research-article

API2Vec: Learning Representations of API Sequences for Malware Detection

Authors:

Zhenquan DingAuthors Info & Claims

ISSTA 2023: Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis

Pages 261 - 273

https://doi.org/10.1145/3597926.3598054

Published: 13 July 2023 Publication History

Abstract

Analyzing malware based on API call sequence is an effective approach as the sequence reflects the dynamic execution behavior of malware.Recent advancements in deep learning have led to the application of these techniques for mining useful information from API call sequences. However, these methods mainly operate on raw sequences and may not effectively capture important information especially for multi-process malware, mainly due to the API call interleaving problem.

Motivated by that, this paper presents API2Vec, a graph based API embedding method for malware detection. First, we build a graph model to represent the raw sequence. In particular, we design the temporal process graph (TPG) to model inter-process behavior and temporal API graph (TAG) to model intra-process behavior. With such graphs, we design a heuristic random walk algorithm to generate a number of paths that can capture the fine-grained malware behavior. By pre-training the paths using the Doc2Vec model, we are able to generate the embeddings of paths and APIs, which can further be used for malware detection. The experiments on a real malware dataset demonstrate that API2Vec outperforms the state-of-the-art embedding methods and detection methods for both accuracy and robustness, especially for multi-process malware.

References

[1]

2022. Cuckoo Sandbox. Website. https://cuckoosandbox.org/

[2]

2022. NIST: National Institute of Standards and Technology. Website. https://www.nist.gov/

[3]

2022. VirusSign Incorporation. Website. https://www.virussign.com

[4]

2023. VirusTotal reports. Website. https://www.virustotal.com/gui/file/bd49943e2db92d09287923b159b111c33f3374344cf39109aebaa81fc2cd16e0

[5]

2023. VirusTotal reports. Website. https://www.virustotal.com/gui/file/d9ba27e5554c95350ca0800051d6eca19251c3a8d98662b2b7afbc06e8ead9a6

[6]

Muhamed Fauzi Bin Abbas and Thambipillai Srikanthan. 2017. Low-complexity signature-based malware detection for IoT devices. In International Conference on Applications and Techniques in Information Security. 181–189. https://doi.org/10.1007/978-981-10-5421-1_15

[7]

Faraz Ahmed, Haider Hameed, M Zubair Shafiq, and Muddassar Farooq. 2009. Using spatio-temporal information in API calls with machine learning algorithms for malware detection. In Proceedings of the 2nd ACM Workshop on Security and Artificial Intelligence. 55–62. https://doi.org/10.1145/1654988.1655003

Digital Library

[8]

Uri Alon, Shaked Brody, Omer Levy, and Eran Yahav. 2018. code2seq: Generating sequences from structured representations of code. arXiv preprint arXiv:1808.01400, https://doi.org/10.48550/arXiv.1808.01400

[9]

Eslam Amer and Ivan Zelinka. 2020. A dynamic windows malware detection and prediction method based on contextual understanding of api call sequence. Computers & Security, 92 (2020), 101760. https://doi.org/10.1016/j.cose.2020.101760

[10]

Eslam Amer, Ivan Zelinka, and Shaker El-Sappagh. 2021. A Multi-Perspective malware detection approach through behavioral fusion of API call sequence. Computers & Security, 110 (2021), 102449. https://doi.org/10.1016/j.cose.2021.102449

Digital Library

[11]

H. S. Anderson and P. Roth. 2018. EMBER: An Open Dataset for Training Static PE Malware Machine Learning Models. ArXiv e-prints, April, https://doi.org/10.48550/arXiv.1804.04637 arxiv:1804.04637.

