{"id":"https://openalex.org/W4284899895","doi":"https://doi.org/10.1109/eit53891.2022.9813771","title":"PowerShell Malware Analysis Using a Novel Malware Rating System","display_name":"PowerShell Malware Analysis Using a Novel Malware Rating System","publication_year":2022,"publication_date":"2022-05-19","ids":{"openalex":"https://openalex.org/W4284899895","doi":"https://doi.org/10.1109/eit53891.2022.9813771"},"language":"en","primary_location":{"id":"doi:10.1109/eit53891.2022.9813771","is_oa":false,"landing_page_url":"https://doi.org/10.1109/eit53891.2022.9813771","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE International Conference on Electro Information Technology (eIT)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5072393684","display_name":"David Arnold","orcid":"https://orcid.org/0000-0002-9852-7016"},"institutions":[{"id":"https://openalex.org/I180949307","display_name":"Illinois Institute of Technology","ror":"https://ror.org/037t3ry66","country_code":"US","type":"education","lineage":["https://openalex.org/I180949307"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"David Arnold","raw_affiliation_strings":["Illinois Institute of Technology,Embedded Computing and Signal Processing (ECASP) Research Laboratory,Department of Electrical and Computer Engineering,Chicago,IL,U.S.A","Department of Electrical and Computer Engineering, Embedded Computing and Signal Processing (ECASP) Research Laboratory, Illinois Institute of Technology, Chicago, IL, U.S.A"],"affiliations":[{"raw_affiliation_string":"Illinois Institute of Technology,Embedded Computing and Signal Processing (ECASP) Research Laboratory,Department of Electrical and Computer Engineering,Chicago,IL,U.S.A","institution_ids":["https://openalex.org/I180949307"]},{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Embedded Computing and Signal Processing (ECASP) Research Laboratory, Illinois Institute of Technology, Chicago, IL, U.S.A","institution_ids":["https://openalex.org/I180949307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5109925326","display_name":"Charlotte C. David","orcid":null},"institutions":[{"id":"https://openalex.org/I180949307","display_name":"Illinois Institute of Technology","ror":"https://ror.org/037t3ry66","country_code":"US","type":"education","lineage":["https://openalex.org/I180949307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Charlotte David","raw_affiliation_strings":["Illinois Institute of Technology,Embedded Computing and Signal Processing (ECASP) Research Laboratory,Department of Electrical and Computer Engineering,Chicago,IL,U.S.A","Department of Electrical and Computer Engineering, Embedded Computing and Signal Processing (ECASP) Research Laboratory, Illinois Institute of Technology, Chicago, IL, U.S.A"],"affiliations":[{"raw_affiliation_string":"Illinois Institute of Technology,Embedded Computing and Signal Processing (ECASP) Research Laboratory,Department of Electrical and Computer Engineering,Chicago,IL,U.S.A","institution_ids":["https://openalex.org/I180949307"]},{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Embedded Computing and Signal Processing (ECASP) Research Laboratory, Illinois Institute of Technology, Chicago, IL, U.S.A","institution_ids":["https://openalex.org/I180949307"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5018536803","display_name":"Jafar Saniie","orcid":"https://orcid.org/0000-0002-2655-6950"},"institutions":[{"id":"https://openalex.org/I180949307","display_name":"Illinois Institute of Technology","ror":"https://ror.org/037t3ry66","country_code":"US","type":"education","lineage":["https://openalex.org/I180949307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jafar Saniie","raw_affiliation_strings":["Illinois Institute of Technology,Embedded Computing and Signal Processing (ECASP) Research Laboratory,Department of Electrical and Computer Engineering,Chicago,IL,U.S.A","Department of Electrical and Computer Engineering, Embedded Computing and Signal Processing (ECASP) Research Laboratory, Illinois Institute of Technology, Chicago, IL, U.S.A"],"affiliations":[{"raw_affiliation_string":"Illinois Institute of Technology,Embedded Computing and Signal Processing (ECASP) Research Laboratory,Department of Electrical and Computer Engineering,Chicago,IL,U.S.A","institution_ids":["https://openalex.org/I180949307"]},{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Embedded Computing and Signal Processing (ECASP) Research Laboratory, Illinois Institute of