{"id":"https://openalex.org/W3161833296","doi":"https://doi.org/10.1109/isqed51717.2021.9424330","title":"When Machine Learning Meets Hardware Cybersecurity: Delving into Accurate Zero-Day Malware Detection","display_name":"When Machine Learning Meets Hardware Cybersecurity: Delving into Accurate Zero-Day Malware Detection","publication_year":2021,"publication_date":"2021-04-07","ids":{"openalex":"https://openalex.org/W3161833296","doi":"https://doi.org/10.1109/isqed51717.2021.9424330","mag":"3161833296"},"language":"en","primary_location":{"id":"doi:10.1109/isqed51717.2021.9424330","is_oa":false,"landing_page_url":"https://doi.org/10.1109/isqed51717.2021.9424330","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 22nd International Symposium on Quality Electronic Design (ISQED)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5072969885","display_name":"Zhangying He","orcid":"https://orcid.org/0000-0002-5072-2955"},"institutions":[{"id":"https://openalex.org/I59897056","display_name":"California State University, Long Beach","ror":"https://ror.org/0080fxk18","country_code":"US","type":"education","lineage":["https://openalex.org/I59897056"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Zhangying He","raw_affiliation_strings":["California State University, Long Beach, CA, USA"],"affiliations":[{"raw_affiliation_string":"California State University, Long Beach, CA, USA","institution_ids":["https://openalex.org/I59897056"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5027149833","display_name":"Tahereh Miari","orcid":null},"institutions":[{"id":"https://openalex.org/I98947143","display_name":"California State Polytechnic University","ror":"https://ror.org/05by5hm18","country_code":"US","type":"education","lineage":["https://openalex.org/I98947143"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Tahereh Miari","raw_affiliation_strings":["California State Polytechnic University, Pomona, CA, USA"],"affiliations":[{"raw_affiliation_string":"California State Polytechnic University, Pomona, CA, USA","institution_ids":["https://openalex.org/I98947143"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044003457","display_name":"Hosein Mohammadi Makrani","orcid":"https://orcid.org/0000-0002-5088-8728"},"institutions":[{"id":"https://openalex.org/I84218800","display_name":"University of California, Davis","ror":"https://ror.org/05rrcem69","country_code":"US","type":"education","lineage":["https://openalex.org/I84218800"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hosein Mohammadi Makrani","raw_affiliation_strings":["University of California, Davis, CA, USA"],"affiliations":[{"raw_affiliation_string":"University of California, Davis, CA, USA","institution_ids":["https://openalex.org/I84218800"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5074064662","display_name":"Mehrdad Aliasgari","orcid":"https://orcid.org/0000-0002-9019-6857"},"institutions":[{"id":"https://openalex.org/I59897056","display_name":"California State University, Long Beach","ror":"https://ror.org/0080fxk18","country_code":"US","type":"education","lineage":["https://openalex.org/I59897056"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Mehrdad Aliasgari","raw_affiliation_strings":["California State University, Long Beach, CA, USA"],"affiliations":[{"raw_affiliation_string":"California State University, Long Beach, CA, USA","institution_ids":["https://openalex.org/I59897056"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5047382437","display_name":"Houman Homayoun","orcid":"https://orcid.org/0000-0001-8904-4699"},"institutions":[{"id":"https://openalex.org/I84218800","display_name":"University of California, Davis","ror":"https://ror.org/05rrcem69","country_code":"US","type":"education","lineage":["https://openalex.org/I84218800"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Houman Homayoun","raw_affiliation_strings":["University of California, Davis, CA, USA"],"affiliations":[{"raw_affiliation_string":"University of California, Davis, CA, USA","institution_ids":["https://openalex.org/I84218800"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5080844858","display_name":"Hossein Sayadi","orcid":"https://orcid.org/0000-0001-6423-0145"},"institutions":[{"id":"https://openalex.org/I59897056","display_name":"California State University, Long Beach","ror":"https://ror.org/0080fxk18","country_code":"US","type":"education","lineage":["https://openalex.org/I59897056"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hossein Sayadi","raw_affiliation_strings":["California State University, Long Beach, CA, USA"],"affiliations":[{"raw_affiliation_string":"California State University, Long Beach, CA, USA","institution_ids":["https://openalex.org/I59897056"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5072969885"],"corresponding_institution_ids":["https://openalex.org/I59897056"],"apc_list":null,"apc_paid":null,"fwci":4.8756,"has_fulltext":false,"cited_by_count":39,"citation_normalized_percentile":{"value":0.96004057,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"85","last_page":"90"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9314904808998108},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8426724672317505},{"id":"https://openalex.org/keywords/adaboost","display_name":"AdaBoost","score":0.5035318732261658},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4854920208454132},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.45224934816360474},{"id":"https://openalex.org/keywords/false-positive-rate","display_name":"False positive rate","score":0.42640137672424316},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4201580882072449},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.3545847535133362},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.35133954882621765},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3112301826477051},{"id":"https://openalex.org/keywords/support-vector-machine","display_name":"Support vector