{"id":"https://openalex.org/W2771137010","doi":"https://doi.org/10.1109/milcom.2017.8170758","title":"Hierarchical learning for automated malware classification","display_name":"Hierarchical learning for automated malware classification","publication_year":2017,"publication_date":"2017-10-01","ids":{"openalex":"https://openalex.org/W2771137010","doi":"https://doi.org/10.1109/milcom.2017.8170758","mag":"2771137010"},"language":"en","primary_location":{"id":"doi:10.1109/milcom.2017.8170758","is_oa":false,"landing_page_url":"https://doi.org/10.1109/milcom.2017.8170758","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"MILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101153180","display_name":"Shayok Chakraborty","orcid":"https://orcid.org/0000-0001-6378-8286"},"institutions":[{"id":"https://openalex.org/I55732556","display_name":"Arizona State University","ror":"https://ror.org/03efmqc40","country_code":"US","type":"education","lineage":["https://openalex.org/I55732556"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Shayok Chakraborty","raw_affiliation_strings":["Arizona State University, Tempe, AZ, USA"],"affiliations":[{"raw_affiliation_string":"Arizona State University, Tempe, AZ, USA","institution_ids":["https://openalex.org/I55732556"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5059859993","display_name":"Jack W. Stokes","orcid":null},"institutions":[{"id":"https://openalex.org/I1290206253","display_name":"Microsoft (United States)","ror":"https://ror.org/00d0nc645","country_code":"US","type":"company","lineage":["https://openalex.org/I1290206253"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jack W. Stokes","raw_affiliation_strings":["One Microsoft Way, Microsoft Research, Redmond, WA, USA"],"affiliations":[{"raw_affiliation_string":"One Microsoft Way, Microsoft Research, Redmond, WA, USA","institution_ids":["https://openalex.org/I1290206253"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081758689","display_name":"Lin Xiao","orcid":"https://orcid.org/0000-0002-9759-3898"},"institutions":[{"id":"https://openalex.org/I1290206253","display_name":"Microsoft (United States)","ror":"https://ror.org/00d0nc645","country_code":"US","type":"company","lineage":["https://openalex.org/I1290206253"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Lin Xiao","raw_affiliation_strings":["One Microsoft Way, Microsoft Research, Redmond, WA, USA"],"affiliations":[{"raw_affiliation_string":"One Microsoft Way, Microsoft Research, Redmond, WA, USA","institution_ids":["https://openalex.org/I1290206253"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5112456591","display_name":"Dengyong Zhou","orcid":null},"institutions":[{"id":"https://openalex.org/I1290206253","display_name":"Microsoft (United States)","ror":"https://ror.org/00d0nc645","country_code":"US","type":"company","lineage":["https://openalex.org/I1290206253"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Dengyong Zhou","raw_affiliation_strings":["One Microsoft Way, Microsoft Research, Redmond, WA, USA"],"affiliations":[{"raw_affiliation_string":"One Microsoft Way, Microsoft Research, Redmond, WA, USA","institution_ids":["https://openalex.org/I1290206253"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029654238","display_name":"Mady Marinescu","orcid":null},"institutions":[{"id":"https://openalex.org/I1290206253","display_name":"Microsoft (United States)","ror":"https://ror.org/00d0nc645","country_code":"US","type":"company","lineage":["https://openalex.org/I1290206253"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Mady Marinescu","raw_affiliation_strings":["One Microsoft Way, Microsoft Corp., Redmond, WA, USA"],"affiliations":[{"raw_affiliation_string":"One Microsoft Way, Microsoft Corp., Redmond, WA, USA","institution_ids":["https://openalex.org/I1290206253"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5019478468","display_name":"Anil Thomas","orcid":"https://orcid.org/0000-0002-0774-2512"},"institutions":[{"id":"https://openalex.org/I1290206253","display_name":"Microsoft (United States)","ror":"https://ror.org/00d0nc645","country_code":"US","type":"company","lineage":["https://openalex.org/I1290206253"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Anil Thomas","raw_affiliation_strings":["One Microsoft Way, Microsoft Corp., Redmond, WA, USA"],"affiliations":[{"raw_affiliation_string":"One Microsoft Way, Microsoft Corp., Redmond, WA, USA","institution_ids":["https://openalex.org/I1290206253"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5101153180"],"corresponding_institution_ids":["https://openalex.org/I55732556"],"apc_list":null,"apc_paid":null,"fwci":0.3698,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.5943559,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":"2","issue":null,"first_page":"23","last_page":"28"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.861298680305481},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7839012742042542},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.6160804033279419},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5697542428970337},{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.5309464335441589},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.4815921485424042},{"id":"https://openalex.org/keywords/hierarchy","display_name":"Hierarchy","score":0.45924001932144165},{"id":"https://openalex.org/keywords/computer-virus","display_name":"Computer