Technology, Chicago, IL, U.S.A","institution_ids":["https://openalex.org/I180949307"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5072393684"],"corresponding_institution_ids":["https://openalex.org/I180949307"],"apc_list":null,"apc_paid":null,"fwci":0.2975,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.4930895,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"182","last_page":"187"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9968000054359436,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9940000176429749,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9177215695381165},{"id":"https://openalex.org/keywords/hacker","display_name":"Hacker","score":0.8806185722351074},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7897374033927917},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6902865171432495},{"id":"https://openalex.org/keywords/cryptovirology","display_name":"Cryptovirology","score":0.685204029083252},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.6180118918418884},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5162389278411865},{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.4537395238876343}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9177215695381165},{"id":"https://openalex.org/C86844869","wikidata":"https://www.wikidata.org/wiki/Q2798820","display_name":"Hacker","level":2,"score":0.8806185722351074},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7897374033927917},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6902865171432495},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.685204029083252},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.6180118918418884},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5162389278411865},{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.4537395238876343},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/eit53891.2022.9813771","is_oa":false,"landing_page_url":"https://doi.org/10.1109/eit53891.2022.9813771","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE International Conference on Electro Information Technology (eIT)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.7400000095367432}],"awards":[],"funders":[{"id":"https://openalex.org/F4320332364","display_name":"Office of Nuclear Energy","ror":"https://ror.org/05tj7dm33"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":6,"referenced_works":["https://openalex.org/W2890850111","https://openalex.org/W3116329143","https://openalex.org/W3132588576","https://openalex.org/W4235636792","https://openalex.org/W6787923900","https://openalex.org/W6817179152"],"related_works":["https://openalex.org/W2469507153","https://openalex.org/W2008790809","https://openalex.org/W2768892939","https://openalex.org/W2160963033","https://openalex.org/W3022706011","https://openalex.org/W2909615516","https://openalex.org/W2249256574","https://openalex.org/W2397240470","https://openalex.org/W4210907385","https://openalex.org/W2065339563"],"abstract_inverted_index":{"Recent":[0],"high-profile":[1],"cyberattacks":[2],"highlight":[3,70],"an":[4],"increased":[5,109],"use":[6],"of":[7,24,30,144],"social":[8,112],"engineering":[9],"attacks":[10,17],"and":[11,45,52,73,103,149],"ransomware":[12],"by":[13],"hackers":[14,44],"worldwide.":[15],"These":[16],"target":[18],"human":[19,130],"operators":[20,154],"directly,":[21],"bypassing":[22],"many":[23,38],"the":[25,59,71,98,108,169,183],"cyber-safeguards":[26],"developed":[27],"through":[28],"years":[29],"malware":[31,63,76,80,90,116,123,138,170],"analysis.":[32],"In":[33],"response":[34],"to":[35,42,48,69,95,107,128,163],"these":[36],"challenges,":[37],"organizations":[39],"have":[40],"turned":[41],"white-hat":[43],"penetration":[46],"testing":[47],"identify":[49],"potential":[50,74],"weaknesses":[51],"reinforce":[53],"cyber-safety":[54],"protocols.":[55],"To":[56,167],"assist":[57],"in":[58],"threat":[60],"evaluation":[61,171],"process,":[62,172],"rating":[64,81,117,134],"systems":[65,82],"are":[66,179],"often":[67],"used":[68],"danger":[72,87],"damage":[75,100],"may":[77],"cause.":[78],"Current":[79],"focus":[83],"on":[84,92,111,140,182],"assigning":[85],"a":[86,114,126,164],"score":[88,137],"for":[89],"based":[91,139,181],"its":[93,141],"ability":[94],"move":[96],"throughout":[97],"network,":[99],"system":[101,118,135,152],"resources,":[102],"evade":[104],"detection.":[105],"Due":[106],"reliance":[110],"engineering,":[113],"new":[115],"is":[119],"proposed":[120,184],"that":[121],"incorporates":[122],"deceitfulness":[124],"as":[125,161],"means":[127],"trick":[129],"operators.":[131],"The":[132],"novel":[133],"will":[136],"Stealth,":[142],"Ease":[143],"Creation,":[145],"Deceitfulness,":[146],"Versatility,":[147],"Instantaneousness,":[148],"Persistence.":[150],"This":[151],"provides":[153],"with":[155],"insight":[156],"into":[157],"each":[158],"key":[159],"characteristics":[160],"opposed":[162],"single":[165],"value.":[166],"showcase":[168],"different":[173],"PowerShell":[174],"Reverse":[175],"Bind":[176],"Shell":[177],"malwares":[178],"rated":[180],"criteria.":[185]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":1}],"updated_date":"2025-11-25T21:42:39.735039","created_date":"2025-10-10T00:00:00"}