{"id":"https://openalex.org/W2982387621","doi":"https://doi.org/10.1109/nextcomp.2019.8883668","title":"Bytecode Heuristic Signatures for Detecting Malware Behavior","display_name":"Bytecode Heuristic Signatures for Detecting Malware Behavior","publication_year":2019,"publication_date":"2019-09-01","ids":{"openalex":"https://openalex.org/W2982387621","doi":"https://doi.org/10.1109/nextcomp.2019.8883668","mag":"2982387621"},"language":"en","primary_location":{"id":"doi:10.1109/nextcomp.2019.8883668","is_oa":false,"landing_page_url":"https://doi.org/10.1109/nextcomp.2019.8883668","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2019 Conference on Next Generation Computing Applications (NextComp)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5082778080","display_name":"Gheorghe H\u0103jm\u0103\u015fan","orcid":"https://orcid.org/0000-0001-8664-8956"},"institutions":[{"id":"https://openalex.org/I158333966","display_name":"Technical University of Cluj-Napoca","ror":"https://ror.org/03r8nwp71","country_code":"RO","type":"education","lineage":["https://openalex.org/I158333966"]}],"countries":["RO"],"is_corresponding":true,"raw_author_name":"Gheorghe Hajmasan","raw_affiliation_strings":["Bitdefender, Technical University of Cluj-Napoca, Cluj-Napoca, Romania"],"affiliations":[{"raw_affiliation_string":"Bitdefender, Technical University of Cluj-Napoca, Cluj-Napoca, Romania","institution_ids":["https://openalex.org/I158333966"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5028348108","display_name":"Alexandra Mondoc","orcid":null},"institutions":[{"id":"https://openalex.org/I3125347698","display_name":"Babe\u0219-Bolyai University","ror":"https://ror.org/02rmd1t30","country_code":"RO","type":"education","lineage":["https://openalex.org/I3125347698"]}],"countries":["RO"],"is_corresponding":false,"raw_author_name":"Alexandra Mondoc","raw_affiliation_strings":["Bitdefender, Babes-Bolyai University, Cluj-Napoca, Romania"],"affiliations":[{"raw_affiliation_string":"Bitdefender, Babes-Bolyai University, Cluj-Napoca, Romania","institution_ids":["https://openalex.org/I3125347698"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5030846791","display_name":"Octavian Cre\u0163","orcid":"https://orcid.org/0000-0002-6657-634X"},"institutions":[{"id":"https://openalex.org/I158333966","display_name":"Technical University of Cluj-Napoca","ror":"https://ror.org/03r8nwp71","country_code":"RO","type":"education","lineage":["https://openalex.org/I158333966"]}],"countries":["RO"],"is_corresponding":false,"raw_author_name":"Octavian Cret","raw_affiliation_strings":["Bitdefender, Technical University of Cluj-Napoca, Cluj-Napoca, Romania"],"affiliations":[{"raw_affiliation_string":"Bitdefender, Technical University of Cluj-Napoca, Cluj-Napoca, Romania","institution_ids":["https://openalex.org/I158333966"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5082778080"],"corresponding_institution_ids":["https://openalex.org/I158333966"],"apc_list":null,"apc_paid":null,"fwci":0.1659,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.46004664,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/bytecode","display_name":"Bytecode","score":0.919152557849884},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8349405527114868},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.7580860257148743},{"id":"https://openalex.org/keywords/heuristics","display_name":"Heuristics","score":0.7286902070045471},{"id":"https://openalex.org/keywords/heuristic","display_name":"Heuristic","score":0.5316793322563171},{"id":"https://openalex.org/keywords/hash-function","display_name":"Hash function","score":0.49243292212486267},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.4734587073326111},{"id":"https://openalex.org/keywords/evasion","display_name":"Evasion (ethics)","score":0.432861328125},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.3618999719619751},{"id":"https://openalex.org/keywords/virtual-machine","display_name":"Virtual machine","score":0.3027021884918213},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2589484453201294},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.21402668952941895},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.14923399686813354}],"concepts":[{"id":"https://openalex.org/C2779818221","wikidata":"https://www.wikidata.org/wiki/Q837330","display_name":"Bytecode","level":3,"score":0.919152557849884},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8349405527114868},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.7580860257148743},{"id":"https://openalex.org/C127705205","wikidata":"https://www.wikidata.org/wiki/Q5748245","display_name":"Heuristics","level":2,"score":0.7286902070045471},{"id":"https://openalex.org/C173801870","wikidata":"https://www.wikidata.org/wiki/Q201413","display_name":"Heuristic","level":2,"score":0.5316793322563171},{"id":"https://openalex.org/C99138194","wikidata":"https://www.wikidata.org/wiki/Q183427","display_name":"Hash