virus","score":0.416044145822525},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.37790000438690186},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.15028536319732666}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.861298680305481},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7839012742042542},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6160804033279419},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5697542428970337},{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.5309464335441589},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.4815921485424042},{"id":"https://openalex.org/C31170391","wikidata":"https://www.wikidata.org/wiki/Q188619","display_name":"Hierarchy","level":2,"score":0.45924001932144165},{"id":"https://openalex.org/C19407854","wikidata":"https://www.wikidata.org/wiki/Q485","display_name":"Computer virus","level":2,"score":0.416044145822525},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.37790000438690186},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.15028536319732666},{"id":"https://openalex.org/C34447519","wikidata":"https://www.wikidata.org/wiki/Q179522","display_name":"Market economy","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/milcom.2017.8170758","is_oa":false,"landing_page_url":"https://doi.org/10.1109/milcom.2017.8170758","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"MILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9","score":0.550000011920929}],"awards":[],"funders":[{"id":"https://openalex.org/F4320321390","display_name":"Fonds De La Recherche Scientifique - FNRS","ror":"https://ror.org/03q83t159"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":36,"referenced_works":["https://openalex.org/W152196245","https://openalex.org/W200681053","https://openalex.org/W1487207002","https://openalex.org/W1532325895","https://openalex.org/W1581009051","https://openalex.org/W1601740268","https://openalex.org/W1910686388","https://openalex.org/W1985936489","https://openalex.org/W2008835805","https://openalex.org/W2009086942","https://openalex.org/W2014566476","https://openalex.org/W2018175892","https://openalex.org/W2048849611","https://openalex.org/W2063862666","https://openalex.org/W2084979543","https://openalex.org/W2091961126","https://openalex.org/W2096199223","https://openalex.org/W2100641262","https://openalex.org/W2121749752","https://openalex.org/W2144112223","https://openalex.org/W2154223969","https://openalex.org/W2157791002","https://openalex.org/W2162657744","https://openalex.org/W2167681385","https://openalex.org/W2169713291","https://openalex.org/W2482374127","https://openalex.org/W2810245342","https://openalex.org/W3004533406","https://openalex.org/W3017285694","https://openalex.org/W6606250027","https://openalex.org/W6608206699","https://openalex.org/W6629167580","https://openalex.org/W6639864006","https://openalex.org/W6678051712","https://openalex.org/W6682953061","https://openalex.org/W6684495928"],"related_works":["https://openalex.org/W4320031223","https://openalex.org/W3015678314","https://openalex.org/W4281902577","https://openalex.org/W4385573555","https://openalex.org/W4281570223","https://openalex.org/W2497191050","https://openalex.org/W3170525725","https://openalex.org/W2166844173","https://openalex.org/W4360996742","https://openalex.org/W2150675148"],"abstract_inverted_index":{"Despite":[0],"widespread":[1],"use":[2],"of":[3,9,54,115,123,129,143,192,199,207],"commercial":[4],"anti-virus":[5,26],"products,":[6],"the":[7,87,97,108,113,127,134,140,144,153,200,210],"number":[8],"malicious":[10,43,124],"files":[11,195],"detected":[12],"on":[13,185],"home":[14],"and":[15,70,111,151],"corporate":[16],"computers":[17],"continues":[18],"to":[19,35,96,161,216],"increase":[20],"at":[21],"a":[22,50,55,60,65,71,186,204,217],"significant":[23,205],"rate.":[24],"Recently,":[25],"companies":[27],"have":[28],"started":[29],"investing":[30],"in":[31,83,147,152,156,209,224],"machine":[32],"learning":[33,118],"solutions":[34],"augment":[36],"signatures":[37],"manually":[38],"designed":[39],"by":[40,172],"analysts.":[41],"A":[42],"file's":[44],"determination":[45],"is":[46,133,159,221],"often":[47],"represented":[48],"as":[49,214],"hierarchical":[51,89,117,141,179],"structure":[52,142],"consisting":[53],"type":[56],"(e.g.":[57,62,67,74],"Worm,":[58],"Backdoor),":[59],"platform":[61],"Win32,":[63],"Win64),":[64],"family":[66,72],"Rbot,":[68],"Rugrat)":[69],"variant":[73],"A,":[75],"B).":[76],"While":[77],"there":[78],"has":[79,100],"been":[80,101],"substantial":[81],"research":[82,136],"automated":[84,121,149],"malware":[85,145,190],"classification,":[86],"aforementioned":[88],"structure,":[90],"which":[91,138,220],"can":[92],"provide":[93],"additional":[94,170],"information":[95],"classification":[98,122,150],"models,":[99],"ignored.":[102],"In":[103],"this":[104,132],"paper,":[105],"we":[106],"propose":[107],"novel":[109],"idea":[110],"study":[112],"performance":[114],"employing":[116],"algorithms":[119],"for":[120],"files.":[125],"To":[126],"best":[128],"our":[130,164],"knowledge,":[131],"first":[135],"effort":[137,171],"incorporates":[139],"label":[146,201],"its":[148],"security":[154],"domain,":[155],"general.":[157],"It":[158],"important":[160],"note":[162],"that":[163,197],"method":[165],"does":[166],"not":[167],"require":[168],"any":[169],"analysts":[173],"because":[174],"they":[175],"typically":[176],"assign":[177],"these":[178],"labels":[180],"today.":[181],"Our":[182],"empirical":[183],"results":[184],"real":[187],"world,":[188],"industrial-scale":[189],"dataset":[191],"3.6":[193],"million":[194],"demonstrate":[196],"incorporation":[198],"hierarchy":[202],"achieves":[203],"reduction":[206],"33.1%":[208],"binary":[211],"error":[212],"rate":[213],"compared":[215],"non-hierarchical":[218],"classifier":[219],"traditionally":[222],"used":[223],"such":[225],"problems.":[226]},"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}