{"id":"https://openalex.org/W3082126477","doi":"https://doi.org/10.1109/fuzz48607.2020.9177856","title":"Embedding Fuzzy Rules with YARA Rules for Performance Optimisation of Malware Analysis","display_name":"Embedding Fuzzy Rules with YARA Rules for Performance Optimisation of Malware Analysis","publication_year":2020,"publication_date":"2020-07-01","ids":{"openalex":"https://openalex.org/W3082126477","doi":"https://doi.org/10.1109/fuzz48607.2020.9177856","mag":"3082126477"},"language":"en","primary_location":{"id":"doi:10.1109/fuzz48607.2020.9177856","is_oa":false,"landing_page_url":"https://doi.org/10.1109/fuzz48607.2020.9177856","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://publications.aston.ac.uk/id/eprint/42062/1/FUZZ_IEEE_20_Embedded_YARA_Rules.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5089628794","display_name":"Nitin Naik","orcid":"https://orcid.org/0000-0002-0659-9646"},"institutions":[{"id":"https://openalex.org/I63072094","display_name":"University of Portsmouth","ror":"https://ror.org/03ykbk197","country_code":"GB","type":"education","lineage":["https://openalex.org/I63072094"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Nitin Naik","raw_affiliation_strings":["School of Computing, University of Portsmouth, United Kingdom"],"affiliations":[{"raw_affiliation_string":"School of Computing, University of Portsmouth, United Kingdom","institution_ids":["https://openalex.org/I63072094"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064994129","display_name":"Paul Jenkins","orcid":"https://orcid.org/0000-0002-9854-9450"},"institutions":[{"id":"https://openalex.org/I63072094","display_name":"University of Portsmouth","ror":"https://ror.org/03ykbk197","country_code":"GB","type":"education","lineage":["https://openalex.org/I63072094"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Paul Jenkins","raw_affiliation_strings":["School of Computing, University of Portsmouth, United Kingdom"],"affiliations":[{"raw_affiliation_string":"School of Computing, University of Portsmouth, United Kingdom","institution_ids":["https://openalex.org/I63072094"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5008471645","display_name":"Nick Savage","orcid":"https://orcid.org/0000-0001-9391-5100"},"institutions":[{"id":"https://openalex.org/I63072094","display_name":"University of Portsmouth","ror":"https://ror.org/03ykbk197","country_code":"GB","type":"education","lineage":["https://openalex.org/I63072094"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Nick Savage","raw_affiliation_strings":["School of Computing, University of Portsmouth, United Kingdom"],"affiliations":[{"raw_affiliation_string":"School of Computing, University of Portsmouth, United Kingdom","institution_ids":["https://openalex.org/I63072094"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5065079117","display_name":"Longzhi Yang","orcid":"https://orcid.org/0000-0003-2115-4909"},"institutions":[{"id":"https://openalex.org/I32394136","display_name":"Northumbria University","ror":"https://ror.org/049e6bc10","country_code":"GB","type":"education","lineage":["https://openalex.org/I32394136"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Longzhi Yang","raw_affiliation_strings":["Department of Computer and Information Sciences, Northumbria University, United Kingdom"],"affiliations":[{"raw_affiliation_string":"Department of Computer and Information Sciences, Northumbria University, United Kingdom","institution_ids":["https://openalex.org/I32394136"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5087692639","display_name":"Kshirasagar Naik","orcid":"https://orcid.org/0000-0002-1064-4905"},"institutions":[{"id":"https://openalex.org/I151746483","display_name":"University of Waterloo","ror":"https://ror.org/01aff2v68","country_code":"CA","type":"education","lineage":["https://openalex.org/I151746483"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Kshirasagar Naik","raw_affiliation_strings":["Department of Electrical and Computer Engineering, University of Waterloo, Canada"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, University of Waterloo, Canada","institution_ids":["https://openalex.org/I151746483"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100873739","display_name":"Jingping Song","orcid":"https://orcid.org/0000-0001-8206-9455"},"institutions":[{"id":"https://openalex.org/I9224756","display_name":"Northeastern