{"id":"https://openalex.org/W1635909507","doi":"https://doi.org/10.1109/coase.2015.7294263","title":"Malware detection via API calls, topic models and machine learning","display_name":"Malware detection via API calls, topic models and machine learning","publication_year":2015,"publication_date":"2015-08-01","ids":{"openalex":"https://openalex.org/W1635909507","doi":"https://doi.org/10.1109/coase.2015.7294263","mag":"1635909507"},"language":"en","primary_location":{"id":"doi:10.1109/coase.2015.7294263","is_oa":false,"landing_page_url":"https://doi.org/10.1109/coase.2015.7294263","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2015 IEEE International Conference on Automation Science and Engineering (CASE)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5012923628","display_name":"G. Ganesh Sundarkumar","orcid":null},"institutions":[{"id":"https://openalex.org/I36893310","display_name":"University of Hyderabad","ror":"https://ror.org/04a7rxb17","country_code":"IN","type":"education","lineage":["https://openalex.org/I36893310"]},{"id":"https://openalex.org/I150312865","display_name":"Institute for Development and Research in Banking Technology","ror":"https://ror.org/00ta0g865","country_code":"IN","type":"government","lineage":["https://openalex.org/I150312865"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"G. Ganesh Sundarkumar","raw_affiliation_strings":["M. Tech. student at Insitue for Development and Research in Banking Technology and University of Hyderabad, Hyderabad, AP, India","Institute for Development and Research in Banking Technology and University of Hyderabad, Hyderabad-500046 (AP), India"],"affiliations":[{"raw_affiliation_string":"M. Tech. student at Insitue for Development and Research in Banking Technology and University of Hyderabad, Hyderabad, AP, India","institution_ids":["https://openalex.org/I150312865"]},{"raw_affiliation_string":"Institute for Development and Research in Banking Technology and University of Hyderabad, Hyderabad-500046 (AP), India","institution_ids":["https://openalex.org/I150312865","https://openalex.org/I36893310"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5073505371","display_name":"Vadlamani Ravi","orcid":"https://orcid.org/0000-0003-0082-6227"},"institutions":[{"id":"https://openalex.org/I150312865","display_name":"Institute for Development and Research in Banking Technology","ror":"https://ror.org/00ta0g865","country_code":"IN","type":"government","lineage":["https://openalex.org/I150312865"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Vadlamani Ravi","raw_affiliation_strings":["Masab Tank, Institute for Development and Research in Banking Technology, Hyderabad, AP, India","Center of Excellence in CRM and Analytics, Institute for Development and Research in Banking Technology, Castle Hills Road No. 1, Masab Tank, Hyderabad - 500057 (AP), India"],"affiliations":[{"raw_affiliation_string":"Masab Tank, Institute for Development and Research in Banking Technology, Hyderabad, AP, India","institution_ids":["https://openalex.org/I150312865"]},{"raw_affiliation_string":"Center of Excellence in CRM and Analytics, Institute for Development and Research in Banking Technology, Castle Hills Road No. 1, Masab Tank, Hyderabad - 500057 (AP), India","institution_ids":["https://openalex.org/I150312865"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022590472","display_name":"Ifeoma Nwogu","orcid":"https://orcid.org/0000-0003-1414-6433"},"institutions":[{"id":"https://openalex.org/I63190737","display_name":"University at Buffalo, State University of New York","ror":"https://ror.org/01y64my43","country_code":"US","type":"education","lineage":["https://openalex.org/I63190737"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ifeoma Nwogu","raw_affiliation_strings":["Center for Unified Biometrics and Sensors at State University of NewYork (SUNY), Buffalo"],"affiliations":[{"raw_affiliation_string":"Center for Unified Biometrics and Sensors at State University of NewYork (SUNY), Buffalo","institution_ids":["https://openalex.org/I63190737"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5020354604","display_name":"Venu Govindaraju","orcid":"https://orcid.org/0000-0002-5318-7409"},"institutions":[{"id":"https://openalex.org/I4210090800","display_name":"Sensors (United