domains\/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https:\/\/openalex.org\/keywords\/malware","display_name":"Malware","score":0.9335272908210754},{"id":"https:\/\/openalex.org\/keywords\/computer-science","display_name":"Computer science","score":0.8052542209625244},{"id":"https:\/\/openalex.org\/keywords\/identification","display_name":"Identification (biology)","score":0.7823255062103271},{"id":"https:\/\/openalex.org\/keywords\/obfuscation","display_name":"Obfuscation","score":0.7229751348495483},{"id":"https:\/\/openalex.org\/keywords\/identifier","display_name":"Identifier","score":0.6365686655044556},{"id":"https:\/\/openalex.org\/keywords\/cryptovirology","display_name":"Cryptovirology","score":0.5448598265647888},{"id":"https:\/\/openalex.org\/keywords\/computer-security","display_name":"Computer security","score":0.472999632358551},{"id":"https:\/\/openalex.org\/keywords\/machine-learning","display_name":"Machine learning","score":0.4218139350414276},{"id":"https:\/\/openalex.org\/keywords\/process","display_name":"Process (computing)","score":0.42117375135421753},{"id":"https:\/\/openalex.org\/keywords\/classifier","display_name":"Classifier (UML)","score":0.41160067915916443},{"id":"https:\/\/openalex.org\/keywords\/artificial-intelligence","display_name":"Artificial intelligence","score":0.39198970794677734},{"id":"https:\/\/openalex.org\/keywords\/data-mining","display_name":"Data mining","score":0.3835294842720032},{"id":"https:\/\/openalex.org\/keywords\/operating-system","display_name":"Operating system","score":0.08760979771614075},{"id":"https:\/\/openalex.org\/keywords\/computer-network","display_name":"Computer network","score":0.07359257340431213}],"concepts":[{"id":"https:\/\/openalex.org\/C541664917","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q14001","display_name":"Malware","level":2,"score":0.9335272908210754},{"id":"https:\/\/openalex.org\/C41008148","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q21198","display_name":"Computer science","level":0,"score":0.8052542209625244},{"id":"https:\/\/openalex.org\/C116834253","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q2039217","display_name":"Identification (biology)","level":2,"score":0.7823255062103271},{"id":"https:\/\/openalex.org\/C40305131","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q2616305","display_name":"Obfuscation","level":2,"score":0.7229751348495483},{"id":"https:\/\/openalex.org\/C154504017","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q853614","display_name":"Identifier","level":2,"score":0.6365686655044556},{"id":"https:\/\/openalex.org\/C84525096","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q3506050","display_name":"Cryptovirology","level":3,"score":0.5448598265647888},{"id":"https:\/\/openalex.org\/C38652104","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q3510521","display_name":"Computer security","level":1,"score":0.472999632358551},{"id":"https:\/\/openalex.org\/C119857082","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q2539","display_name":"Machine learning","level":1,"score":0.4218139350414276},{"id":"https:\/\/openalex.org\/C98045186","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q205663","display_name":"Process (computing)","level":2,"score":0.42117375135421753},{"id":"https:\/\/openalex.org\/C95623464","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.41160067915916443},{"id":"https:\/\/openalex.org\/C154945302","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q11660","display_name":"Artificial intelligence","level":1,"score":0.39198970794677734},{"id":"https:\/\/openalex.org\/C124101348","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q172491","display_name":"Data mining","level":1,"score":0.3835294842720032},{"id":"https:\/\/openalex.org\/C111919701","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q9135","display_name":"Operating system","level":1,"score":0.08760979771614075},{"id":"https:\/\/openalex.org\/C31258907","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q1301371","display_name":"Computer network","level":1,"score":0.07359257340431213},{"id":"https:\/\/openalex.org\/C59822182","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q441","display_name":"Botany","level":1,"score":0},{"id":"https:\/\/openalex.org\/C86803240","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q420","display_name":"Biology","level":0,"score":0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1049\/iet-ifs.2012.0343","is_oa":true,"landing_page_url":"https:\/\/doi.org\/10.1049\/iet-ifs.2012.0343","pdf_url":"https:\/\/onlinelibrary.wiley.com\/doi\/pdfdirect\/10.1049\/iet-ifs.2012.0343","source":{"id":"https:\/\/openalex.org\/S58852226","display_name":"IET Information Security","issn_l":"1751-8709","issn":["1751-8709","1751-8717"],"is_oa":false,"is_in_doaj":true,"is_core":true,"host_organization":"https:\/\/openalex.org\/P4310311714","host_organization_name":"Institution of Engineering and Technology","host_organization_lineage":["https:\/\/openalex.org\/P4310311714"],"host_organization_lineage_names":["Institution of Engineering and Technology"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IET