[12]

Ömer Aslan Aslan and Refik Samet. 2020. A comprehensive review on malware detection approaches. IEEE Access, 8 (2020), 6249–6271. https://doi.org/10.1109/ACCESS.2019.2963724

[13]

Seyyed Mojtaba Bidoki, Saeed Jalili, and Asghar Tajoddin. 2017. PbMMD: A novel policy based multi-process malware detection. Engineering Applications of Artificial Intelligence, 60 (2017), 57–70. https://doi.org/10.1016/j.engappai.2016.12.008

Digital Library

[14]

Ross Brewer. 2016. Ransomware attacks: detection, prevention and cure. Network Security, 2016, 9 (2016), 5–9. https://doi.org/10.1016/S1353-4858(16)30086-1

Digital Library

[15]

Ferhat Ozgur Catak, Javed Ahmed, Kevser Sahinbas, and Zahid Hussain Khand. 2021. Data augmentation based malware detection using convolutional neural networks. PeerJ Computer Science, 7 (2021), Jan., e346. issn:2376-5992 https://doi.org/10.7717/peerj-cs.346

[16]

Patrick Shicheng Chen, Shu-Chiung Lin, and Chien-Hsing Sun. 2015. Simple and effective method for detecting abnormal internet behaviors of mobile devices. Information Sciences, 321 (2015), 193–204. https://doi.org/10.1016/j.ins.2015.04.035

Digital Library

[17]

Xiaohui Chen, Zhiyu Hao, Lun Li, Lei Cui, Yiran Zhu, Zhenquan Ding, and Yongji Liu. 2022. CruParamer: Learning on Parameter-Augmented API Sequences for Malware Detection. IEEE Transactions on Information Forensics and Security, 17 (2022), 788–803. https://doi.org/10.1109/TIFS.2022.3152360

[18]

John Cloonan. 2019. Advanced Malware Detection – Signatures vs. Behavior Analysis. https://www.cyberdefensemagazine.com/advanced-malware-detection/

[19]

George E Dahl and Jack W Stokes. 2013. Large-scale malware classification using random projections and neural networks. In 2013 IEEE International Conference on Acoustics, Speech and Signal Processing. 3422–3426. https://doi.org/10.1109/ICASSP.2013.6638293

[20]

Steven HH Ding, Benjamin CM Fung, and Philippe Charland. 2019. Asm2vec: Boosting static representation robustness for binary clone search against code obfuscation and compiler optimization. In 2019 IEEE Symposium on Security and Privacy (SP). 472–489. https://doi.org/10.1109/SP.2019.00003

[21]

Yuxin Ding, Xiaoling Xia, Sheng Chen, and Ye Li. 2018. A malware detection method based on family behavior graph. Computers & Security, 73 (2018), 73–86. https://doi.org/10.1016/j.cose.2017.10.007

[22]

Daniele Cono D’Elia, Lorenzo Invidia, and Leonardo Querzoni. 2021. Rope: Covert multi-process malware execution with return-oriented programming. In European Symposium on Research in Computer Security. 197–217. https://doi.org/10.1007/978-3-030-88418-5_10

Digital Library

[23]

Mohamed El Boujnouni, Mohamed Jedra, and Noureddine Zahid. 2015. New malware detection framework based on N-grams and support vector domain description. In 2015 11th international conference on information assurance and security (IAS). 123–128. https://doi.org/10.1109/ISIAS.2015.7492756

[24]

Ammar Ahmed E Elhadi, Mohd Aizaini Maarof, and Bazara IA Barry. 2013. Improving the detection of malware behaviour using simplified data dependent API call graph. International Journal of Security and Its Applications, 7, 5 (2013), 29–42. https://doi.org/10.14257/ijsia.2013.7.5.03

[25]

Lejun Fan, Yuanzhuo Wang, Xueqi Cheng, Jinming Li, and Shuyuan Jin. 2015. Privacy theft malware multi-process collaboration analysis. Security and Communication Networks, 8, 1 (2015), 51–67. https://doi.org/10.1002/sec.705

Digital Library

[26]

Ming Fan, Jun Liu, Xiapu Luo, Kai Chen, Zhenzhou Tian, Qinghua Zheng, and Ting Liu. 2018. Android malware familial classification and representative sample selection via frequent subgraph analysis. IEEE Transactions on Information Forensics and Security, 13, 8 (2018), 1890–1905. https://doi.org/10.1109/TIFS.2018.2806891

