{"id":"https://openalex.org/W3007580316","doi":"https://doi.org/10.1109/bigdata47090.2019.9006514","title":"Can Machine/Deep Learning Classifiers Detect Zero-Day Malware with High Accuracy?","display_name":"Can Machine/Deep Learning Classifiers Detect Zero-Day Malware with High Accuracy?","publication_year":2019,"publication_date":"2019-12-01","ids":{"openalex":"https://openalex.org/W3007580316","doi":"https://doi.org/10.1109/bigdata47090.2019.9006514","mag":"3007580316"},"language":"en","primary_location":{"id":"doi:10.1109/bigdata47090.2019.9006514","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata47090.2019.9006514","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2019 IEEE International Conference on Big Data (Big Data)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5083906665","display_name":"Faranak Abri","orcid":"https://orcid.org/0000-0003-3028-094X"},"institutions":[{"id":"https://openalex.org/I12315562","display_name":"Texas Tech University","ror":"https://ror.org/0405mnx93","country_code":"US","type":"education","lineage":["https://openalex.org/I12315562"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Faranak Abri","raw_affiliation_strings":["Department of Computer Science, Texas Tech University, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Texas Tech University, USA","institution_ids":["https://openalex.org/I12315562"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5066356768","display_name":"Sima Siami\u2010Namini","orcid":"https://orcid.org/0000-0002-0320-352X"},"institutions":[{"id":"https://openalex.org/I12315562","display_name":"Texas Tech University","ror":"https://ror.org/0405mnx93","country_code":"US","type":"education","lineage":["https://openalex.org/I12315562"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sima Siami-Namini","raw_affiliation_strings":["Department of Mathematics and Statistics, Texas Tech University University, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Mathematics and Statistics, Texas Tech University University, USA","institution_ids":["https://openalex.org/I12315562"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046453593","display_name":"Mahdi Adl Khanghah","orcid":null},"institutions":[{"id":"https://openalex.org/I132735039","display_name":"University of Debrecen","ror":"https://ror.org/02xf66n48","country_code":"HU","type":"education","lineage":["https://openalex.org/I132735039"]}],"countries":["HU"],"is_corresponding":false,"raw_author_name":"Mahdi Adl Khanghah","raw_affiliation_strings":["Department of Computer Science, University of Debrecen, Hungary"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Debrecen, Hungary","institution_ids":["https://openalex.org/I132735039"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5050668920","display_name":"Fahimeh Mirza Soltani","orcid":null},"institutions":[{"id":"https://openalex.org/I132735039","display_name":"University of Debrecen","ror":"https://ror.org/02xf66n48","country_code":"HU","type":"education","lineage":["https://openalex.org/I132735039"]}],"countries":["HU"],"is_corresponding":false,"raw_author_name":"Fahimeh Mirza Soltani","raw_affiliation_strings":["Department of Computer Science, University of Debrecen, Hungary"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Debrecen, Hungary","institution_ids":["https://openalex.org/I132735039"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5026464816","display_name":"Akbar Siami Namin","orcid":"https://orcid.org/0000-0002-1646-7495"},"institutions":[{"id":"https://openalex.org/I12315562","display_name":"Texas Tech University","ror":"https://ror.org/0405mnx93","country_code":"US","type":"education","lineage":["https://openalex.org/I12315562"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Akbar Siami Namin","raw_affiliation_strings":["Department of Computer Science, Texas Tech University, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Texas Tech University, USA","institution_ids":["https://openalex.org/I12315562"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":5.5786,"has_fulltext":false,"cited_by_count":67,"citation_normalized_percentile":{"value":0.96327871,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":100},"biblio":{"volume":"2019","issue":null,"first_page":"3252","last_page":"3259"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8903725147247314},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7875553369522095},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.7251260280609131},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.7166665196418762},{"id":"https://openalex.org/keywords/zero","display_name":"Zero (linguistics)","score":0.6078755259513855},{"id":"https://openalex.org/keywords/random-forest","display_name":"Random