function","level":2,"score":0.49243292212486267},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.4734587073326111},{"id":"https://openalex.org/C2781251061","wikidata":"https://www.wikidata.org/wiki/Q5416089","display_name":"Evasion (ethics)","level":3,"score":0.432861328125},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.3618999719619751},{"id":"https://openalex.org/C25344961","wikidata":"https://www.wikidata.org/wiki/Q192726","display_name":"Virtual machine","level":2,"score":0.3027021884918213},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2589484453201294},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.21402668952941895},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.14923399686813354},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C8891405","wikidata":"https://www.wikidata.org/wiki/Q1059","display_name":"Immune system","level":2,"score":0.0},{"id":"https://openalex.org/C203014093","wikidata":"https://www.wikidata.org/wiki/Q101929","display_name":"Immunology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/nextcomp.2019.8883668","is_oa":false,"landing_page_url":"https://doi.org/10.1109/nextcomp.2019.8883668","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2019 Conference on Next Generation Computing Applications (NextComp)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.4699999988079071,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":16,"referenced_works":["https://openalex.org/W1570974058","https://openalex.org/W1956767865","https://openalex.org/W2003568760","https://openalex.org/W2127969088","https://openalex.org/W2171035369","https://openalex.org/W2204544304","https://openalex.org/W2294212083","https://openalex.org/W2469346691","https://openalex.org/W2485666843","https://openalex.org/W2610857953","https://openalex.org/W2611403322","https://openalex.org/W2744095836","https://openalex.org/W2780061022","https://openalex.org/W2888498482","https://openalex.org/W6640826072","https://openalex.org/W6722450409"],"related_works":["https://openalex.org/W1889284597","https://openalex.org/W2783112941","https://openalex.org/W4387298227","https://openalex.org/W2526398307","https://openalex.org/W2470029541","https://openalex.org/W4387065217","https://openalex.org/W4368275542","https://openalex.org/W4285357721","https://openalex.org/W2470502009","https://openalex.org/W3152957156"],"abstract_inverted_index":{"For":[0],"a":[1,22,27,83,130],"long":[2],"time,":[3,25],"the":[4,13,41,45,61,102,125,144],"most":[5],"important":[6],"approach":[7,20,85,118],"for":[8],"detecting":[9],"malicious":[10],"applications":[11],"was":[12],"use":[14],"of":[15,47,57,63,72,104,110,146],"static,":[16],"hash-based":[17],"signatures.":[18,111],"This":[19],"provides":[21],"fast":[23],"response":[24],"has":[26],"low":[28],"performance":[29],"overhead":[30],"and":[31,59],"is":[32],"very":[33],"stable":[34],"due":[35],"to":[36,68,92,121,128,135,141],"its":[37],"simplicity.":[38],"However,":[39],"with":[40,108],"rapid":[42],"growth":[43],"in":[44,55,70],"number":[46],"malware,":[48],"as":[49,51,77],"well":[50],"their":[52],"increased":[53],"complexity":[54],"terms":[56],"polymorphism":[58],"evasion,":[60],"era":[62],"reactive":[64],"security":[65],"solutions":[66],"started":[67],"fade":[69],"favor":[71],"new,":[73],"proactive":[74,94],"approaches":[75],"such":[76],"behavior":[78,95,105,131,147],"based":[79,106,132],"detection.":[80],"We":[81],"propose":[82],"novel":[84],"that":[86],"uses":[87],"an":[88],"interpreter":[89],"virtual":[90],"machine":[91],"run":[93],"heuristics":[96],"from":[97,143],"bytecode":[98],"signatures,":[99],"thus":[100],"combining":[101],"advantages":[103],"detection":[107,133],"those":[109],"Based":[112],"on":[113],"our":[114],"approximation,":[115],"using":[116],"this":[117],"we":[119],"succeeded":[120],"reduce":[122],"by":[123],"85%":[124],"time":[126],"required":[127],"update":[129],"solution":[134],"detect":[136],"new":[137],"threats,":[138],"while":[139],"continuing":[140],"benefit":[142],"versatility":[145],"heuristics.":[148]},"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}