{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,6]],"date-time":"2024-10-06T00:47:51Z","timestamp":1728175671704},"reference-count":37,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2016,6,1]],"date-time":"2016-06-01T00:00:00Z","timestamp":1464739200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61175123"],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100003392","name":"Natural Science Foundation of Fujian Province","doi-asserted-by":"publisher","award":["2015J01238"],"id":[{"id":"10.13039\/501100003392","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Expert Systems with Applications"],"published-print":{"date-parts":[[2016,6]]},"DOI":"10.1016\/j.eswa.2016.01.002","type":"journal-article","created":{"date-parts":[[2016,1,11]],"date-time":"2016-01-11T05:07:41Z","timestamp":1452488861000},"page":"16-25","update-policy":"http:\/\/dx.doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":116,"special_numbering":"C","title":["Malicious sequential pattern mining for automatic malware detection"],"prefix":"10.1016","volume":"52","author":[{"given":"Yujie","family":"Fan","sequence":"first","affiliation":[]},{"given":"Yanfang","family":"Ye","sequence":"additional","affiliation":[]},{"given":"Lifei","family":"Chen","sequence":"additional","affiliation":[]}],"member":"78","reference":[{"key":"10.1016\/j.eswa.2016.01.002_bib0001","doi-asserted-by":"crossref","first-page":"5948","DOI":"10.1016\/j.eswa.2014.03.019","article-title":"Phishing detection based associative classification data mining","volume":"41","author":"Abdelhamid","year":"2014","journal-title":"Expert Systems with Applications"},{"key":"10.1016\/j.eswa.2016.01.002_bib0002","unstructured":"Ahmadi, M., Giacinto, G., Ulyanov, D., Semenov, S. Trofimov, M. (2015). Novel feature extraction, selection and fusion for effective malware family classification. arXiv: http:\/\/arxiv.org\/abs\/1511.04317."},{"key":"10.1016\/j.eswa.2016.01.002_bib0003","doi-asserted-by":"crossref","first-page":"11","DOI":"10.1016\/S1361-3723(13)70072-1","article-title":"Malware detection by behavioural sequential patterns","volume":"2013","author":"Ahmadi","year":"2013","journal-title":"Computer Fraud & Security"},{"key":"10.1016\/j.eswa.2016.01.002_bib0004","series-title":"Proceedings of 46th hawaii international conference on system sciences","first-page":"5039","article-title":"Exploring hidden markov models for virus analysis: a semantic approach","author":"Austin","year":"2013"},{"key":"10.1016\/j.eswa.2016.01.002_bib0005","series-title":"Proceedings of the 5th conference on information and knowledge technology","first-page":"113","article-title":"A survey on heuristic malware detection techniques","author":"Bazrafshan","year":"2013"},{"key":"10.1016\/j.eswa.2016.01.002_bib0006","series-title":"Proceedings of the 4th international conference on knowledge discovery and data mining","article-title":"Integrating classification and association rule mining","author":"Bing","year":"1998"},{"key":"10.1016\/j.eswa.2016.01.002_bib0007","unstructured":"C32Asm (2011). https:\/\/tuts4you.com\/download.php?view.1130. Accessed 22.06.14."},{"key":"10.1016\/j.eswa.2016.01.002_bib0010","doi-asserted-by":"crossref","first-page":"6","DOI":"10.1145\/2089125.2089126","article-title":"A survey on automated dynamic malware-analysis techniques and tools","volume":"44","author":"Egele","year":"2012","journal-title":"Computing Surveys"},{"key":"10.1016\/j.eswa.2016.01.002_bib0011","series-title":"Proceedings of the 12th international symposium on recent advances in intrusion detection","first-page":"101","article-title":"Automatic generation of string signatures for malware detection","author":"Griffin","year":"2009"},{"key":"10.1016\/j.eswa.2016.01.002_bib0012","first-page":"986","article-title":"KNN model-based approach in classification","author":"Guo","year":"2003"},{"key":"10.1016\/j.eswa.2016.01.002_bib0013","series-title":"Data mining: Concepts and techniques","author":"Han","year":"2006"},{"key":"10.1016\/j.eswa.2016.01.002_bib0014","doi-asserted-by":"crossref","first-page":"151","DOI":"10.3233\/JCS-980109","article-title":"Intrusion