forest","score":0.5915812849998474},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.5147929191589355},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.5080945491790771},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.273134708404541}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8903725147247314},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7875553369522095},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.7251260280609131},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.7166665196418762},{"id":"https://openalex.org/C2780813799","wikidata":"https://www.wikidata.org/wiki/Q3274237","display_name":"Zero (linguistics)","level":2,"score":0.6078755259513855},{"id":"https://openalex.org/C169258074","wikidata":"https://www.wikidata.org/wiki/Q245748","display_name":"Random forest","level":2,"score":0.5915812849998474},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.5147929191589355},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.5080945491790771},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.273134708404541},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/bigdata47090.2019.9006514","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata47090.2019.9006514","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2019 IEEE International Conference on Big Data (Big Data)","raw_type":"proceedings-article"},{"id":"mag:3091347433","is_oa":false,"landing_page_url":"https://jglobal.jst.go.jp/en/detail?JGLOBAL_ID=202002222176677864","pdf_url":null,"source":{"id":"https://openalex.org/S4306512817","display_name":"IEEE Conference Proceedings","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":"IEEE Conference Proceedings","raw_type":null}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5799999833106995,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":22,"referenced_works":["https://openalex.org/W101596157","https://openalex.org/W1581009051","https://openalex.org/W1968185194","https://openalex.org/W2065890363","https://openalex.org/W2091681703","https://openalex.org/W2099312541","https://openalex.org/W2168986002","https://openalex.org/W2512034863","https://openalex.org/W2732916693","https://openalex.org/W2796549675","https://openalex.org/W2892077825","https://openalex.org/W2901450325","https://openalex.org/W2909877301","https://openalex.org/W2912472718","https://openalex.org/W2943926215","https://openalex.org/W2958447199","https://openalex.org/W2959763773","https://openalex.org/W6604196288","https://openalex.org/W6635142148","https://openalex.org/W6740449585","https://openalex.org/W6750511567","https://openalex.org/W6762316733"],"related_works":["https://openalex.org/W2097492617","https://openalex.org/W2753240997","https://openalex.org/W1764168690","https://openalex.org/W3152891574","https://openalex.org/W4284893819","https://openalex.org/W4316881845","https://openalex.org/W4232632923","https://openalex.org/W2775776836","https://openalex.org/W4323520309","https://openalex.org/W2889302474"],"abstract_inverted_index":{"The":[0,25,106],"detection":[1],"of":[2,13,90,115],"zero-day":[3,49,85,123],"attacks":[4],"and":[5,117,131],"vulnerabilities":[6],"is":[7,12],"a":[8],"challenging":[9],"problem.":[10],"It":[11],"utmost":[14],"importance":[15],"for":[16,128],"network":[17],"administrators":[18],"to":[19,77],"identify":[20],"them":[21],"with":[22,125],"high":[23],"accuracy.":[24,105],"higher":[26],"the":[27,30,33,45,88,98,103,113],"accuracy":[28],"is,":[29],"more":[31],"robust":[32],"defense":[34],"mechanism":[35],"will":[36],"be.":[37],"In":[38],"an":[39],"ideal":[40],"scenario":[41],"(i.e.,":[42],"100%":[43],"accuracy)":[44],"system":[46],"can":[47,83],"detect":[48,84],"malware":[50,60,124],"without":[51],"being":[52],"concerned":[53],"about":[54],"mistakenly":[55],"tagging":[56],"benign":[57],"files":[58],"as":[59,67],"or":[61],"enabling":[62],"disruptive":[63],"malicious":[64],"code":[65],"running":[66],"none-malicious":[68],"ones.":[69],"This":[70],"paper":[71,107],"investigates":[72],"different":[73],"machine":[74,116],"learning":[75,93,119],"algorithms":[76,120],"find":[78],"out":[79],"how":[80],"well":[81],"they":[82],"malware.":[86],"Through":[87],"examination":[89],"34":[91],"machine/deep":[92],"classifiers,":[94],"we":[95],"found":[96],"that":[97],"random":[99],"forest":[100],"classifier":[101],"offered":[102],"best":[104],"poses":[108],"several":[109],"research":[110],"questions":[111],"regarding":[112],"performance":[114],"deep":[118],"when":[121],"detecting":[122],"zero":[126],"rates":[127],"false":[129,132],"positive":[130],"negative.":[133]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":8},{"year":2024,"cited_by_count":10},{"year":2023,"cited_by_count":17},{"year":2022,"cited_by_count":6},{"year":2021,"cited_by_count":5},{"year":2020,"cited_by_count":19}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}