{"id":"https://openalex.org/W7116978521","doi":"https://doi.org/10.1109/itnac66378.2025.11302628","title":"Detection of Fileless Malware through Network Traffic Analysis","display_name":"Detection of Fileless Malware through Network Traffic Analysis","publication_year":2025,"publication_date":"2025-11-26","ids":{"openalex":"https://openalex.org/W7116978521","doi":"https://doi.org/10.1109/itnac66378.2025.11302628"},"language":null,"primary_location":{"id":"doi:10.1109/itnac66378.2025.11302628","is_oa":false,"landing_page_url":"https://doi.org/10.1109/itnac66378.2025.11302628","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE 35th International Telecommunication Networks and Applications Conference (ITNAC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://openrepository.aut.ac.nz/bitstreams/b4542e8a-1625-40a6-84d2-fca62eae83dc/download","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5121118751","display_name":"Ayesha Ajmal","orcid":null},"institutions":[{"id":"https://openalex.org/I39854758","display_name":"Auckland University of Technology","ror":"https://ror.org/01zvqw119","country_code":"NZ","type":"education","lineage":["https://openalex.org/I39854758"]},{"id":"https://openalex.org/I154130895","display_name":"University of Auckland","ror":"https://ror.org/03b94tp07","country_code":"NZ","type":"education","lineage":["https://openalex.org/I154130895"]}],"countries":["NZ"],"is_corresponding":true,"raw_author_name":"Ayesha Ajmal","raw_affiliation_strings":["Auckland University of Technology,Department of Computer and Information Sciences,Auckland,New Zealand"],"affiliations":[{"raw_affiliation_string":"Auckland University of Technology,Department of Computer and Information Sciences,Auckland,New Zealand","institution_ids":["https://openalex.org/I39854758","https://openalex.org/I154130895"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5008184865","display_name":"Maryam Doborjeh","orcid":"https://orcid.org/0000-0003-4953-0662"},"institutions":[{"id":"https://openalex.org/I154130895","display_name":"University of Auckland","ror":"https://ror.org/03b94tp07","country_code":"NZ","type":"education","lineage":["https://openalex.org/I154130895"]},{"id":"https://openalex.org/I39854758","display_name":"Auckland University of Technology","ror":"https://ror.org/01zvqw119","country_code":"NZ","type":"education","lineage":["https://openalex.org/I39854758"]}],"countries":["NZ"],"is_corresponding":false,"raw_author_name":"Maryam Doborjeh","raw_affiliation_strings":["Auckland University of Technology,Department of Computer and Information Sciences,Auckland,New Zealand"],"affiliations":[{"raw_affiliation_string":"Auckland University of Technology,Department of Computer and Information Sciences,Auckland,New Zealand","institution_ids":["https://openalex.org/I39854758","https://openalex.org/I154130895"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5112822567","display_name":"Jairo A. Guti\u00e9rrez","orcid":null},"institutions":[{"id":"https://openalex.org/I154130895","display_name":"University of Auckland","ror":"https://ror.org/03b94tp07","country_code":"NZ","type":"education","lineage":["https://openalex.org/I154130895"]},{"id":"https://openalex.org/I39854758","display_name":"Auckland University of Technology","ror":"https://ror.org/01zvqw119","country_code":"NZ","type":"education","lineage":["https://openalex.org/I39854758"]}],"countries":["NZ"],"is_corresponding":false,"raw_author_name":"Jairo Gutierrez","raw_affiliation_strings":["Auckland University of Technology,Department of Computer and Information Sciences,Auckland,New Zealand"],"affiliations":[{"raw_affiliation_string":"Auckland University of Technology,Department of Computer and Information Sciences,Auckland,New Zealand","institution_ids":["https://openalex.org/I39854758","https://openalex.org/I154130895"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5121118751"],"corresponding_institution_ids":["https://openalex.org/I154130895","https://openalex.org/I39854758"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.66552012,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"4"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.39739999175071716,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.39739999175071716,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.2517000138759613,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.08209999650716782,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8208000063896179},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.65420001745224},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.5490999817848206},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.507099986076355},{"id":"https://openalex.org/keywords/focus","display_name":"Focus (optics)","score":0.4580000042915344},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.447299987077713},{"id":"https://openalex.org/keywords/feature","display_name":"Feature (linguistics)","score":0.445499986410141}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8208000063896179},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7793999910354614},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.65420001745224},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.5490999817848206},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.507099986076355},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.4580000042915344},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.447299987077713},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.445499986410141},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.4088999927043915},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.4081000089645386},{"id":"https://openalex.org/C204679922","wikidata":"https://www.wikidata.org/wiki/Q734252","display_name":"Deep