University","ror":"https://ror.org/03awzbc87","country_code":"CN","type":"education","lineage":["https://openalex.org/I9224756"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jingping Song","raw_affiliation_strings":["Software College, Northeastern University, China"],"affiliations":[{"raw_affiliation_string":"Software College, Northeastern University, China","institution_ids":["https://openalex.org/I9224756"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5089628794"],"corresponding_institution_ids":["https://openalex.org/I63072094"],"apc_list":null,"apc_paid":null,"fwci":1.6735,"has_fulltext":true,"cited_by_count":16,"citation_normalized_percentile":{"value":0.84704119,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"7"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7324621677398682},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.572592556476593},{"id":"https://openalex.org/keywords/embedding","display_name":"Embedding","score":0.5670700669288635},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.5532408356666565},{"id":"https://openalex.org/keywords/fuzzy-logic","display_name":"Fuzzy logic","score":0.4969535171985626},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.4230518043041229},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.3767344057559967},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.33419740200042725},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.07495808601379395}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7324621677398682},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.572592556476593},{"id":"https://openalex.org/C41608201","wikidata":"https://www.wikidata.org/wiki/Q980509","display_name":"Embedding","level":2,"score":0.5670700669288635},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.5532408356666565},{"id":"https://openalex.org/C58166","wikidata":"https://www.wikidata.org/wiki/Q224821","display_name":"Fuzzy logic","level":2,"score":0.4969535171985626},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.4230518043041229},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3767344057559967},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.33419740200042725},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.07495808601379395}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1109/fuzz48607.2020.9177856","is_oa":false,"landing_page_url":"https://doi.org/10.1109/fuzz48607.2020.9177856","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE)","raw_type":"proceedings-article"},{"id":"pmh:oai:nrl.northumbria.ac.uk:44693","is_oa":false,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4306401884","display_name":"Northumbria Research Link (Northumbria University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I32394136","host_organization_name":"Northumbria University","host_organization_lineage":["https://openalex.org/I32394136"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":"","raw_type":"Book Section"},{"id":"pmh:oai:publications.aston.ac.uk:42062","is_oa":true,"landing_page_url":"https://publications.aston.ac.uk/view/author/aa4db887c0bf748e844ec405f73f8819.html>,","pdf_url":"https://publications.aston.ac.uk/id/eprint/42062/1/FUZZ_IEEE_20_Embedded_YARA_Rules.pdf","source":{"id":"https://openalex.org/S4306400483","display_name":"Aston Publications Explorer (Aston University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I169199633","host_organization_name":"Aston University","host_organization_lineage":["https://openalex.org/I169199633"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"NonPeerReviewed"},{"id":"pmh:oai:researchportal.port.ac.uk:publications/1937d5a0-68dc-49d6-92ff-053d5c59fe58","is_oa":false,"landing_page_url":"https://researchportal.port.ac.uk/portal/en/publications/embedding-fuzzy-rules-with-yara-rules-for-performance-optimisation-of-malware-analysis(1937d5a0-68dc-49d6-92ff-053d5c59fe58).html","pdf_url":null,"source":{"id":"https://openalex.org/S4306401774","display_name":"Portsmouth Research Portal (University of Portsmouth)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I63072094","host_organization_name":"University of