detection using sequences of system calls","volume":"6","author":"Hofmeyr","year":"1998","journal-title":"Journal of Computer Security"},{"key":"10.1016\/j.eswa.2016.01.002_bib0015","first-page":"930","article-title":"Techniques in detection and analyzing malware executables: A review","volume":"3","author":"Jain","year":"2014","journal-title":"International Journal of Computer Science and Mobile Computing"},{"key":"10.1016\/j.eswa.2016.01.002_bib0016","series-title":"Proceedings of 4th virus bulletin international conference","first-page":"178","article-title":"Automatic extraction of computer virus signatures","author":"Kephart","year":"1994"},{"key":"10.1016\/j.eswa.2016.01.002_bib0017","series-title":"Proceedings of the 15th international conference on knowledge discovery and data mining","first-page":"557","article-title":"Classification of software behaviors for failure detection: a discriminative pattern mining approach","author":"Lo","year":"2009"},{"key":"10.1016\/j.eswa.2016.01.002_bib0018","doi-asserted-by":"crossref","first-page":"3311","DOI":"10.1002\/sec.1255","article-title":"DLLMiner: Structural mining for malware detection","volume":"8","author":"Narouei","year":"2015","journal-title":"Security and Communication Networks"},{"key":"10.1016\/j.eswa.2016.01.002_bib0019","doi-asserted-by":"crossref","first-page":"5843","DOI":"10.1016\/j.eswa.2014.02.053","article-title":"Novel active learning methods for enhanced PC malware detection in windows OS","volume":"41","author":"Nissim","year":"2014","journal-title":"Expert Systems with Applications"},{"key":"10.1016\/j.eswa.2016.01.002_bib0020","series-title":"Knowledge engineering and management","first-page":"225","article-title":"CBM: Free, automatic malware analysis framework using API call sequences","author":"Qiao","year":"2014"},{"key":"10.1016\/j.eswa.2016.01.002_bib0021","series-title":"Proceedings of international conference on e-learning and e-technologies in education","first-page":"209","article-title":"Opcodes histogram for classifying metamorphic portable executables malware","author":"Rad","year":"2012"},{"key":"10.1016\/j.eswa.2016.01.002_bib0022","unstructured":"McAfee Labs (2015). McAfee Labs threats report: May 2015. http:\/\/www.mcafee.com\/us\/resources\/reports\/rpquarterlythreatq12015.pdf. Accessed 17.12.15."},{"key":"10.1016\/j.eswa.2016.01.002_bib0023","doi-asserted-by":"crossref","first-page":"37","DOI":"10.1007\/s11416-012-0160-5","article-title":"Opcode graph similarity and metamorphic detection","volume":"8","author":"Runwal","year":"2012","journal-title":"Journal in Computer Virology"},{"key":"10.1016\/j.eswa.2016.01.002_bib0024","series-title":"Engineering secure software and system","first-page":"35","article-title":"Idea: Opcode-sequence-based malware detection","author":"Santos","year":"2010"},{"key":"10.1016\/j.eswa.2016.01.002_bib0025","series-title":"Proceedings of the IEEE symposium on security and privacy","first-page":"38","article-title":"Data mining methods for detection of new malicious executables","volume":"36","author":"Schultz","year":"2001"},{"key":"10.1016\/j.eswa.2016.01.002_bib0026","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1186\/2190-8532-1-1","article-title":"Detecting unknown malicious code by applying classification techniques on opcode patterns","volume":"1","author":"Shabtai","year":"2012","journal-title":"Security Informatics"},{"key":"10.1016\/j.eswa.2016.01.002_bib0027","series-title":"Proceedings of the international conference on data mining","first-page":"426","article-title":"Objective-oriented utility-based association mining","author":"Shen","year":"2002"},{"key":"10.1016\/j.eswa.2016.01.002_bib0028","series-title":"Proceedings of international joint conference on artificial intelligence","first-page":"1130","article-title":"Beyond TFIDF weighting for text categorization in the vector space model","volume":"5","author":"Soucy","year":"2005"},{"key":"10.1016\/j.eswa.2016.01.002_bib0029","series-title":"Mining sequential patterns: Generalizations and performance