Information Security","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1049\/iet-ifs.2012.0343","is_oa":true,"landing_page_url":"https:\/\/doi.org\/10.1049\/iet-ifs.2012.0343","pdf_url":"https:\/\/onlinelibrary.wiley.com\/doi\/pdfdirect\/10.1049\/iet-ifs.2012.0343","source":{"id":"https:\/\/openalex.org\/S58852226","display_name":"IET Information Security","issn_l":"1751-8709","issn":["1751-8709","1751-8717"],"is_oa":false,"is_in_doaj":true,"is_core":true,"host_organization":"https:\/\/openalex.org\/P4310311714","host_organization_name":"Institution of Engineering and Technology","host_organization_lineage":["https:\/\/openalex.org\/P4310311714"],"host_organization_lineage_names":["Institution of Engineering and Technology"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IET Information Security","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.49000000953674316,"id":"https:\/\/metadata.un.org\/sdg\/16"}],"awards":[{"id":"https:\/\/openalex.org\/G4781332053","display_name":null,"funder_award_id":"91118007","funder_id":"https:\/\/openalex.org\/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https:\/\/openalex.org\/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https:\/\/ror.org\/01h0zpd94"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https:\/\/content.openalex.org\/works\/W1994531415.pdf","grobid_xml":"https:\/\/content.openalex.org\/works\/W1994531415.grobid-xml"},"referenced_works_count":27,"referenced_works":["https:\/\/openalex.org\/W11793293","https:\/\/openalex.org\/W140639879","https:\/\/openalex.org\/W1515180657","https:\/\/openalex.org\/W1522250664","https:\/\/openalex.org\/W1595564425","https:\/\/openalex.org\/W1956767865","https:\/\/openalex.org\/W1995875735","https:\/\/openalex.org\/W2005662348","https:\/\/openalex.org\/W2017985113","https:\/\/openalex.org\/W2039848771","https:\/\/openalex.org\/W2042058229","https:\/\/openalex.org\/W2051223603","https:\/\/openalex.org\/W2065339563","https:\/\/openalex.org\/W2074840958","https:\/\/openalex.org\/W2091618476","https:\/\/openalex.org\/W2099111195","https:\/\/openalex.org\/W2101077503","https:\/\/openalex.org\/W2114312434","https:\/\/openalex.org\/W2125235075","https:\/\/openalex.org\/W2132874238","https:\/\/openalex.org\/W2142368292","https:\/\/openalex.org\/W2143840485","https:\/\/openalex.org\/W2150795982","https:\/\/openalex.org\/W2165224965","https:\/\/openalex.org\/W2399284314","https:\/\/openalex.org\/W2993383518","https:\/\/openalex.org\/W6605706882"],"related_works":["https:\/\/openalex.org\/W2470502009","https:\/\/openalex.org\/W4386041582","https:\/\/openalex.org\/W4386029484","https:\/\/openalex.org\/W2900235625","https:\/\/openalex.org\/W3195170298","https:\/\/openalex.org\/W2322373077","https:\/\/openalex.org\/W2574384165","https:\/\/openalex.org\/W30585751","https:\/\/openalex.org\/W288126387","https:\/\/openalex.org\/W2125235075"],"abstract_inverted_index":{"Malware":[0],"identification":[1,56],"is":[2,13,58,104,150],"the":[3,7,27,147],"process":[4],"of":[5,9,30,82,156],"determining":[6],"maliciousness":[8],"a":[10,52,80,131],"program,":[11],"which":[12,93,134],"necessary":[14],"for":[15,95],"detecting":[16],"malware":[17,39,55,96,132,138,158,164,178],"variants.":[18,139],"Although":[19],"some":[20],"techniques":[21,64],"have":[22],"been":[23],"developed":[24,106],"to":[25,36,107,129],"confront":[26],"rapid":[28],"expansion":[29],"malware,":[31],"they":[32],"are":[33,89,99,122],"not":[34],"efficient":[35],"recognise":[37,177],"booming":[38],"instances,":[40],"and":[41,70,86,175],"can":[42,135,176],"be":[43],"evaded":[44],"by":[45,111],"using":[46],"obfuscation":[47,181],"techniques.":[48,182],"In":[49],"this":[50,61,78],"study,":[51],"novel":[53],"dynamic":[54],"approach":[57,62,149,169],"proposed.":[59],"Concretely,":[60],"employs":[63],"that":[65,167],"explore":[66],"multiple":[67],"execution":[68],"paths":[69],"trigger":[71,109],"malicious":[72,84,120],"behaviours":[73,85,121],"with":[74,114,124,162,180],"resulting":[75],"outcomes.":[76],"To":[77],"end,":[79],"group":[81],"featured":[83],"outcomes":[87],"(MBOs)":[88],"primarily":[90],"constructed,":[91],"from":[92],"weights":[94],"family":[97],"classification":[98],"derived.":[100],"A":[101],"virtual":[102],"monitor":[103],"then":[105],"dynamically":[108],"MBOs":[110,128],"exploring":[112],"multipath":[113],"suitable":[115],"probing":[116],"depths.":[117],"Finally,":[118],"triggered":[119],"modelled":[123],"features":[125],"recorded":[126],"in":[127,152],"train":[130],"classifier":[133],"identify":[136],"unknown":[137],"The":[140,160],"experimental":[141],"results":[142],"on":[143],"test":[144],"cases":[145],"demonstrate":[146],"proposed":[148],"effective":[151],"identifying":[153],"new":[154],"variants":[155],"popular":[157],"families.":[159],"comparison":[161],"latest":[163],"identifiers":[165],"shows":[166],"our":[168],"achieves":[170],"lower":[171],"false":[172],"positive":[173],"rate":[174],"equipped":[179]},"counts_by_year":[{"year":2021,"cited_by_count":1},{"year":2019,"cited_by_count":3},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":3}],"updated_date":"2026-04-21T08:09:41.155169","created_date":"2025-10-10T00:00:00"}