{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,13]],"date-time":"2024-09-13T05:53:14Z","timestamp":1726206794476},"publisher-location":"New York, NY, USA","reference-count":27,"publisher":"ACM","funder":[{"DOI":"10.13039\/501100004963","name":"Seventh Framework Programme","doi-asserted-by":"publisher","award":["2.54E+11"],"id":[{"id":"10.13039\/501100004963","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100000780","name":"European Commission","doi-asserted-by":"publisher","award":["JLS\/2009\/CIPS\/AG\/C2-050"],"id":[{"id":"10.13039\/501100000780","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2011,4,10]]},"DOI":"10.1145\/1972551.1972555","type":"proceedings-article","created":{"date-parts":[[2011,5,3]],"date-time":"2011-05-03T12:48:54Z","timestamp":1304426934000},"update-policy":"http:\/\/dx.doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":69,"title":["Combining static and dynamic analysis for the detection of malicious documents"],"prefix":"10.1145","author":[{"given":"Zacharias","family":"Tzermias","sequence":"first","affiliation":[{"name":"Institute of Computer Science, Greece"}]},{"given":"Giorgos","family":"Sykiotakis","sequence":"additional","affiliation":[{"name":"University of Crete, Greece"}]},{"given":"Michalis","family":"Polychronakis","sequence":"additional","affiliation":[{"name":"Columbia University"}]},{"given":"Evangelos P.","family":"Markatos","sequence":"additional","affiliation":[{"name":"Institute of Computer Science, Greece"}]}],"member":"320","published-online":{"date-parts":[[2011,4,10]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"http:\/\/www.mozilla.org\/js\/spidermonkey\/. http:\/\/www.mozilla.org\/js\/spidermonkey\/."},{"key":"e_1_3_2_1_2_1","unstructured":"http:\/\/www.blade-defender.org\/. http:\/\/www.blade-defender.org\/."},{"key":"e_1_3_2_1_3_1","unstructured":"http:\/\/www.malwaredomainlist.com\/. http:\/\/www.malwaredomainlist.com\/."},{"key":"e_1_3_2_1_4_1","unstructured":"http:\/\/www.offensivecomputing.net\/. http:\/\/www.offensivecomputing.net\/."},{"key":"e_1_3_2_1_5_1","unstructured":"http:\/\/contagiodump.blogspot.com\/. http:\/\/contagiodump.blogspot.com\/."},{"key":"e_1_3_2_1_6_1","unstructured":"http:\/\/www.metasploit.com\/. http:\/\/www.metasploit.com\/."},{"key":"e_1_3_2_1_7_1","unstructured":"http:\/\/www.virustotal.com\/. http:\/\/www.virustotal.com\/."},{"key":"e_1_3_2_1_8_1","unstructured":"http:\/\/www.javascriptobfuscator.com\/. http:\/\/www.javascriptobfuscator.com\/."},{"key":"e_1_3_2_1_9_1","unstructured":"4\n ways to die opening a PDF 2009. http:\/\/esec-lab.sogeti.com\/dotclear\/index.php?post\/2009\/06\/26\/68-at-least-4-ways-to-die-opening-a-pdf. 4 ways to die opening a PDF 2009. http:\/\/esec-lab.sogeti.com\/dotclear\/index.php?post\/2009\/06\/26\/68-at-least-4-ways-to-die-opening-a-pdf."},{"key":"e_1_3_2_1_10_1","unstructured":"M. Cova. Malicious PDF trick: XFA. http:\/\/www.cs.bham.ac.uk\/~covam\/blog\/pdf\/. M. Cova. Malicious PDF trick: XFA. http:\/\/www.cs.bham.ac.uk\/~covam\/blog\/pdf\/."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1772690.1772720"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920310"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-02918-9_6"},{"key":"e_1_3_2_1_14_1","volume-title":"Black Hat Europe","author":"Filiol E.","year":"2008","unstructured":"E. Filiol . New viral threats of PDF language . Black Hat Europe , March 2008 . E. Filiol. New viral threats of PDF language. Black Hat Europe, March 2008."},{"key":"e_1_3_2_1_15_1","unstructured":"S. Ford M. Cova C. Kruegel and G. Vigna. Wepawet. http:\/\/wepawet.cs.ucsb.edu\/. S. Ford M. Cova C. Kruegel and G. Vigna. Wepawet. http:\/\/wepawet.cs.ucsb.edu\/."