{"id":"https://openalex.org/W2768705651","doi":"https://doi.org/10.1109/iccp.2017.8116976","title":"HACGA: An artifacts-based clustering approach for malware classification","display_name":"HACGA: An artifacts-based clustering approach for malware classification","publication_year":2017,"publication_date":"2017-09-01","ids":{"openalex":"https://openalex.org/W2768705651","doi":"https://doi.org/10.1109/iccp.2017.8116976","mag":"2768705651"},"language":"en","primary_location":{"id":"doi:10.1109/iccp.2017.8116976","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iccp.2017.8116976","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 13th IEEE International Conference on Intelligent Computer Communication and Processing (ICCP)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5079014648","display_name":"Oliviu-Bogdan Botocan","orcid":null},"institutions":[{"id":"https://openalex.org/I3125347698","display_name":"Babe\u0219-Bolyai University","ror":"https://ror.org/02rmd1t30","country_code":"RO","type":"education","lineage":["https://openalex.org/I3125347698"]}],"countries":["RO"],"is_corresponding":false,"raw_author_name":"Oliviu-Bogdan Botocan","raw_affiliation_strings":["Faculty of Mathematics and Computer Science, Babe\u015f-Bolyai University, Cluj-Napoca, Romania"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Faculty of Mathematics and Computer Science, Babe\u015f-Bolyai University, Cluj-Napoca, Romania","institution_ids":["https://openalex.org/I3125347698"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5052905844","display_name":"Gabriela Czibula","orcid":"https://orcid.org/0000-0001-7852-681X"},"institutions":[{"id":"https://openalex.org/I3125347698","display_name":"Babe\u0219-Bolyai University","ror":"https://ror.org/02rmd1t30","country_code":"RO","type":"education","lineage":["https://openalex.org/I3125347698"]}],"countries":["RO"],"is_corresponding":false,"raw_author_name":"Gabriela Czibula","raw_affiliation_strings":["Faculty of Mathematics and Computer Science, Babe\u015f-Bolyai University, Cluj-Napoca, Romania"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Faculty of Mathematics and Computer Science, Babe\u015f-Bolyai University, Cluj-Napoca, Romania","institution_ids":["https://openalex.org/I3125347698"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.3735,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.5962877,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":"8","issue":null,"first_page":"5","last_page":"12"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9819999933242798,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9700390696525574},{"id":"https://openalex.org/keywords/cluster-analysis","display_name":"Cluster analysis","score":0.8180038928985596},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.803708016872406},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5890472531318665},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.5867293477058411},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.5477737784385681},{"id":"https://openalex.org/keywords/hierarchical-clustering","display_name":"Hierarchical clustering","score":0.5128610134124756},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5098416209220886},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4601600170135498},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.17464739084243774},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.05642661452293396}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9700390696525574},{"id":"https://openalex.org/C73555534","wikidata":"https://www.wikidata.org/wiki/Q622825","display_name":"Cluster analysis","level":2,"score":0.8180038928985596},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.803708016872406},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5890472531318665},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.5867293477058411},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.5477737784385681},{"id":"https://openalex.org/C92835128","wikidata":"https://www.wikidata.org/wiki/Q1277447","display_name":"Hierarchical clustering","level":3,"score":0.5128610134124756},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5098416209220886},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4601600170135498},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.17464739084243774},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.05642661452293396}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/iccp.2017.8116976","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iccp.2017.8116976","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 13th IEEE International Conference on Intelligent Computer Communication and Processing (ICCP)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320315989","display_name":"National Authority for Scientific Research and Innovation","ror":null}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":29,"referenced_works":["https://openalex.org/W83577577","https://openalex.org/W259338706","https://openalex.org/W1548500763","https://openalex.org/W1647671624","https://openalex.org/W1827212170","https://openalex.org/W1851403712","https://openalex.org/W1910686388","https://openalex.org/W1938740620","https://openalex.org/W1942607556","https://openalex.org/W1992110042","https://openalex.org/W1992419399","https://openalex.org/W2018175892","https://openalex.org/W2030463632","https://openalex.org/W2057079516","https://openalex.org/W2091537325","https://openalex.org/W2105037940","https://openalex.org/W2140190241","https://openalex.org/W2170477953","https://openalex.org/W2273421618","https://openalex.org/W2482589566","https://openalex.org/W3142635077","https://openalex.org/W4213009331","https://openalex.org/W6603327724","https://openalex.org/W6632780167","https://openalex.org/W6636915900","https://openalex.org/W6638623425","https://openalex.org/W6639864006","https://openalex.org/W6684772517","https://openalex.org/W6694389811"],"related_works":["https://openalex.org/W2469507153","https://openalex.org/W2008790809","https://openalex.org/W2768892939","https://openalex.org/W3164408430","https://openalex.org/W4285507391","https://openalex.org/W2397240470","https://openalex.org/W2602767565","https://openalex.org/W170652726","https://openalex.org/W2883822334","https://openalex.org/W2134874482"],"abstract_inverted_index":{"More":[0],"and":[1,9,36,81,90,130,136],"more":[2],"sophisticated":[3],"malware":[4,42,76,105,161,169],"attacks":[5,102],"are":[6,16,107,133,164],"developed":[7],"nowadays":[8,98],"new":[10,80],"variants":[11,38],"of":[12,27,39,97,103,112,141,150,159],"existing":[13,143],"malicious":[14,28,99],"software":[15],"released":[17],"daily.":[18],"Malware":[19],"clustering":[20,56,153],"is":[21,122],"often":[22],"applied":[23],"to":[24,78,138,155,167],"identify":[25,157],"patterns":[26],"software,":[29,100],"with":[30,58],"similar":[31,109,142,160],"samples":[32,69],"being":[33],"grouped":[34],"together":[35],"considered":[37],"the":[40,72,95,101,116,131,139,148,151],"same":[41,73,104],"family.":[43],"In":[44],"this":[45],"paper":[46],"we":[47],"propose":[48],"an":[49],"automated":[50],"technique":[51],"based":[52],"on":[53,88,115,125],"agglomerative":[54],"hierarchical":[55],"combined":[57],"a":[59,126],"supervised":[60],"learning":[61],"method":[62,86,154],"for":[63],"parameters":[64],"optimization":[65],"which":[66,163],"helps":[67],"determining":[68],"that":[70],"exhibit":[71],"behavior,":[74],"allowing":[75],"analysts":[77],"uncover":[79],"interesting":[82],"threats.":[83],"The":[84,119],"proposed":[85,152],"relies":[87],"behavioral":[89],"attack":[91],"pattern":[92],"analysis.":[93],"Despite":[94],"complexity":[96],"families":[106],"very":[108,165],"in":[110],"terms":[111],"actions":[113],"performed":[114],"infected":[117],"system.":[118],"experimental":[120],"evaluation":[121],"carried":[123],"out":[124],"real":[127],"case":[128],"study":[129],"results":[132],"analyzed,":[134],"interpreted":[135],"compared":[137],"ones":[140],"approaches.":[144],"Our":[145],"experiments":[146],"demonstrate":[147],"capability":[149],"accurately":[156],"groups":[158],"samples,":[162],"likely":[166],"represent":[168],"families.":[170]},"counts_by_year":[{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}