{"id":"https://openalex.org/W2900494577","doi":"https://doi.org/10.1109/malware.2018.8659358","title":"Behavioral Malware Classification using Convolutional Recurrent Neural Networks","display_name":"Behavioral Malware Classification using Convolutional Recurrent Neural Networks","publication_year":2018,"publication_date":"2018-10-01","ids":{"openalex":"https://openalex.org/W2900494577","doi":"https://doi.org/10.1109/malware.2018.8659358","mag":"2900494577"},"language":"en","primary_location":{"id":"doi:10.1109/malware.2018.8659358","is_oa":false,"landing_page_url":"https://doi.org/10.1109/malware.2018.8659358","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2018 13th International Conference on Malicious and Unwanted Software (MALWARE)","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/1811.07842","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5038119845","display_name":"Bander Alsulami","orcid":null},"institutions":[{"id":"https://openalex.org/I72816309","display_name":"Drexel University","ror":"https://ror.org/04bdffz58","country_code":"US","type":"education","lineage":["https://openalex.org/I72816309"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Bander Alsulami","raw_affiliation_strings":["Drexel University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Drexel University","institution_ids":["https://openalex.org/I72816309"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5004087073","display_name":"Spiros Mancoridis","orcid":"https://orcid.org/0000-0001-6354-4281"},"institutions":[{"id":"https://openalex.org/I72816309","display_name":"Drexel University","ror":"https://ror.org/04bdffz58","country_code":"US","type":"education","lineage":["https://openalex.org/I72816309"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Spiros Mancoridis","raw_affiliation_strings":["Drexel University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Drexel University","institution_ids":["https://openalex.org/I72816309"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.1325686,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"103","last_page":"111"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9728000164031982,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9449660181999207},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7762686610221863},{"id":"https://openalex.org/keywords/convolutional-neural-network","display_name":"Convolutional neural network","score":0.5977828502655029},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5188292264938354},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4404321312904358},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.43737685680389404},{"id":"https://openalex.org/keywords/cryptovirology","display_name":"Cryptovirology","score":0.42969390749931335},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2903463840484619}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9449660181999207},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7762686610221863},{"id":"https://openalex.org/C81363708","wikidata":"https://www.wikidata.org/wiki/Q17084460","display_name":"Convolutional neural network","level":2,"score":0.5977828502655029},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5188292264938354},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4404321312904358},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.43737685680389404},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.42969390749931335},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2903463840484619}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1109/malware.2018.8659358","is_oa":false,"landing_page_url":"https://doi.org/10.1109/malware.2018.8659358","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2018 13th International Conference on Malicious and Unwanted Software (MALWARE)","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:1811.07842","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1811.07842","pdf_url":"https://arxiv.org/pdf/1811.07842","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"mag:2900494577","is_oa":true,"landing_page_url":"http://export.arxiv.org/pdf/1811.07842","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"arXiv (Cornell University)","raw_type":null},{"id":"doi:10.48550/arxiv.1811.07842","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.1811.07842","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:1811.07842","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1811.07842","pdf_url":"https://arxiv.org/pdf/1811.07842","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2900494577.pdf","grobid_xml":"https://content.openalex.org/works/W2900494577.grobid-xml"},"referenced_works_count":36,"referenced_works":["https://openalex.org/W114517082","https://openalex.org/W1482612322","https://openalex.org/W1523919301","https://openalex.org/W1591082683","https://openalex.org/W1792904922","https://openalex.org/W1832693441","https://openalex.org/W1851403712","https://openalex.org/W1963563131","https://openalex.org/W2000159976","https://openalex.org/W2038705219","https://openalex.org/W2043128754","https://openalex.org/W2057079516","https://openalex.org/W2066220442","https://openalex.org/W2079735306","https://openalex.org/W2091825929","https://openalex.org/W2126047957","https://openalex.org/W2138471478","https://openalex.org/W2138644293","https://openalex.org/W2144112223","https://openalex.org/W2250539671","https://openalex.org/W2292109572","https://openalex.org/W2911964244","https://openalex.org/W4230683138","https://openalex.org/W6604196288","https://openalex.org/W6605103849","https://openalex.org/W6629376184","https://openalex.org/W6632180709","https://openalex.org/W6634623742","https://openalex.org/W6636268891","https://openalex.org/W6637902766","https://openalex.org/W6639223989","https://openalex.org/W6674330103","https://openalex.org/W6675354045","https://openalex.org/W6678051712","https://openalex.org/W6682126143","https://openalex.org/W6713134421"],"related_works":["https://openalex.org/W2963650941","https://openalex.org/W3157291221","https://openalex.org/W3108293661","https://openalex.org/W2949719129","https://openalex.org/W2267635142","https://openalex.org/W3133359620","https://openalex.org/W1967489804","https://openalex.org/W1981229864","https://openalex.org/W2765921396","https://openalex.org/W3112012065","https://openalex.org/W2047167450","https://openalex.org/W183693092","https://openalex.org/W2516207621","https://openalex.org/W2539921747","https://openalex.org/W2307930854","https://openalex.org/W2791541601","https://openalex.org/W2897024610","https://openalex.org/W2993762743","https://openalex.org/W3045322569","https://openalex.org/W1972004006"],"abstract_inverted_index":{"Behavioral":[0,27,57],"malware":[1,28,37,58,83,87,97,106,140,155,163,173],"detection":[2,35],"aims":[3,30],"to":[4,31,45,71,96,104,159],"improve":[5],"on":[6,132],"the":[7,34,51,73,90,129,133,169],"performance":[8],"of":[9,36,76,82,86,92,139,171],"static":[10],"signature-based":[11],"techniques":[12,60],"used":[13,53],"by":[14,38,54,99],"anti-virus":[15,55,100,145],"systems,":[16],"which":[17],"are":[18],"less":[19],"effective":[20,152],"against":[21],"modern":[22],"polymorphic":[23],"and":[24,89,120,142,161,165,175],"metamorphic":[25],"malware.":[26],"classification":[29,59],"go":[32],"beyond":[33],"also":[39],"identifying":[40],"a":[41,46,110,115,136],"malware's":[42],"family":[43],"according":[44],"naming":[47,93,147],"scheme":[48],"such":[49,64],"as":[50,65],"ones":[52],"vendors.":[56],"use":[61],"run-time":[62],"features,":[63],"file":[66],"system":[67],"or":[68],"network":[69],"activities,":[70],"capture":[72],"behavioral":[74,105,111],"characteristic":[75],"running":[77],"processes.":[78],"The":[79,149],"increasing":[80],"volume":[81],"samples,":[84],"diversity":[85],"families,":[88],"variety":[91],"schemes":[94],"given":[95],"samples":[98,156,174],"vendors":[101],"present":[102],"challenges":[103],"classifiers.":[107],"We":[108,127],"describe":[109],"classifier":[112],"that":[113,157],"uses":[114],"Convolutional":[116],"Recurrent":[117],"Neural":[118],"Network":[119],"data":[121],"from":[122],"Microsoft":[123],"Windows":[124],"Prefetch":[125],"files.":[126],"demonstrate":[128],"model's":[130],"improvement":[131],"state-of-the-art":[134],"using":[135],"large":[137],"dataset":[138],"families":[141,164],"four":[143],"major":[144],"vendor":[146],"schemes.":[148],"model":[150],"is":[151],"in":[153],"classifying":[154],"belong":[158],"common":[160],"rare":[162],"can":[166],"incrementally":[167],"accommodate":[168],"introduction":[170],"new":[172],"families.":[176]},"counts_by_year":[{"year":2023,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}