{"id":"https://openalex.org/W2977340257","doi":"https://doi.org/10.1109/ijcnn.2019.8851841","title":"TrustSign: Trusted Malware Signature Generation in Private Clouds Using Deep Feature Transfer Learning","display_name":"TrustSign: Trusted Malware Signature Generation in Private Clouds Using Deep Feature Transfer Learning","publication_year":2019,"publication_date":"2019-07-01","ids":{"openalex":"https://openalex.org/W2977340257","doi":"https://doi.org/10.1109/ijcnn.2019.8851841","mag":"2977340257"},"language":"en","primary_location":{"id":"doi:10.1109/ijcnn.2019.8851841","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ijcnn.2019.8851841","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2019 International Joint Conference on Neural Networks (IJCNN)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5081982432","display_name":"Daniel Nahmias","orcid":"https://orcid.org/0000-0002-5612-5713"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":true,"raw_author_name":"Daniel Nahmias","raw_affiliation_strings":["Malware Lab, Cyber Security Research Center, Ben-Gurion University of the Negev, Israel","Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Israel"],"affiliations":[{"raw_affiliation_string":"Malware Lab, Cyber Security Research Center, Ben-Gurion University of the Negev, Israel","institution_ids":["https://openalex.org/I124227911"]},{"raw_affiliation_string":"Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Israel","institution_ids":["https://openalex.org/I124227911"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5035352952","display_name":"Aviad Cohen","orcid":"https://orcid.org/0000-0001-9976-0525"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Aviad Cohen","raw_affiliation_strings":["Malware Lab, Cyber Security Research Center, Ben-Gurion University of the Negev, Israel","Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Israel"],"affiliations":[{"raw_affiliation_string":"Malware Lab, Cyber Security Research Center, Ben-Gurion University of the Negev, Israel","institution_ids":["https://openalex.org/I124227911"]},{"raw_affiliation_string":"Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Israel","institution_ids":["https://openalex.org/I124227911"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5006355294","display_name":"Nir Nissim","orcid":"https://orcid.org/0000-0003-0652-8861"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Nir Nissim","raw_affiliation_strings":["Malware Lab, Cyber Security Research Center, Ben-Gurion University of the Negev, Israel","Department of Industrial Engineering and Management, Ben-Gurion University of the Negev, Israel"],"affiliations":[{"raw_affiliation_string":"Malware Lab, Cyber Security Research Center, Ben-Gurion University of the Negev, Israel","institution_ids":["https://openalex.org/I124227911"]},{"raw_affiliation_string":"Department of Industrial Engineering and Management, Ben-Gurion University of the Negev, Israel","institution_ids":["https://openalex.org/I124227911"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5072913672","display_name":"Yuval Elovici","orcid":"https://orcid.org/0000-0002-9641-128X"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Yuval Elovici","raw_affiliation_strings":["Malware Lab, Cyber Security Research Center, Ben-Gurion University of the Negev, Israel","Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Israel"],"affiliations":[{"raw_affiliation_string":"Malware Lab, Cyber Security Research Center, Ben-Gurion University of the Negev, Israel","institution_ids":["https://openalex.org/I124227911"]},{"raw_affiliation_string":"Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Israel","institution_ids":["https://openalex.org/I124227911"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5081982432"],"corresponding_institution_ids":["https://openalex.org/I124227911"],"apc_list":null,"apc_paid":null,"fwci":2.8196,"has_fulltext":false,"cited_by_count":26,"citation_normalized_percentile":{"value":0.91634958,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8639681339263916},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8443152904510498},{"id":"https://openalex.org/keywords/signature","display_name":"Signature (topology)","score":0.6170070171356201},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5821289420127869},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.5413098335266113},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5329559445381165},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.49517908692359924},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.4941425621509552},{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.4873805642127991},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4471912980079651},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3678773045539856},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2948669195175171},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1797117292881012}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8639681339263916},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8443152904510498},{"id":"https://openalex.org/C2779696439","wikidata":"https://www.wikidata.org/wiki/Q7512811","display_name":"Signature (topology)","level":2,"score":0.6170070171356201},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5821289420127869},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.5413098335266113},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5329559445381165},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.49517908692359924},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.4941425621509552},{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.4873805642127991},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4471912980079651},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3678773045539856},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2948669195175171},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1797117292881012},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/ijcnn.2019.8851841","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ijcnn.2019.8851841","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2019 International Joint Conference on Neural Networks (IJCNN)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":45,"referenced_works":["https://openalex.org/W88694106","https://openalex.org/W215336119","https://openalex.org/W1492352846","https://openalex.org/W1516595210","https://openalex.org/W1597305440","https://openalex.org/W1665214252","https://openalex.org/W1666731339","https://openalex.org/W1686810756","https://openalex.org/W2033811087","https://openalex.org/W2043263066","https://openalex.org/W2045140281","https://openalex.org/W2056568601","https://openalex.org/W2095705004","https://openalex.org/W2098691354","https://openalex.org/W2104706938","https://openalex.org/W2106177700","https://openalex.org/W2115638030","https://openalex.org/W2116065364","https://openalex.org/W2126059122","https://openalex.org/W2137786570","https://openalex.org/W2147800946","https://openalex.org/W2163922914","https://openalex.org/W2172058372","https://openalex.org/W2187089797","https://openalex.org/W2261775381","https://openalex.org/W2280263187","https://openalex.org/W2305913748","https://openalex.org/W2395579298","https://openalex.org/W2396013981","https://openalex.org/W2471456063","https://openalex.org/W2609889289","https://openalex.org/W2752885492","https://openalex.org/W2783112941","https://openalex.org/W2792599578","https://openalex.org/W2800557391","https://openalex.org/W2883723049","https://openalex.org/W2891394615","https://openalex.org/W6603729080","https://openalex.org/W6629376184","https://openalex.org/W6635716266","https://openalex.org/W6637242042","https://openalex.org/W6637373629","https://openalex.org/W6661181168","https://openalex.org/W6674330103","https://openalex.org/W6678762293"],"related_works":["https://openalex.org/W3201228709","https://openalex.org/W2922354075","https://openalex.org/W4389157351","https://openalex.org/W4232561318","https://openalex.org/W3202245533","https://openalex.org/W4253977752","https://openalex.org/W2942879794","https://openalex.org/W1995118279","https://openalex.org/W4240624848","https://openalex.org/W2160606508"],"abstract_inverted_index":{"This":[0],"paper":[1],"presents":[2],"TrustSign,":[3],"a":[4,19,94,177,185],"novel,":[5],"trusted":[6,95],"automatic":[7,31],"malware":[8,32,78,99],"signature":[9,33,159,197],"generation":[10,34,160,198],"method":[11,47,119,190],"based":[12,58],"on":[13,25,37,59,114,131],"high-level":[14],"deep":[15],"features":[16],"transferred":[17],"from":[18],"VGG-19":[20],"neural":[21],"network":[22],"model":[23,170],"pre-trained":[24],"the":[26,43,49,60,63,67,76,84,90,98,106,112,115,182,192,216,223],"ImageNet":[27],"dataset.":[28],"While":[29],"traditional":[30],"techniques":[35,54],"rely":[36],"static":[38],"or":[39,167],"dynamic":[40],"analysis":[41],"of":[42,62,122,194,204],"malware's":[44,116],"executable,":[45,117],"our":[46,118,129,152,189,205],"overcomes":[48],"limitations":[50],"associated":[51],"with":[52,105],"these":[53],"by":[55,110,226],"producing":[56],"signatures":[57,213,224],"presence":[61],"malicious":[64,91],"process":[65,92,161,217],"in":[66,93,176],"volatile":[68],"memory.":[69],"Signatures":[70],"generated":[71,225],"using":[72,222],"TrustSign":[73,88,144,227],"well":[74],"represent":[75],"real":[77],"behavior":[79],"during":[80],"runtime.":[81],"By":[82,221],"leveraging":[83],"cloud's":[85],"virtualization":[86],"technology,":[87],"analyzes":[89],"manner,":[96,180],"since":[97],"is":[100,120,145,174],"unaware":[101],"and":[102,172,199],"cannot":[103],"interfere":[104],"inspection":[107],"procedure.":[108],"Additionally,":[109],"removing":[111],"dependency":[113],"capable":[121],"signing":[123],"fileless":[124],"malware.":[125],"Thus,":[126],"we":[127,234],"focus":[128],"research":[130],"in-browser":[132],"cryptojacking":[133,149],"attacks,":[134,150],"which":[135],"current":[136],"antivirus":[137],"solutions":[138],"have":[139],"difficulty":[140],"to":[141,148,211,215],"detect.":[142],"However,":[143],"not":[146,163],"limited":[147],"as":[151,228],"evaluation":[153,207],"included":[154],"various":[155,231],"ransomware":[156],"samples.":[157],"TrustSign's":[158,209],"does":[162],"require":[164],"feature":[165],"engineering":[166],"any":[168],"additional":[169],"training,":[171],"it":[173],"done":[175],"completely":[178],"unsupervised":[179],"obviating":[181],"need":[183],"for":[184,230],"human":[186],"expert.":[187],"Therefore,":[188],"has":[191],"advantage":[193],"dramatically":[195],"reducing":[196],"distribution":[200],"time.":[201,220],"The":[202],"results":[203],"experimental":[206],"demonstrate":[208],"ability":[210],"generate":[212],"invariant":[214],"state":[218],"over":[219],"input":[229],"supervised":[232],"classifiers,":[233],"achieved":[235],"99.5%":[236],"classification":[237],"accuracy.":[238]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":4},{"year":2021,"cited_by_count":6},{"year":2020,"cited_by_count":6},{"year":2019,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}