Portsmouth","host_organization_lineage":["https://openalex.org/I63072094"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":""}],"best_oa_location":{"id":"pmh:oai:publications.aston.ac.uk:42062","is_oa":true,"landing_page_url":"https://publications.aston.ac.uk/view/author/aa4db887c0bf748e844ec405f73f8819.html>,","pdf_url":"https://publications.aston.ac.uk/id/eprint/42062/1/FUZZ_IEEE_20_Embedded_YARA_Rules.pdf","source":{"id":"https://openalex.org/S4306400483","display_name":"Aston Publications Explorer (Aston University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I169199633","host_organization_name":"Aston University","host_organization_lineage":["https://openalex.org/I169199633"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"NonPeerReviewed"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.8199999928474426}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3082126477.pdf","grobid_xml":"https://content.openalex.org/works/W3082126477.grobid-xml"},"referenced_works_count":18,"referenced_works":["https://openalex.org/W1971078475","https://openalex.org/W1992176519","https://openalex.org/W2079325629","https://openalex.org/W2164215197","https://openalex.org/W2168154523","https://openalex.org/W2216493166","https://openalex.org/W2520938204","https://openalex.org/W2780698577","https://openalex.org/W2944304051","https://openalex.org/W2945500821","https://openalex.org/W3004894946","https://openalex.org/W3007286727","https://openalex.org/W3008617927","https://openalex.org/W3016587487","https://openalex.org/W4249749961","https://openalex.org/W6684316442","https://openalex.org/W6688795101","https://openalex.org/W6776143859"],"related_works":["https://openalex.org/W2469507153","https://openalex.org/W2768892939","https://openalex.org/W2008790809","https://openalex.org/W4285507391","https://openalex.org/W3164408430","https://openalex.org/W2397240470","https://openalex.org/W2602767565","https://openalex.org/W170652726","https://openalex.org/W2883822334","https://openalex.org/W2134874482"],"abstract_inverted_index":{"YARA":[0,33,57,72,93,116,137,178,221],"rules":[1,34,58,73,117,135,138,148,179,222],"utilises":[2],"string":[3],"or":[4,82],"pattern":[5],"matching":[6],"to":[7,78,139,223],"perform":[8],"malware":[9,107,211],"analysis":[10],"and":[11,30,59,118,152,155,213,219],"is":[12,25,74,206,214],"one":[13],"of":[14,32,56,71,105,115,160],"the":[15,28,37,44,68,102,106,112,126,144,177,217],"most":[16],"effective":[17,54,200],"methods":[18],"in":[19,36,75,167,184],"use":[20,114],"today.":[21],"However,":[22],"its":[23,60,64,90,119,141,225],"effectiveness":[24],"dependent":[26],"on":[27,101,208],"quality":[29],"quantity":[31],"employed":[35],"analysis.":[38],"This":[39,170,202],"can":[40,149],"be":[41,165,173,191],"managed":[42],"through":[43],"rule":[45,81,91,94],"optimisation":[46],"process,":[47],"although,":[48],"this":[49,130],"may":[50,110,163,172,189],"not":[51,164,190],"necessarily":[52],"guarantee":[53],"utilisation":[55],"generated":[61],"findings":[62,120],"during":[63,125,143],"execution":[65,127,145],"phase,":[66],"as":[67],"main":[69],"focus":[70],"determining":[76],"whether":[77],"trigger":[79],"a":[80,85,157,209],"not,":[83],"for":[84],"suspect":[86],"sample":[87],"after":[88],"examining":[89],"condition.":[92],"conditions":[95],"are":[96],"Boolean":[97,168,195],"expressions,":[98],"mostly":[99],"focused":[100],"binary":[103],"outcome":[104],"analysis,":[108],"which":[109,162,188],"limit":[111],"optimised":[113],"despite":[121],"generating":[122],"significant":[123],"information":[124],"phase.":[128,146],"Therefore,":[129],"paper":[131],"proposes":[132],"embedding":[133,171],"fuzzy":[134],"with":[136],"optimise":[140],"performance":[142],"Fuzzy":[147],"manage":[150],"imprecise":[151],"incomplete":[153],"data":[154],"encompass":[156],"broad":[158],"range":[159],"conditions,":[161,187],"possible":[166],"logic.":[169],"more":[174,181],"advantageous":[175],"when":[176],"become":[180],"complex,":[182],"resulting":[183],"multiple":[185],"complex":[186],"processed":[192],"efficiently":[193],"utilising":[194],"expressions":[196],"alone,":[197],"thus":[198],"compromising":[199],"decision-making.":[201],"proposed":[203],"embedded":[204],"approach":[205],"applied":[207],"collected":[210],"corpus":[212],"tested":[215],"against":[216],"standard":[218],"enhanced":[220],"demonstrate":[224],"success.":[226]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":3}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}