improvements","author":"Srikant","year":"1996"},{"key":"10.1016\/j.eswa.2016.01.002_bib0030","doi-asserted-by":"crossref","first-page":"4672","DOI":"10.1016\/j.eswa.2008.06.037","article-title":"A rough set approach for automatic key attributes identification of zero-day polymorphic worms","volume":"36","author":"Sun","year":"2009","journal-title":"Expert Systems with Applications"},{"key":"10.1016\/j.eswa.2016.01.002_bib0031","series-title":"Proceedings of the international conference on automation science and engineering","first-page":"1212","article-title":"Malware detection via API calls, topic models and machine learning","author":"Sundarkumar","year":"2015"},{"key":"10.1016\/j.eswa.2016.01.002_bib0032","unstructured":"Symantec (2015). Symantec intelligent report: October 2015. http:\/\/www.symantec.com\/content\/en\/us\/enterprise\/otherresources\/b-intelligencereport102015enus.pdf. Accessed 17.12.15."},{"key":"10.1016\/j.eswa.2016.01.002_bib0033","series-title":"Proceedings of the international conference on advances in computing, communications and informatics","first-page":"2337","article-title":"Malware detection and classification based on extraction of API sequences","author":"Uppal","year":"2014"},{"key":"10.1016\/j.eswa.2016.01.002_bib0034","series-title":"Proceedings of the 9th ACM symposium on information, computer and communications security","first-page":"271","article-title":"Malware detection with quantitative data flow graphs","author":"Wchner","year":"2014"},{"key":"10.1016\/j.eswa.2016.01.002_bib0035","series-title":"Proceedings of international conference on machine learning","first-page":"412","article-title":"A comparative study on feature selection in text categorization","volume":"97","author":"Yang","year":"1997"},{"key":"10.1016\/j.eswa.2016.01.002_bib0036","series-title":"Proceedings of the 16th international conference on knowledge discovery and data mining","first-page":"95","article-title":"Automatic malware categorization using cluster ensemble","author":"Ye","year":"2010"},{"key":"10.1016\/j.eswa.2016.01.002_bib0037","doi-asserted-by":"crossref","first-page":"323","DOI":"10.1007\/s11416-008-0082-4","article-title":"An intelligent PE-malware detection system based on association mining","volume":"4","author":"Ye","year":"2008","journal-title":"Journal in computer virology"},{"key":"10.1016\/j.eswa.2016.01.002_bib0038","doi-asserted-by":"crossref","first-page":"3587","DOI":"10.1016\/j.eswa.2008.02.003","article-title":"Pseudo nearest neighbor rule for pattern classification","volume":"36","author":"Zeng","year":"2009","journal-title":"Expert Systems with Applications"},{"key":"10.1016\/j.eswa.2016.01.002_bib0039","doi-asserted-by":"crossref","first-page":"2761","DOI":"10.3724\/SP.J.1087.2012.02761","article-title":"Hierarchical feature selection method for detection of obfuscated malicious code","volume":"32","author":"Zhang","year":"2012","journal-title":"Journal of Computer Applications"}],"container-title":["Expert Systems with Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S095741741600004X?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S095741741600004X?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2018,9,16]],"date-time":"2018-09-16T03:58:32Z","timestamp":1537070312000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S095741741600004X"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,6]]},"references-count":37,"alternative-id":["S095741741600004X"],"URL":"http:\/\/dx.doi.org\/10.1016\/j.eswa.2016.01.002","relation":{},"ISSN":["0957-4174"],"issn-type":[{"value":"0957-4174","type":"print"}],"subject":[],"published":{"date-parts":[[2016,6]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"Malicious sequential pattern mining for automatic malware detection","name":"articletitle","label":"Article Title"},{"value":"Expert Systems with Applications","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.eswa.2016.01.002","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"Copyright \u00a9 2016 Elsevier Ltd. All rights reserved.","name":"copyright","label":"Copyright"}]}}