packet inspection","level":3,"score":0.4065999984741211},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.39480000734329224},{"id":"https://openalex.org/C2780009758","wikidata":"https://www.wikidata.org/wiki/Q6804172","display_name":"Measure (data warehouse)","level":2,"score":0.3903999924659729},{"id":"https://openalex.org/C52622490","wikidata":"https://www.wikidata.org/wiki/Q1026626","display_name":"Feature extraction","level":2,"score":0.3716000020503998},{"id":"https://openalex.org/C2781317605","wikidata":"https://www.wikidata.org/wiki/Q7832483","display_name":"Traffic analysis","level":2,"score":0.3684999942779541},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.33250001072883606},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.272599995136261},{"id":"https://openalex.org/C158251709","wikidata":"https://www.wikidata.org/wiki/Q354025","display_name":"Intrusion","level":2,"score":0.265500009059906},{"id":"https://openalex.org/C32946077","wikidata":"https://www.wikidata.org/wiki/Q618079","display_name":"Network analysis","level":2,"score":0.2574999928474426},{"id":"https://openalex.org/C2775941552","wikidata":"https://www.wikidata.org/wiki/Q25212305","display_name":"Isolation (microbiology)","level":2,"score":0.2538999915122986}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/itnac66378.2025.11302628","is_oa":false,"landing_page_url":"https://doi.org/10.1109/itnac66378.2025.11302628","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE 35th International Telecommunication Networks and Applications Conference (ITNAC)","raw_type":"proceedings-article"},{"id":"pmh:oai:openrepository.aut.ac.nz:10292/20471","is_oa":true,"landing_page_url":"http://hdl.handle.net/10292/20471","pdf_url":"https://openrepository.aut.ac.nz/bitstreams/b4542e8a-1625-40a6-84d2-fca62eae83dc/download","source":{"id":"https://openalex.org/S4306401809","display_name":"Tuwhera (Auckland University of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I39854758","host_organization_name":"Auckland University of Technology","host_organization_lineage":["https://openalex.org/I39854758"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Conference Contribution"}],"best_oa_location":{"id":"pmh:oai:openrepository.aut.ac.nz:10292/20471","is_oa":true,"landing_page_url":"http://hdl.handle.net/10292/20471","pdf_url":"https://openrepository.aut.ac.nz/bitstreams/b4542e8a-1625-40a6-84d2-fca62eae83dc/download","source":{"id":"https://openalex.org/S4306401809","display_name":"Tuwhera (Auckland University of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I39854758","host_organization_name":"Auckland University of Technology","host_organization_lineage":["https://openalex.org/I39854758"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Conference Contribution"},"sustainable_development_goals":[{"score":0.5920349359512329,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W7116978521.pdf","grobid_xml":"https://content.openalex.org/works/W7116978521.grobid-xml"},"referenced_works_count":10,"referenced_works":["https://openalex.org/W2981709650","https://openalex.org/W3037421371","https://openalex.org/W4307570965","https://openalex.org/W4327952342","https://openalex.org/W4387396224","https://openalex.org/W4389687949","https://openalex.org/W4393973440","https://openalex.org/W4403212493","https://openalex.org/W4403912518","https://openalex.org/W4405271955"],"related_works":[],"abstract_inverted_index":{"The":[0,157],"rapid":[1],"growth":[2],"of":[3,108,116,153],"fileless":[4,72,123,141,155],"malware":[5,73,124],"raises":[6],"a":[7,19,35,46,91,131],"fundamental":[8],"challenge":[9],"to":[10,33,149],"existing":[11,169],"cybersecurity":[12],"frameworks.":[13],"These":[14],"malwares":[15],"operate":[16],"entirely":[17],"within":[18,126],"system\u2019s":[20],"volatile":[21],"memory":[22],"without":[23],"creating":[24],"malicious":[25],"files":[26],"on":[27,174],"the":[28,137,151,162,168],"disk.":[29],"This":[30,80],"research":[31,110],"aims":[32],"overcome":[34],"critical":[36],"gap":[37],"in":[38,167],"Network":[39,75],"Intrusion":[40],"Detection":[41],"System":[42],"(NIDS)":[43],"by":[44],"proposing":[45,130],"novel":[47],"hybrid":[48,132],"deep-learning":[49,133],"framework.":[50],"Traditional":[51],"signature-based":[52],"detection":[53,138],"methods":[54],"prove":[55],"ineffective":[56],"against":[57],"these":[58],"memory-resident":[59],"threats,":[60],"consequently":[61],"this":[62,109],"investigation":[63],"details":[64],"advanced":[65],"feature":[66,117],"extraction":[67,118],"methodologies":[68],"which":[69,97],"can":[70],"identify":[71],"using":[74],"Packet":[76],"Capture":[77],"(PCAP)":[78],"files.":[79],"study":[81],"will":[82,111,160],"employ":[83],"Design":[84],"Science":[85],"Research":[86],"(DSR)":[87],"integrating":[88],"it":[89],"with":[90],"Design-Oriented":[92],"Machine":[93],"Learning":[94],"(DS-ML)":[95],"methodology":[96],"ensures":[98],"systematic":[99],"and":[100,103,143],"rigorous":[101],"development":[102,115],"evaluation":[104,147],"process.":[105],"Key":[106],"contributions":[107],"be:":[112],"1)":[113],"holistic":[114],"mechanism":[119],"that":[120,164,171],"effectively":[121],"captures":[122],"behavior":[125],"network":[127],"traffic,":[128],"2)":[129],"model":[134],"for":[135,140],"optimizing":[136],"techniques":[139],"malware,":[142],"3)":[144],"constituting":[145],"specific":[146],"metrics":[148],"measure":[150],"accuracy":[152],"detecting":[154,175],"malware.":[156,177],"resultant":[158],"framework":[159],"discuss":[161],"limitations":[163],"are":[165],"present":[166],"approaches":[170],"primarily":[172],"focus":[173],"file-based":[176]},"counts_by_year":[],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-12-23T00:00:00"}