States)","ror":"https://ror.org/00b4mz884","country_code":"US","type":"company","lineage":["https://openalex.org/I4210090800"]},{"id":"https://openalex.org/I63190737","display_name":"University at Buffalo, State University of New York","ror":"https://ror.org/01y64my43","country_code":"US","type":"education","lineage":["https://openalex.org/I63190737"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Venu Govindaraju","raw_affiliation_strings":["Distinguished Professor and Director, University of NewYork, Buffalo","Center for Unified Biometrics and Sensors at State University of NewYork, Buffalo"],"affiliations":[{"raw_affiliation_string":"Distinguished Professor and Director, University of NewYork, Buffalo","institution_ids":["https://openalex.org/I63190737"]},{"raw_affiliation_string":"Center for Unified Biometrics and Sensors at State University of NewYork, Buffalo","institution_ids":["https://openalex.org/I4210090800","https://openalex.org/I63190737"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5012923628"],"corresponding_institution_ids":["https://openalex.org/I150312865","https://openalex.org/I36893310"],"apc_list":null,"apc_paid":null,"fwci":3.8626,"has_fulltext":false,"cited_by_count":46,"citation_normalized_percentile":{"value":0.93775744,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1212","last_page":"1217"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9925000071525574,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9490513801574707},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8228166103363037},{"id":"https://openalex.org/keywords/decision-tree","display_name":"Decision tree","score":0.6393739581108093},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.6360920071601868},{"id":"https://openalex.org/keywords/application-programming-interface","display_name":"Application programming interface","score":0.5887900590896606},{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.547620952129364},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5041214227676392},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.48908406496047974},{"id":"https://openalex.org/keywords/support-vector-machine","display_name":"Support vector machine","score":0.4616687595844269},{"id":"https://openalex.org/keywords/host","display_name":"Host (biology)","score":0.4461546540260315},{"id":"https://openalex.org/keywords/cryptovirology","display_name":"Cryptovirology","score":0.4390726685523987},{"id":"https://openalex.org/keywords/information-sensitivity","display_name":"Information sensitivity","score":0.4201894700527191},{"id":"https://openalex.org/keywords/system-call","display_name":"System call","score":0.4102995693683624},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.38392072916030884},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.17133817076683044}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9490513801574707},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8228166103363037},{"id":"https://openalex.org/C84525736","wikidata":"https://www.wikidata.org/wiki/Q831366","display_name":"Decision tree","level":2,"score":0.6393739581108093},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.6360920071601868},{"id":"https://openalex.org/C99613125","wikidata":"https://www.wikidata.org/wiki/Q165194","display_name":"Application programming interface","level":2,"score":0.5887900590896606},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.547620952129364},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5041214227676392},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.48908406496047974},{"id":"https://openalex.org/C12267149","wikidata":"https://www.wikidata.org/wiki/Q282453","display_name":"Support vector machine","level":2,"score":0.4616687595844269},{"id":"https://openalex.org/C126831891","wikidata":"https://www.wikidata.org/wiki/Q221673","display_name":"Host (biology)","level":2,"score":0.4461546540260315},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.4390726685523987},{"id":"https://openalex.org/C137822555","wikidata":"https://www.wikidata.org/wiki/Q2587068","display_name":"Information sensitivity","level":2,"score":0.4201894700527191},{"id":"https://openalex.org/C2778579508","wikidata":"https://www.wikidata.org/wiki/Q722192","display_name":"System