[27]

Ivan Firdausi, Alva Erwin, and Anto Satriyo Nugroho. 2010. Analysis of machine learning techniques used in behavior-based malware detection. In 2010 second international conference on advances in computing, control, and telecommunication technologies. 201–203. https://doi.org/10.1109/ACT.2010.33

Digital Library

[28]

Fabio De Gaspari, Dorjan Hitaj, Giulio Pagnotta, Lorenzo De Carli, and Luigi V Mancini. 2020. The naked sun: Malicious cooperation between benign-looking processes. In International Conference on Applied Cryptography and Network Security. 254–274. https://doi.org/10.1007/978-3-030-57878-7_13

Digital Library

[29]

Daniel Gibert, Carles Mateu, and Jordi Planes. 2020. The rise of machine learning for detection and classification of malware: Research developments, trends and challenges. Journal of Network and Computer Applications, 153 (2020), 102526. https://doi.org/10.1016/j.jnca.2019.102526

Digital Library

[30]

Google. 2021. Colab. Website. https://colab.research.google.com/

[31]

Aditya Grover and Jure Leskovec. 2016. node2vec: Scalable feature learning for networks. In Proceedings of the 22nd ACM SIGKDD international conference on Knowledge discovery and data mining. 855–864. https://doi.org/10.1145/2939672.2939754

Digital Library

[32]

Steven Strandlund Hansen and Thor Mark Tampus Larsen. 2016. An approach for detection and family classification of malware based on behavioral analysis. In 2016 ICNC. 1–5. https://doi.org/10.1109/ICCNC.2016.7440587

[33]

Weiwei Hu and Ying Tan. 2018. Black-box attacks against RNN based malware detection algorithms. In Workshops at the Thirty-Second AAAI Conference on Artificial Intelligence. https://doi.org/10.48550/arXiv.1705.08131

[34]

Kyriakos K. Ispoglou and Mathias Payer. 2016. MalWASH: Washing Malware to Evade Dynamic Analysis. In Proceedings of the 10th USENIX Conference on Offensive Technologies (WOOT’16). 106–117. https://doi.org/10.5555/3027019.3027029

Digital Library

[35]

Yuede Ji, Yukun He, Dewei Zhu, Qiang Li, and Dong Guo. 2014. A mulitiprocess mechanism of evading behavior-based bot detection approaches. In International conference on information security practice and experience. 75–89. https://doi.org/10.1007/978-3-319-06320-1_7

Digital Library

[36]

Roberto Jordaney, Kumar Sharad, Santanu K Dash, Zhi Wang, Davide Papini, Ilia Nouretdinov, and Lorenzo Cavallaro. 2017. Transcend: Detecting concept drift in malware classification models. In 26th USENIX Security Symposium (USENIX Security 17). 625–642. https://doi.org/10.5555/3241189.3241239

Digital Library

[37]

Kaggle. 2021. Malware Dataset. Website. https://www.kaggle.com/datasets/blackarcher/malware-dataset

[38]

Youngjoon Ki, Eunjin Kim, and Huy Kang Kim. 2015. A novel approach to detect malware based on API call sequence analysis. International Journal of Distributed Sensor Networks, 11, 6 (2015), 659101. https://doi.org/10.1155/2015/659101

[39]

Chan Woo Kim. 2018. Ntmaldetect: A machine learning approach to malware detection using native api system calls. arXiv preprint arXiv:1802.05412, https://doi.org/10.48550/arXiv.1802.05412

[40]

Dhilung Kirat and Giovanni Vigna. 2015. MalGene: Automatic Extraction of Malware Analysis Evasion Signature. In ACM SIGSAC Conference on Computer and Communications Security. 769–780. https://doi.org/10.1145/2810103.2813642

Digital Library

[41]

Engin Kirda and Christopher Krügel. 2006. Behavior-based Spyware Detection. In USENIX Security Symposium.

