{"id":"https://openalex.org/W3199703676","doi":"https://doi.org/10.1109/ijcnn52387.2021.9534115","title":"An Effective Approach for Malware Detection and Explanation via Deep Learning Analysis","display_name":"An Effective Approach for Malware Detection and Explanation via Deep Learning Analysis","publication_year":2021,"publication_date":"2021-07-18","ids":{"openalex":"https://openalex.org/W3199703676","doi":"https://doi.org/10.1109/ijcnn52387.2021.9534115","mag":"3199703676"},"language":"en","primary_location":{"id":"doi:10.1109/ijcnn52387.2021.9534115","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ijcnn52387.2021.9534115","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 International Joint Conference on Neural Networks (IJCNN)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5082315801","display_name":"Huozhu Wang","orcid":null},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Huozhu Wang","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Science, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Science, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102461539","display_name":"Ziyuan Zhu","orcid":"https://orcid.org/0009-0001-6696-3374"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ziyuan Zhu","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Science, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Science, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5109744856","display_name":"Zhongkai Tong","orcid":null},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhongkai Tong","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Science, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Science, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5069496916","display_name":"Xiang Yin","orcid":"https://orcid.org/0000-0002-6554-1516"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiang Yin","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Science, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Science, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5040198140","display_name":"Yusi Feng","orcid":"https://orcid.org/0009-0003-0703-6479"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yusi Feng","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Science, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Science, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5106405285","display_name":"Gang Shi","orcid":"https://orcid.org/0009-0006-7152-9210"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Gang Shi","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Science, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Science, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101525319","display_name":"Dan Meng","orcid":"https://orcid.org/0000-0003-1980-9283"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Dan Meng","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Science, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Science, School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5082315801"],"corresponding_institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":0.1524,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.4479378,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"10"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9977999925613403,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9957000017166138,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9454102516174316},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8631498217582703},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.650988757610321},{"id":"https://openalex.org/keywords/sandbox","display_name":"Sandbox (software development)","score":0.6212332844734192},{"id":"https://openalex.org/keywords/cryptovirology","display_name":"Cryptovirology","score":0.6003979444503784},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5817078351974487},{"id":"https://openalex.org/keywords/system-call","display_name":"System call","score":0.5578092932701111},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.49898791313171387},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.4848529100418091},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.46996447443962097},{"id":"https://openalex.org/keywords/obfuscation","display_name":"Obfuscation","score":0.43259960412979126},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.42829644680023193},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.34881994128227234},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.32179170846939087},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.11618867516517639},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.08815032243728638}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9454102516174316},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8631498217582703},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.650988757610321},{"id":"https://openalex.org/C167981075","wikidata":"https://www.wikidata.org/wiki/Q2667186","display_name":"Sandbox (software development)","level":2,"score":0.6212332844734192},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.6003979444503784},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5817078351974487},{"id":"https://openalex.org/C2778579508","wikidata":"https://www.wikidata.org/wiki/Q722192","display_name":"System