machine","score":0.23151680827140808}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9314904808998108},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8426724672317505},{"id":"https://openalex.org/C141404830","wikidata":"https://www.wikidata.org/wiki/Q2823869","display_name":"AdaBoost","level":3,"score":0.5035318732261658},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4854920208454132},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.45224934816360474},{"id":"https://openalex.org/C95922358","wikidata":"https://www.wikidata.org/wiki/Q5432725","display_name":"False positive rate","level":2,"score":0.42640137672424316},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4201580882072449},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.3545847535133362},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.35133954882621765},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3112301826477051},{"id":"https://openalex.org/C12267149","wikidata":"https://www.wikidata.org/wiki/Q282453","display_name":"Support vector machine","level":2,"score":0.23151680827140808}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/isqed51717.2021.9424330","is_oa":false,"landing_page_url":"https://doi.org/10.1109/isqed51717.2021.9424330","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 22nd International Symposium on Quality Electronic Design (ISQED)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","score":0.6700000166893005,"display_name":"Industry, innovation and infrastructure"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":29,"referenced_works":["https://openalex.org/W1570713908","https://openalex.org/W1945616565","https://openalex.org/W2034053858","https://openalex.org/W2101234009","https://openalex.org/W2113261561","https://openalex.org/W2166844173","https://openalex.org/W2203388234","https://openalex.org/W2292977173","https://openalex.org/W2508317201","https://openalex.org/W2594364040","https://openalex.org/W2602229646","https://openalex.org/W2807415350","https://openalex.org/W2809457377","https://openalex.org/W2911037141","https://openalex.org/W2945027786","https://openalex.org/W2945097383","https://openalex.org/W2950774332","https://openalex.org/W2963207607","https://openalex.org/W2985324865","https://openalex.org/W3036243698","https://openalex.org/W3083161653","https://openalex.org/W3083702481","https://openalex.org/W3111712354","https://openalex.org/W4256383029","https://openalex.org/W6633968276","https://openalex.org/W6640425456","https://openalex.org/W6675354045","https://openalex.org/W6762493518","https://openalex.org/W6766731539"],"related_works":["https://openalex.org/W2097492617","https://openalex.org/W2753240997","https://openalex.org/W1764168690","https://openalex.org/W2537959205","https://openalex.org/W2740895074","https://openalex.org/W2772446090","https://openalex.org/W2388600609","https://openalex.org/W4283736679","https://openalex.org/W2104955141","https://openalex.org/W195614647"],"abstract_inverted_index":{"Cybersecurity":[0],"for":[1,73,167],"the":[2,8,19,53,77,82,137,160,191,206,209,268],"past":[3],"decades":[4],"has":[5,68],"been":[6],"in":[7,38,101,136,262],"front":[9],"line":[10],"of":[11,48,59,84,105,148,162,179,193,208,218],"global":[12],"attention":[13],"as":[14,40,42,246],"a":[15,120,146,215,247],"critical":[16],"threat":[17],"to":[18,24,45,70,189,204],"information":[20],"technology":[21],"infrastructures.":[22],"According":[23],"recent":[25,149],"security":[26,47],"reports,":[27],"malicious":[28,106],"software":[29],"(a.k.a.":[30],"malware)":[31],"is":[32,119],"rising":[33],"at":[34,76,116,224],"an":[35,200],"alarming":[36],"rate":[37,261],"numbers":[39],"well":[41],"harmful":[43],"purposes":[44],"compromise":[46],"computing":[49],"systems.":[50],"To":[51],"address":[52,190],"high":[54,185],"complexity":[55],"and":[56,171,253],"computational":[57],"overheads":[58],"conventional":[60],"software-based":[61],"detection":[62,170,186],"techniques,":[63],"Hardware-Supported":[64],"Malware":[65],"Detection":[66],"(HMD)":[67],"proved":[69],"be":[71],"efficient":[72],"detecting":[74,111,180,263],"malware":[75,114,169,182,196,211,265],"processors'":[78],"microarchitecture":[79],"level":[80],"with":[81,184,256],"aid":[83],"Machine":[85],"Learning":[86],"(ML)":[87],"techniques":[88],"applied":[89],"on":[90,242],"Hardware":[91],"Performance":[92],"Counter":[93],"(HPC)":[94],"data.":[95],"Existing":[96],"ML-based":[97,150],"HMDs":[98,151],"while":[99],"accurate":[100],"recognizing":[102],"known":[103,132],"signatures":[104,135,183],"patterns,":[107],"have":[108],"not":[109,129,177],"explored":[110],"unknown":[112,181],"(zero-day)":[113],"data":[115,127],"run-time":[117,194,225],"which":[118],"more":[121],"challenging":[122],"problem,":[123],"since":[124],"its":[125],"HPC":[126,154],"does":[128],"match":[130],"any":[131],"attack":[133],"applications'":[134],"existing":[138,227],"database.":[139],"In":[140],"this":[141],"work,":[142],"we":[143,158,198],"first":[144],"present":[145],"review":[147],"utilizing":[152],"built-in":[153],"registers":[155],"information.":[156],"Next,":[157],"examine":[159],"suitability":[161],"various":[163],"standard":[164,210],"ML":[165],"classifiers":[166],"zero-day":[168,195,264],"demonstrate":[172,232],"that":[173,221,233],"such":[174],"methods":[175],"are":[176,222],"capable":[178],"rate.":[187],"Lastly,":[188],"challenge":[192],"detection,":[197],"propose":[199],"ensemble":[201,240],"learning-based":[202],"technique":[203],"enhance":[205],"performance":[207],"detectors":[212],"despite":[213],"using":[214,266],"small":[216],"number":[217],"microarchitectural":[219,271],"features":[220],"captured":[223],"by":[226,237],"HPCs.":[228],"The":[229],"experimental":[230],"results":[231],"our":[234],"proposed":[235],"approach":[236],"applying":[238],"AdaBoost":[239],"learning":[241],"Random":[243],"Forrest":[244],"classifier":[245,249],"regular":[248],"achieves":[250],"92%":[251],"F-measure":[252],"95%":[254],"TPR":[255],"only":[257,267],"2%":[258],"false":[259],"positive":[260],"top":[269],"4":[270],"features.":[272]},"counts_by_year":[{"year":2025,"cited_by_count":7},{"year":2024,"cited_by_count":12},{"year":2023,"cited_by_count":13},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":4}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}