[42]

Clemens Kolbitsch, Paolo Milani Comparetti, Christopher Kruegel, Engin Kirda, Xiao-yong Zhou, and XiaoFeng Wang. 2009. Effective and efficient malware detection at the end host. In USENIX security symposium. 4, 351–366.

Digital Library

[43]

Alexander Küchler, Alessandro Mantovani, Yufei Han, Leyla Bilge, and Davide Balzarotti. 2021. Does every second count? time-based evolution of malware behavior in sandboxes. In Proceedings of the Network and Distributed System Security Symposium, NDSS. The Internet Society. https://doi.org/10.14722/ndss.2021.24475

[44]

Quoc Le and Tomas Mikolov. 2014. Distributed representations of sentences and documents. In International conference on machine learning. 1188–1196.

Digital Library

[45]

Ce Li, Zijun Cheng, He Zhu, Leiqi Wang, Qiujian Lv, Yan Wang, Ning Li, and Degang Sun. 2022. DMalNet: Dynamic malware analysis based on API feature engineering and graph learning. Computers & Security, 122 (2022), 102872. https://doi.org/10.1016/j.cose.2022.102872

Digital Library

[46]

Ce Li, Qiujian Lv, Ning Li, Yan Wang, Degang Sun, and Yuanyuan Qiao. 2022. A novel deep framework for dynamic malware detection based on API sequence intrinsic features. Computers & Security, 116 (2022), 102686. https://doi.org/10.1016/j.cose.2022.102686

Digital Library

[47]

Jin Li, Lichao Sun, Qiben Yan, Zhiqiang Li, Witawas Srisa-An, and Heng Ye. 2018. Significant permission identification for machine-learning-based android malware detection. IEEE Transactions on Industrial Informatics, 14, 7 (2018), 3216–3225. https://doi.org/10.1109/TII.2017.2789219

[48]

Olav Lysne. 2018. The Huawei and Snowden Questions: Can Electronic Equipment from Untrusted Vendors be Verified? Can an Untrusted Vendor Build Trust Into Electronic Equipment? Springer Nature. https://doi.org/10.1007/978-3-319-74950-1

[49]

Microsoft. 2015. Microsoft Malware Classification Challenge. Website. https://www.kaggle.com/competitions/malware-classification/data

[50]

Tomas Mikolov, Kai Chen, Greg Corrado, and Jeffrey Dean. 2013. Efficient estimation of word representations in vector space. arXiv preprint arXiv:1301.3781, https://doi.org/10.48550/arXiv.1301.3781

[51]

Fahad Mira. 2019. A review paper of malware detection using api call sequences. In 2019 2nd International Conference on Computer Applications & Information Security (ICCAIS). 1–6. https://doi.org/10.1109/CAIS.2019.8769564

[52]

Robert Moir. 2009. Defining Malware: FAQ. Website. https://docs.microsoft.com/en-us/previous-versions/tn-archive/dd632948(v=technet.10)?redirectedfrom=MSDN

[53]

Bruce Ndibanje, Ki Hwan Kim, Young Jin Kang, Hyun Ho Kim, Tae Yong Kim, and Hoon Jae Lee. 2019. Cross-method-based analysis and classification of malicious behavior by api calls extraction. Applied Sciences, 9, 2 (2019), 239. https://doi.org/10.3390/app9020239

[54]

Quoc-Dung Ngo, Huy-Trung Nguyen, Van-Hoang Le, and Doan-Hieu Nguyen. 2020. A survey of IoT malware and detection methods based on static features. ICT Express, 6, 4 (2020), 280–286. https://doi.org/10.1016/j.icte.2020.04.005

[55]

Stavros D Nikolopoulos and Iosif Polenakis. 2017. A graph-based model for malware detection and classification using system-call groups. Journal of Computer Virology and Hacking Techniques, 13, 1 (2017), 29–46. https://doi.org/10.1007/s11416-016-0267-1

[56]