},{"key":"e_1_3_2_1_16_1","volume-title":"Analyzing malicious pdf files","author":"Holz T.","year":"2009","unstructured":"T. Holz . Analyzing malicious pdf files , 2009 . http:\/\/honeyblog.org\/archives\/12-Analyzing-Malicious-PDF-Files.html. T. Holz. Analyzing malicious pdf files, 2009. http:\/\/honeyblog.org\/archives\/12-Analyzing-Malicious-PDF-Files.html."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-73614-1_14"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920305"},{"key":"e_1_3_2_1_19_1","volume-title":"RECON","author":"Porst S.","year":"2010","unstructured":"S. Porst . How to really obfuscate your PDF malware . RECON , July 2010 . S. Porst. How to really obfuscate your PDF malware. RECON, July 2010."},{"key":"e_1_3_2_1_20_1","volume-title":"Proceedings of the 18th USENIX Security Symposium","author":"Ratanaworabhan P.","year":"2009","unstructured":"P. Ratanaworabhan , B. Livshits , and B. Zorn . NOZZLE: A defense against heap-spraying code injection attacks . In Proceedings of the 18th USENIX Security Symposium , Aug. 2009 . P. Ratanaworabhan, B. Livshits, and B. Zorn. NOZZLE: A defense against heap-spraying code injection attacks. In Proceedings of the 18th USENIX Security Symposium, Aug. 2009."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-009-0128-2"},{"key":"e_1_3_2_1_22_1","volume-title":"The rise of PDF malware","author":"Selvaraj K.","year":"2010","unstructured":"K. Selvaraj and N. F. Gutierres . The rise of PDF malware , 2010 . http:\/\/www.symantec.com\/connect\/blogs\/rise-pdf-malware. K. Selvaraj and N. F. Gutierres. The rise of PDF malware, 2010. http:\/\/www.symantec.com\/connect\/blogs\/rise-pdf-malware."},{"key":"e_1_3_2_1_23_1","unstructured":"D. Stevens. PDF tools. http:\/\/blog.didierstevens.com\/programs\/pdf-tools\/. D. Stevens. PDF tools. http:\/\/blog.didierstevens.com\/programs\/pdf-tools\/."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2011.14"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.45"},{"key":"e_1_3_2_1_26_1","volume-title":"OMG WTF PDF. 27th Chaos Communication Congress (27C3)","author":"Wolf J.","year":"2010","unstructured":"J. Wolf . OMG WTF PDF. 27th Chaos Communication Congress (27C3) , December 2010 . J. Wolf. OMG WTF PDF. 27th Chaos Communication Congress (27C3), December 2010."},{"key":"e_1_3_2_1_27_1","volume-title":"targeted malicious pdf documents exploiting cve-2009-4324","author":"Zdrnja B.","year":"2010","unstructured":"B. Zdrnja . Sophisticated , targeted malicious pdf documents exploiting cve-2009-4324 , 2010 . http:\/\/isc.sans.edu\/diary.html?storyid=7867. B. Zdrnja. Sophisticated, targeted malicious pdf documents exploiting cve-2009-4324, 2010. http:\/\/isc.sans.edu\/diary.html?storyid=7867."}],"event":{"name":"EuroSys '11: Sixth EuroSys Conference 2011","location":"Salzburg Austria","acronym":"EuroSys '11","sponsor":["SIGOPS ACM Special Interest Group on Operating Systems"]},"container-title":["Proceedings of the Fourth European Workshop on System Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1972551.1972555","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,11]],"date-time":"2023-01-11T03:34:01Z","timestamp":1673408041000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1972551.1972555"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011,4,10]]},"references-count":27,"alternative-id":["10.1145\/1972551.1972555","10.1145\/1972551"],"URL":"https:\/\/doi.org\/10.1145\/1972551.1972555","relation":{},"subject":[],"published":{"date-parts":[[2011,4,10]]},"assertion":[{"value":"2011-04-10","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}
