{"id":"https://openalex.org/W4411205920","doi":"https://doi.org/10.1109/isdfs65363.2025.11012103","title":"Automated Static Analysis of Linux ELF Malware: Framework and Application","display_name":"Automated Static Analysis of Linux ELF Malware: Framework and Application","publication_year":2025,"publication_date":"2025-04-24","ids":{"openalex":"https://openalex.org/W4411205920","doi":"https://doi.org/10.1109/isdfs65363.2025.11012103"},"language":"en","primary_location":{"id":"doi:10.1109/isdfs65363.2025.11012103","is_oa":false,"landing_page_url":"https://doi.org/10.1109/isdfs65363.2025.11012103","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 13th International Symposium on Digital Forensics and Security (ISDFS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5111267535","display_name":"Jayanthi Ramamoorthy","orcid":null},"institutions":[{"id":"https://openalex.org/I191429286","display_name":"Sam Houston State University","ror":"https://ror.org/00yh3cz06","country_code":"US","type":"education","lineage":["https://openalex.org/I191429286"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Jayanthi Ramamoorthy","raw_affiliation_strings":["Sam Houston State University,Department of Computer Science,Huntsville,TX"],"affiliations":[{"raw_affiliation_string":"Sam Houston State University,Department of Computer Science,Huntsville,TX","institution_ids":["https://openalex.org/I191429286"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086039015","display_name":"Narasimha Shashidhar","orcid":"https://orcid.org/0000-0002-4877-158X"},"institutions":[{"id":"https://openalex.org/I191429286","display_name":"Sam Houston State University","ror":"https://ror.org/00yh3cz06","country_code":"US","type":"education","lineage":["https://openalex.org/I191429286"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Narasimha K Shashidhar","raw_affiliation_strings":["Sam Houston State University,Department of Computer Science,Huntsville,TX"],"affiliations":[{"raw_affiliation_string":"Sam Houston State University,Department of Computer Science,Huntsville,TX","institution_ids":["https://openalex.org/I191429286"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5061796733","display_name":"Cihan Varol","orcid":"https://orcid.org/0000-0002-4940-6808"},"institutions":[{"id":"https://openalex.org/I191429286","display_name":"Sam Houston State University","ror":"https://ror.org/00yh3cz06","country_code":"US","type":"education","lineage":["https://openalex.org/I191429286"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Cihan Varol","raw_affiliation_strings":["Sam Houston State University,Department of Computer Science,Huntsville,TX"],"affiliations":[{"raw_affiliation_string":"Sam Houston State University,Department of Computer Science,Huntsville,TX","institution_ids":["https://openalex.org/I191429286"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5111267535"],"corresponding_institution_ids":["https://openalex.org/I191429286"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.18134622,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"5"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9977999925613403,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9977999925613403,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9850000143051147,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9758999943733215,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8051411509513855},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7778703570365906},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.627013623714447},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.5935064554214478},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.5695882439613342},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.23528456687927246}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8051411509513855},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7778703570365906},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.627013623714447},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.5935064554214478},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.5695882439613342},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.23528456687927246}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/isdfs65363.2025.11012103","is_oa":false,"landing_page_url":"https://doi.org/10.1109/isdfs65363.2025.11012103","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 13th International Symposium on Digital Forensics and Security (ISDFS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W2469507153","https://openalex.org/W2008790809","https://openalex.org/W2768892939","https://openalex.org/W3164408430","https://openalex.org/W4285507391","https://openalex.org/W3107556205","https://openalex.org/W2610659201","https://openalex.org/W2067547021","https://openalex.org/W2805262980","https://openalex.org/W4234891089"],"abstract_inverted_index":{"The":[0,161],"rapid":[1],"evolution":[2],"of":[3,11,102,123,156,163],"Linux":[4,12,182],"malware,":[5],"driven":[6],"by":[7],"an":[8,36],"increased":[9],"use":[10],"in":[13,176],"critical":[14],"infrastructure,":[15],"IoT,":[16],"and":[17,31,82,90,115,158,167,191],"cloud":[18],"environments,":[19],"underscores":[20],"the":[21,43,98,121,124,164],"need":[22],"for":[23,28,39,107],"scalable":[24],"static":[25,40,68,168,196],"analysis":[26,69,77,106,146,169],"techniques":[27],"malware":[29,94,133,184,189,197],"characterization":[30],"detection.":[32],"This":[33],"study":[34,63],"presents":[35],"architecture-agnostic":[37],"framework":[38,166],"analysis,":[41,61,95],"covering":[42],"entire":[44],"pipeline":[45],"from":[46,135],"raw":[47],"ELF":[48,58,88,132],"binaries":[49,134],"to":[50,86,93,152],"machine":[51],"learning-based":[52],"focused":[53],"studies.":[54],"To":[55,119],"facilitate":[56],"large-scale":[57],"mal":[59],"ware":[60],"this":[62,150],"introduces":[64],"elf":[65],"radar,":[66],"a":[67,127,142],"feature":[70,117,170],"extraction":[71,171],"tool":[72,172],"that":[73],"leverages":[74],"open-source":[75],"binary":[76],"frameworks":[78],"such":[79,109],"as":[80,110,179],"Radare2":[81],"LIEF.":[83],"In":[84],"addition":[85],"extracting":[87],"meta-data":[89],"features":[91],"pertinent":[92],"elfradar":[96],"ex-tracts":[97],"Intermediate":[99],"Representation":[100],"(IR)":[101],"opcodes,":[103],"enabling":[104],"architecture-independent":[105],"tasks":[108],"opcode":[111,187],"aggre-gated":[112],"entropy-based":[113,188],"assessments,":[114],"cross-architecture":[116],"extraction.":[118],"demonstrate":[120],"effectiveness":[122],"proposed":[125,165],"framework,":[126],"dataset":[128,151],"comprising":[129],"approximately":[130],"20,000":[131],"VirusShare":[136],"was":[137,147],"processed":[138],"using":[139],"elfradar.":[140],"As":[141],"case":[143],"study,":[144],"outlier":[145],"conducted":[148],"on":[149,195],"identify":[153],"potential":[154],"indicators":[155],"obfuscation":[157],"packed":[159],"samples.":[160],"efficacy":[162],"has":[173],"been":[174],"demonstrated":[175],"other":[177,192],"studies":[178],"well,":[180],"including":[181],"IoT":[183],"variant":[185],"classification,":[186],"detection,":[190],"applications":[193],"focusing":[194],"analysis.":[198]},"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}