Ori Or-Meir, Nir Nissim, Yuval Elovici, and Lior Rokach. 2019. Dynamic malware analysis in the modern era—A state of the art survey. ACM Computing Surveys (CSUR), 52, 5 (2019), 1–48. https://doi.org/10.1145/3329786

Digital Library

[57]

Abdurrahman Pektaş and Tankut Acarman. 2020. Deep learning for effective Android malware detection using API call graph embeddings. Soft Computing, 24, 2 (2020), 1027–1043. https://doi.org/10.1007/s00500-019-03940-5

Digital Library

[58]

Feargus Pendlebury, Fabio Pierazzi, Roberto Jordaney, Johannes Kinder, and Lorenzo Cavallaro. 2019. $TESSERACT$: Eliminating experimental bias in malware classification across space and time. In 28th USENIX Security Symposium (USENIX Security 19). 729–746. https://doi.org/10.5555/3361338.3361389

Digital Library

[59]

Xiaowei Peng, Hequn Xian, Qian Lu, and Xiuqing Lu. 2021. Semantics aware adversarial malware examples generation for black-box attacks. Applied Soft Computing, 109 (2021), 107506. https://doi.org/10.1016/j.asoc.2021.107506

Digital Library

[60]

Bryan Perozzi, Rami Al-Rfou, and Steven Skiena. 2014. Deepwalk: Online learning of social representations. In Proceedings of the 20th ACM SIGKDD international conference on Knowledge discovery and data mining. 701–710. https://doi.org/10.1145/2623330.2623732

Digital Library

[61]

Marco Ramilli, Matt Bishop, and Shining Sun. 2011. Multiprocess malware. 2011 6th International Conference on Malicious and Unwanted Software, 8–13. https://doi.org/10.1109/MALWARE.2011.6112320

Digital Library

[62]

Konrad Rieck, Thorsten Holz, Carsten Willems, Patrick Düssel, and Pavel Laskov. 2008. Learning and classification of malware behavior. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. 108–125. https://doi.org/10.1007/978-3-540-70542-0_6

Digital Library

[63]

Ishai Rosenberg and Asaf Shabtai. 2018. Generic black-box end-to-end attack against state of the art API call based malware classifiers. In International Symposium on Research in Attacks, Intrusions, and Defenses. 490–510. https://doi.org/10.1007/978-3-030-00470-5_23

[64]

Raj Samani. 2021. McAfee Labs Threats Report–June 2021. McAfee Labs.

[65]

Andrea Saracino, Daniele Sgandurra, Gianluca Dini, and Fabio Martinelli. 2016. Madam: Effective and efficient behavior-based android malware detection and prevention. IEEE Transactions on Dependable and Secure Computing, 15, 1 (2016), 83–97. https://doi.org/10.1109/TDSC.2016.2536605

[66]

Virus Total. 2022. Virustotal-free online virus, malware and url scanner. Online: https://www.virustotal.com/en, 2 (2022).

[67]

Trung Kien Tran and Hiroshi Sato. 2017. NLP-based approaches for malware classification from API sequences. In 2017 21st Asia Pacific Symposium on Intelligent and Evolutionary Systems (IES). 101–105. https://doi.org/10.1109/IESYS.2017.8233569

[68]

Swapna Vemparala, Fabio Di Troia, Visaggio Aaron Corrado, Thomas H Austin, and Mark Stamo. 2016. Malware detection using dynamic birthmarks. In Proceedings of the 2016 ACM on international workshop on security and privacy analytics. 41–46. https://doi.org/10.1145/2875475.2875476

Digital Library

[69]

Deepak Venugopal and Guoning Hu. 2008. Efficient signature based malware detection on mobile devices. Mobile Information Systems, 4, 1 (2008), 33–49.

