{"id":"https://openalex.org/W2489398155","doi":"https://doi.org/10.1109/mipro.2016.7522360","title":"Can malware analysts be assisted in their work using techniques from machine learning?","display_name":"Can malware analysts be assisted in their work using techniques from machine learning?","publication_year":2016,"publication_date":"2016-05-01","ids":{"openalex":"https://openalex.org/W2489398155","doi":"https://doi.org/10.1109/mipro.2016.7522360","mag":"2489398155"},"language":"en","primary_location":{"id":"doi:10.1109/mipro.2016.7522360","is_oa":false,"landing_page_url":"https://doi.org/10.1109/mipro.2016.7522360","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2016 39th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5009620802","display_name":"Igor Novkovi\u0107","orcid":null},"institutions":[{"id":"https://openalex.org/I181343428","display_name":"University of Zagreb","ror":"https://ror.org/00mv6sv71","country_code":"HR","type":"education","lineage":["https://openalex.org/I181343428"]}],"countries":["HR"],"is_corresponding":true,"raw_author_name":"Igor Novkovic","raw_affiliation_strings":["Faculty of Electrical and Computing Engineering, University of Zagreb, Zagreb, Croatia"],"affiliations":[{"raw_affiliation_string":"Faculty of Electrical and Computing Engineering, University of Zagreb, Zagreb, Croatia","institution_ids":["https://openalex.org/I181343428"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5023734196","display_name":"Stjepan Gro\u0161","orcid":"https://orcid.org/0000-0001-6619-2859"},"institutions":[{"id":"https://openalex.org/I181343428","display_name":"University of Zagreb","ror":"https://ror.org/00mv6sv71","country_code":"HR","type":"education","lineage":["https://openalex.org/I181343428"]}],"countries":["HR"],"is_corresponding":false,"raw_author_name":"Stjepan Gros","raw_affiliation_strings":["Faculty of Electrical and Computing Engineering, University of Zagreb, Zagreb, Croatia"],"affiliations":[{"raw_affiliation_string":"Faculty of Electrical and Computing Engineering, University of Zagreb, Zagreb, Croatia","institution_ids":["https://openalex.org/I181343428"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5009620802"],"corresponding_institution_ids":["https://openalex.org/I181343428"],"apc_list":null,"apc_paid":null,"fwci":0.5044,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.63552459,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"1408","last_page":"1413"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9972000122070312,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/debugger","display_name":"Debugger","score":0.9561469554901123},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8959534168243408},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8496310710906982},{"id":"https://openalex.org/keywords/debugging","display_name":"Debugging","score":0.829824686050415},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.7904623746871948},{"id":"https://openalex.org/keywords/cryptovirology","display_name":"Cryptovirology","score":0.7384035587310791},{"id":"https://openalex.org/keywords/plug-in","display_name":"Plug-in","score":0.6620165109634399},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5654813051223755},{"id":"https://openalex.org/keywords/system-call","display_name":"System call","score":0.5476119518280029},{"id":"https://openalex.org/keywords/point","display_name":"Point (geometry)","score":0.5153366923332214},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.43115562200546265},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.42245322465896606},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.15586307644844055}],"concepts":[{"id":"https://openalex.org/C2778485113","wikidata":"https://www.wikidata.org/wiki/Q193231","display_name":"Debugger","level":3,"score":0.9561469554901123},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8959534168243408},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8496310710906982},{"id":"https://openalex.org/C168065819","wikidata":"https://www.wikidata.org/wiki/Q845566","display_name":"Debugging","level":2,"score":0.829824686050415},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.7904623746871948},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.7384035587310791},{"id":"https://openalex.org/C4924752","wikidata":"https://www.wikidata.org/wiki/Q184148","display_name":"Plug-in","level":2,"score":0.6620165109634399},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5654813051223755},{"id":"https://openalex.org/C2778579508","wikidata":"https://www.wikidata.org/wiki/Q722192","display_name":"System call","level":2,"score":0.5476119518280029},{"id":"https://openalex.org/C28719098","wikidata":"https://www.wikidata.org/wiki/Q44946","display_name":"Point (geometry)","level":2,"score":0.5153366923332214},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.43115562200546265},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.42245322465896606},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.15586307644844055},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/mipro.2016.7522360","is_oa":false,"landing_page_url":"https://doi.org/10.1109/mipro.2016.7522360","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2016 39th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":5,"referenced_works":["https://openalex.org/W1167346692","https://openalex.org/W2084191355","https://openalex.org/W2151135920","https://openalex.org/W4242554684","https://openalex.org/W6922295283"],"related_works":["https://openalex.org/W2489398155","https://openalex.org/W2998557533","https://openalex.org/W2965893286","https://openalex.org/W2982096504","https://openalex.org/W2991580804","https://openalex.org/W2548537835","https://openalex.org/W3211525895","https://openalex.org/W2743799202","https://openalex.org/W2469346691","https://openalex.org/W2183680341"],"abstract_inverted_index":{"When":[0],"a":[1,126,142,159,162,187],"malware":[2,27,46,54,117,147,177],"analyst":[3,103,178],"analyzes":[4],"some":[5,62],"code":[6,60],"to":[7,21,31,38,40,73,79,96,132,145,157,180,199,202,207],"determine":[8],"if":[9,75,87,106],"it's":[10],"malicious":[11],"or":[12,69,82,110],"not":[13],"and":[14,134,171,193],"what":[15,179],"it":[16,33,107,155],"is":[17,77,90,108,114,153,154],"doing,":[18],"he":[19,76],"has":[20,72],"overcome":[22],"protections":[23],"built":[24],"in":[25,61,124],"by":[26],"writer":[28,118],"that":[29,50,52,101,115,128,189,195],"tries":[30],"make":[32,146],"as":[34,36],"hard":[35,131],"possible":[37,156],"get":[39],"the":[41,45,59,88,92,151,167,205,208],"main":[42],"functionality":[43],"of":[44],"code.":[47],"In":[48,182],"practice":[49],"means":[51],"when":[53],"analyst,":[55],"while":[56],"stepping":[57],"through":[58],"debugger":[63,163],"like":[64],"OllyDbg,":[65],"hits":[66],"call":[67,81,89,169],"instruction":[68,170],"something":[70],"similar":[71],"decide":[74],"going":[78],"follow":[80],"skip":[83,97],"over":[84],"it.":[85],"Obviously,":[86],"unimportant":[91],"best":[93],"would":[94,196],"be":[95,200],"it,":[98,174],"but":[99],"at":[100],"point":[102],"doesn't":[104],"know":[105],"important":[109],"not.":[111],"The":[112],"problem":[113],"creative":[116],"can":[119,137,175],"use":[120],"anti":[121],"debug":[122],"techniques":[123],"such":[125],"way":[127],"they":[129,136],"are":[130,191],"recognize":[133],"analyze,":[135],"even":[138],"come":[139],"up":[140],"with":[141],"new":[143],"ways":[144],"analysis":[148],"harder.":[149],"So,":[150],"question":[152],"write":[158],"plugin":[160],"for":[161],"that,":[164],"based":[165],"on":[166],"current":[168],"data":[172],"behind":[173],"suggest":[176],"do?":[181],"this":[183],"paper":[184],"we":[185,190],"present":[186],"system":[188],"designing":[192],"developing":[194],"allow":[197],"experiments":[198],"performed":[201],"find":[203],"out":[204],"answer":[206],"aforementioned":[209],"question.":[210]},"counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2021,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2016,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}