call","level":2,"score":0.4102995693683624},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.38392072916030884},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.17133817076683044},{"id":"https://openalex.org/C18903297","wikidata":"https://www.wikidata.org/wiki/Q7150","display_name":"Ecology","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/coase.2015.7294263","is_oa":false,"landing_page_url":"https://doi.org/10.1109/coase.2015.7294263","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2015 IEEE International Conference on Automation Science and Engineering (CASE)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.8299999833106995,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":34,"referenced_works":["https://openalex.org/W14468734","https://openalex.org/W95765562","https://openalex.org/W165688198","https://openalex.org/W1546703457","https://openalex.org/W1574318326","https://openalex.org/W1576877452","https://openalex.org/W1880262756","https://openalex.org/W1968527224","https://openalex.org/W2001082470","https://openalex.org/W2018022926","https://openalex.org/W2023326407","https://openalex.org/W2033804793","https://openalex.org/W2041130390","https://openalex.org/W2050679616","https://openalex.org/W2050855115","https://openalex.org/W2056933141","https://openalex.org/W2065311994","https://openalex.org/W2076769479","https://openalex.org/W2080778654","https://openalex.org/W2114065168","https://openalex.org/W2122492127","https://openalex.org/W2128217000","https://openalex.org/W2129650357","https://openalex.org/W2132870739","https://openalex.org/W2137349054","https://openalex.org/W2153393809","https://openalex.org/W2163931946","https://openalex.org/W2549033193","https://openalex.org/W4285719527","https://openalex.org/W6603786617","https://openalex.org/W6634623624","https://openalex.org/W6639619044","https://openalex.org/W6659048213","https://openalex.org/W6680428292"],"related_works":["https://openalex.org/W2053632570","https://openalex.org/W2148542813","https://openalex.org/W3022078406","https://openalex.org/W1506884343","https://openalex.org/W2060920843","https://openalex.org/W3008875367","https://openalex.org/W2126734536","https://openalex.org/W2785643584","https://openalex.org/W2188129033","https://openalex.org/W1635909507"],"abstract_inverted_index":{"Dissemination":[0],"of":[1,89],"malicious":[2],"code,":[3],"also":[4],"known":[5],"as":[6,52,141,150],"malware,":[7,84],"poses":[8],"severe":[9],"challenges":[10],"to":[11,23,42,47,67,82,119],"cyber":[12],"security.":[13],"Malware":[14,58],"authors":[15,59],"embed":[16],"software":[17],"in":[18,40],"seemingly":[19],"innocuous":[20],"executables,":[21],"unknown":[22],"a":[24,73],"user.":[25],"The":[26],"malware":[27],"subsequently":[28],"interacts":[29],"with":[30,117],"security-critical":[31],"OS":[32],"resources":[33],"on":[34,86,97],"the":[35,87,122],"host":[36],"system":[37],"or":[38,46],"network,":[39],"order":[41],"destroy":[43],"their":[44],"information":[45,50],"gather":[48],"sensitive":[49],"such":[51],"passwords":[53],"and":[54,79,107,125],"credit":[55],"card":[56],"numbers.":[57],"typically":[60],"use":[61],"Application":[62],"Programming":[63],"Interface":[64],"(API)":[65],"calls":[66],"perpetrate":[68],"these":[69,135],"crimes.":[70],"We":[71,93,102,114,137],"present":[72],"model":[74],"that":[75,104,127],"uses":[76],"text":[77],"mining":[78],"topic":[80],"modeling":[81],"detect":[83],"based":[85],"types":[88],"API":[90],"call":[91],"sequences.":[92],"evaluated":[94],"our":[95],"technique":[96],"two":[98,123],"publicly":[99],"available":[100],"datasets.":[101],"observed":[103],"Decision":[105,139],"Tree":[106,140],"Support":[108],"Vector":[109],"Machine":[110],"yielded":[111],"significant":[112,132],"results.":[113],"performed":[115],"t-test":[116],"respect":[118],"sensitivity":[120],"for":[121],"models":[124],"found":[126],"statistically":[128],"there":[129],"is":[130],"no":[131],"difference":[133],"between":[134],"models.":[136],"recommend":[138],"it":[142],"yields":[143],"`if-then'":[144],"rules,":[145],"which":[146],"could":[147],"be":[148],"used":[149],"an":[151],"early":[152],"warning":[153],"expert":[154],"system.":[155]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":8},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":9},{"year":2020,"cited_by_count":4},{"year":2019,"cited_by_count":3},{"year":2018,"cited_by_count":3},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":6}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-10-10T00:00:00"}