call","level":2,"score":0.5578092932701111},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.49898791313171387},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.4848529100418091},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.46996447443962097},{"id":"https://openalex.org/C40305131","wikidata":"https://www.wikidata.org/wiki/Q2616305","display_name":"Obfuscation","level":2,"score":0.43259960412979126},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.42829644680023193},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.34881994128227234},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.32179170846939087},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.11618867516517639},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.08815032243728638},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/ijcnn52387.2021.9534115","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ijcnn52387.2021.9534115","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 International Joint Conference on Neural Networks (IJCNN)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.800000011920929,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":49,"referenced_works":["https://openalex.org/W7103708","https://openalex.org/W1522250664","https://openalex.org/W1787224781","https://openalex.org/W1849277567","https://openalex.org/W2031006315","https://openalex.org/W2034053858","https://openalex.org/W2046185165","https://openalex.org/W2064675550","https://openalex.org/W2064919373","https://openalex.org/W2119812052","https://openalex.org/W2157331557","https://openalex.org/W2176830056","https://openalex.org/W2282821441","https://openalex.org/W2344380211","https://openalex.org/W2594633041","https://openalex.org/W2605409611","https://openalex.org/W2612449038","https://openalex.org/W2749008552","https://openalex.org/W2765653036","https://openalex.org/W2783112941","https://openalex.org/W2784452215","https://openalex.org/W2809457377","https://openalex.org/W2890991187","https://openalex.org/W2917661079","https://openalex.org/W2938709190","https://openalex.org/W2953384591","https://openalex.org/W2955843940","https://openalex.org/W2962862931","https://openalex.org/W2964045325","https://openalex.org/W2979135669","https://openalex.org/W2979963465","https://openalex.org/W2997090102","https://openalex.org/W3006140559","https://openalex.org/W3081154221","https://openalex.org/W3105926539","https://openalex.org/W3131231119","https://openalex.org/W4256383029","https://openalex.org/W6600275301","https://openalex.org/W6631155369","https://openalex.org/W6639204139","https://openalex.org/W6678042037","https://openalex.org/W6685576885","https://openalex.org/W6713134421","https://openalex.org/W6734194636","https://openalex.org/W6736518430","https://openalex.org/W6737947904","https://openalex.org/W6748325151","https://openalex.org/W6782007757","https://openalex.org/W6790856433"],"related_works":["https://openalex.org/W2900526031","https://openalex.org/W2143732108","https://openalex.org/W4296272594","https://openalex.org/W2516239820","https://openalex.org/W109909280","https://openalex.org/W2954975888","https://openalex.org/W4388157251","https://openalex.org/W2789247308","https://openalex.org/W4386387815","https://openalex.org/W4360993664"],"abstract_inverted_index":{"The":[0,53],"next":[1],"generation":[2],"attackers":[3],"often":[4],"generate":[5],"malware":[6,33,38,72,84,97,194],"variants":[7],"with":[8,116],"Artificial":[9],"Intelligence":[10],"(AI)":[11],"weapons,":[12],"which":[13,88,160],"are":[14,50],"deliberately":[15],"designed":[16],"to":[17,27,45,68,137,158,197],"evade":[18,69],"antivirus":[19],"engines.":[20],"Security":[21],"defenders":[22],"propose":[23,79],"many":[24,59],"AI-based":[25,37,71],"approaches":[26,40],"detect":[28],"the":[29,96,107,113,126,143,153,166,170,184,193],"massive":[30],"number":[31,110,130],"of":[32,55,112,162],"variants.":[34],"However,":[35],"most":[36],"detection":[39,73,85],"only":[41],"output":[42],"a":[43,133,139,163],"label":[44],"users,":[46],"and":[47,86,191],"these":[48,70],"labels":[49],"mainly":[51],"unexplainable.":[52],"lack":[54],"transparency":[56],"has":[57],"introduced":[58],"black-box":[60],"attacks.":[61],"Malware":[62],"developers":[63],"can":[64,89],"develop":[65],"adversarial":[66],"examples":[67],"systems.":[74],"In":[75],"this":[76,102],"paper,":[77],"we":[78,105,124,151],"an":[80,120],"effective":[81],"approach":[82,177],"for":[83],"explanation,":[87],"locate":[90,198],"malicious":[91,199],"code":[92,200],"snippets":[93],"by":[94,188],"explaining":[95],"classifier":[98],"decision":[99,140],"result.":[100],"To":[101],"end,":[103],"firstly,":[104],"get":[106],"system":[108,128],"call":[109,129],"sequence":[111,131,164],"target":[114,144],"sample":[115,145],"instrumentation":[117],"tools":[118],"in":[119,169],"elaborated":[121],"sandbox.":[122],"Secondly,":[123],"feed":[125],"mapped":[127],"into":[132],"deep":[134],"learning":[135],"model":[136],"make":[138],"on":[141],"whether":[142],"is":[146],"benign":[147],"or":[148],"malicious.":[149],"Thirdly,":[150],"adopt":[152],"Layer-wise":[154],"Relevance":[155],"Propagation":[156],"algorithm":[157],"find":[159],"slice":[161],"makes":[165],"greatest":[167],"contribution":[168],"decision.":[171],"Our":[172],"evaluation":[173],"demonstrates":[174],"that":[175],"our":[176],"achieves":[178],"high":[179],"classification":[180],"accuracy":[181],"(97.39%),":[182],"reduces":[183],"neural":[185],"network":[186],"size":[187],"20":[189],"times,":[190],"saves":[192],"analyst":[195],"time":[196],"snippets.":[201]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2022,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}