Digital Library

[70]

Peng Wang, Zhijie Tang, and Junfeng Wang. 2021. A novel few-shot malware classification approach for unknown family recognition with multi-prototype modeling. Computers & Security, 106 (2021), 102273. https://doi.org/10.1016/j.cose.2021.102273

Digital Library

[71]

Ke Xu, Yingjiu Li, Robert Deng, Kai Chen, and Jiayun Xu. 2019. Droidevolver: Self-evolving android malware detection system. In 2019 IEEE European Symposium on Security and Privacy (EuroS&P). 47–62. https://doi.org/10.1109/EuroSP.2019.00014

[72]

Yanfang Ye, Tao Li, Donald Adjeroh, and S Sitharama Iyengar. 2017. A survey on malware detection using data mining techniques. ACM Computing Surveys (CSUR), 50, 3 (2017), 1–40. https://doi.org/10.1145/3073559

Digital Library

[73]

Suleiman Y Yerima, Sakir Sezer, and Gavin McWilliams. 2014. Analysis of Bayesian classification-based approaches for Android malware detection. IET Information Security, 8, 1 (2014), 25–36. https://doi.org/10.1049/iet-ifs.2013.0095

Digital Library

[74]

Salih Yesir and İbrahim Soğukpinar. 2021. Malware Detection and Classification Using fastText and BERT. In 2021 9th International Symposium on Digital Forensics and Security (ISDFS). 1–6. https://doi.org/10.1109/ISDFS52919.2021.9486377

[75]

Zenodo. 2019. Dynamic Malware Analysis kernel and user-level calls. Website. https://zenodo.org/record/1203289

[76]

Xiaohan Zhang, Yuan Zhang, Ming Zhong, Daizong Ding, Yinzhi Cao, Yukun Zhang, Mi Zhang, and Min Yang. 2020. Enhancing state-of-the-art classifiers with api semantics to detect evolved android malware. In Proceedings of the 2020 ACM SIGSAC conference on computer and communications security. 757–770. https://doi.org/10.1145/3372297.3417291

Digital Library

[77]

Zhaoqi Zhang, Panpan Qi, and Wei Wang. 2020. Dynamic malware analysis with feature engineering and feature learning. In Proceedings of the AAAI Conference on Artificial Intelligence. 34, 1210–1217. https://doi.org/10.1609/aaai.v34i01.5474

Cited By

Thabit HAhmad RAbdullah AAbualkishik AAlwan A(2025)Detecting Malicious .NET Executables Using Extracted Methods NamesAI10.3390/ai60200206:2(20)Online publication date: 21-Jan-2025
https://doi.org/10.3390/ai6020020
Peng WCui LCai WWang WCui XHao ZYun X(2025)Bottom Aggregating, Top Separating: An Aggregator and Separator Network for Encrypted Traffic UnderstandingIEEE Transactions on Information Forensics and Security10.1109/TIFS.2025.352931620(1794-1806)Online publication date: 2025
https://doi.org/10.1109/TIFS.2025.3529316
Koppanati RPeddoju S(2025)MSG: Missing-sequence generator for metamorphic malware detectionJournal of Information Security and Applications10.1016/j.jisa.2024.10396289(103962)Online publication date: Mar-2025
https://doi.org/10.1016/j.jisa.2024.103962
Show More Cited By

Index Terms

API2Vec: Learning Representations of API Sequences for Malware Detection
1. Security and privacy
  1. Intrusion/anomaly detection and malware mitigation
    1. Malware and its mitigation
  2. Software and application security
    1. Software security engineering

Recommendations

Sequential opcode embedding-based malware detection method
Abstract
In recent years, researchers have focused on uncovering the distinctive malicious patterns of malware samples through opcode sequences using some feature learning methods to improve the accuracy of malware detection mechanisms. However,...
Graphical abstract

Display Omitted
Highlights
- A new static analysis-based malware detection method.
- Representation learning ...
Opcode sequences as representation of executables for data-mining-based unknown malware detection

Malware can be defined as any type of malicious code that has the potential to harm a computer or network. The volume of malware is growing faster every year and poses a serious global security threat. Consequently, malware detection has become a ...
A comprehensive survey on deep learning based malware detection techniques
Abstract
Recent theoretical and practical studies have revealed that malware is one of the most harmful threats to the digital world. Malware mitigation techniques have evolved over the years to ensure security. Earlier, several classical ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ISSTA 2023: Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis

July 2023

1554 pages

ISBN:9798400702211

DOI:10.1145/3597926

General Chair:
René Just
University of Washington, USA
,
Program Chair:
Gordon Fraser
University of Passau, Germany

Copyright © 2023 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 July 2023

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

National Natural Science Foundation of China

Conference

ISSTA '23

Sponsor:

SIGSOFT

ISSTA '23: 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis

July 17 - 21, 2023

WA, Seattle, USA

Acceptance Rates

Overall Acceptance Rate 58 of 213 submissions, 27%

Upcoming Conference

ISSTA '25

Sponsor:
sigsoft

34th ACM SIGSOFT International Symposium on Software Testing and Analysis

June 25 - 28, 2025

Trondheim , Norway

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

18
Total Citations
View Citations
810
Total Downloads

Downloads (Last 12 months)367
Downloads (Last 6 weeks)22

Reflects downloads up to 02 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Thabit HAhmad RAbdullah AAbualkishik AAlwan A(2025)Detecting Malicious .NET Executables Using Extracted Methods NamesAI10.3390/ai60200206:2(20)Online publication date: 21-Jan-2025
https://doi.org/10.3390/ai6020020
Peng WCui LCai WWang WCui XHao ZYun X(2025)Bottom Aggregating, Top Separating: An Aggregator and Separator Network for Encrypted Traffic UnderstandingIEEE Transactions on Information Forensics and Security10.1109/TIFS.2025.352931620(1794-1806)Online publication date: 2025
https://doi.org/10.1109/TIFS.2025.3529316
Koppanati RPeddoju S(2025)MSG: Missing-sequence generator for metamorphic malware detectionJournal of Information Security and Applications10.1016/j.jisa.2024.10396289(103962)Online publication date: Mar-2025
https://doi.org/10.1016/j.jisa.2024.103962
Guo WXue JMeng WHan WLiu ZWang YLi Z(2024)MalOSDF: An Opcode Slice-Based Malware Detection Framework Using Active and Ensemble LearningElectronics10.3390/electronics1302035913:2(359)Online publication date: 15-Jan-2024
https://doi.org/10.3390/electronics13020359
Lin GWang PCheng SLee H(2024)Improving Robustness in IoT Malware Detection through Execution Order AnalysisACM Transactions on Embedded Computing Systems10.1145/368942724:1(1-17)Online publication date: 26-Aug-2024
https://dl.acm.org/doi/10.1145/3689427
Alotaibi FMaffeis S(2024)Mateen: Adaptive Ensemble Learning for Network Anomaly DetectionProceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3678890.3678901(215-234)Online publication date: 30-Sep-2024
https://dl.acm.org/doi/10.1145/3678890.3678901
Li RZhang CChai HYing LDuan HTao JLuo BLiao XXu JKirda ELie D(2024)PowerPeeler: A Precise and General Dynamic Deobfuscation Method for PowerShell ScriptsProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3670310(4539-4553)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3670310
Xiong MYe C(2024)Universal adversarial triggers for attacking against API sequence: based malware detectorFourth International Conference on Signal Processing and Machine Learning (CONF-SPML 2024)10.1117/12.3027134(20)Online publication date: 1-Apr-2024
https://doi.org/10.1117/12.3027134
Cui LYin JCui JJi YLiu PHao ZYun X(2024)API2Vec++: Boosting API Sequence Representation for Malware Detection and ClassificationIEEE Transactions on Software Engineering10.1109/TSE.2024.342299050:8(2142-2162)Online publication date: Aug-2024
https://doi.org/10.1109/TSE.2024.3422990
Zhu HChen XWang LXu ZSheng V(2024)A Dynamic Analysis-Powered Explanation Framework for Malware DetectionIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2024.343689136:12(7483-7496)Online publication date: Dec-2024
https://doi.org/10.1109/TKDE.2024.3436891
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten