{"id":"https://openalex.org/W4391828053","doi":"https://doi.org/10.1109/soli60636.2023.10425463","title":"A SIEM and Multiple Analysis Software Integrated Malware Detection Approach","display_name":"A SIEM and Multiple Analysis Software Integrated Malware Detection Approach","publication_year":2023,"publication_date":"2023-12-11","ids":{"openalex":"https://openalex.org/W4391828053","doi":"https://doi.org/10.1109/soli60636.2023.10425463"},"language":"en","primary_location":{"id":"doi:10.1109/soli60636.2023.10425463","is_oa":false,"landing_page_url":"https://doi.org/10.1109/soli60636.2023.10425463","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE International Conference on Service Operations and Logistics, and Informatics (SOLI)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://figshare.com/articles/conference_contribution/A_SIEM_and_Multiple_Analysis_Software_Integrated_Malware_Detection_Approach/26114284","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5093930944","display_name":"Daiyu Sim","orcid":null},"institutions":[{"id":"https://openalex.org/I168639165","display_name":"Singapore Institute of Technology","ror":"https://ror.org/01v2c2791","country_code":"SG","type":"education","lineage":["https://openalex.org/I168639165"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Daiyu Sim","raw_affiliation_strings":["Infocomm Technology Cluster Singapore Institute of Technology,Singapore","Infocomm Technology Cluster Singapore Institute of Technology, Singapore"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Infocomm Technology Cluster Singapore Institute of Technology,Singapore","institution_ids":["https://openalex.org/I168639165"]},{"raw_affiliation_string":"Infocomm Technology Cluster Singapore Institute of Technology, Singapore","institution_ids":["https://openalex.org/I168639165"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5071022377","display_name":"Huaqun Guo","orcid":"https://orcid.org/0000-0001-6753-6537"},"institutions":[{"id":"https://openalex.org/I168639165","display_name":"Singapore Institute of Technology","ror":"https://ror.org/01v2c2791","country_code":"SG","type":"education","lineage":["https://openalex.org/I168639165"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Huaqun Guo","raw_affiliation_strings":["Infocomm Technology Cluster Singapore Institute of Technology,Singapore","Infocomm Technology Cluster Singapore Institute of Technology, Singapore"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Infocomm Technology Cluster Singapore Institute of Technology,Singapore","institution_ids":["https://openalex.org/I168639165"]},{"raw_affiliation_string":"Infocomm Technology Cluster Singapore Institute of Technology, Singapore","institution_ids":["https://openalex.org/I168639165"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5112268783","display_name":"Luying Zhou","orcid":null},"institutions":[{"id":"https://openalex.org/I168639165","display_name":"Singapore Institute of Technology","ror":"https://ror.org/01v2c2791","country_code":"SG","type":"education","lineage":["https://openalex.org/I168639165"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Luying Zhou","raw_affiliation_strings":["Infocomm Technology Cluster Singapore Institute of Technology,Singapore","Infocomm Technology Cluster Singapore Institute of Technology, Singapore"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Infocomm Technology Cluster Singapore Institute of Technology,Singapore","institution_ids":["https://openalex.org/I168639165"]},{"raw_affiliation_string":"Infocomm Technology Cluster Singapore Institute of Technology, Singapore","institution_ids":["https://openalex.org/I168639165"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.9238,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.76061657,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"7"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9962000250816345,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9632948040962219},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8033523559570312},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.6853023171424866},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6670212149620056},{"id":"https://openalex.org/keywords/cryptovirology","display_name":"Cryptovirology","score":0.6367323994636536},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.5766534805297852},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.55217045545578},{"id":"https://openalex.org/keywords/data-breach","display_name":"Data breach","score":0.48856696486473083},{"id":"https://openalex.org/keywords/event","display_name":"Event (particle physics)","score":0.4287130832672119},{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.4180297255516052},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.41501832008361816},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.3510587811470032},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2114386260509491},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.10577079653739929}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9632948040962219},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8033523559570312},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.6853023171424866},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6670212149620056},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.6367323994636536},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.5766534805297852},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.55217045545578},{"id":"https://openalex.org/C165609540","wikidata":"https://www.wikidata.org/wiki/Q1172486","display_name":"Data breach","level":2,"score":0.48856696486473083},{"id":"https://openalex.org/C2779662365","wikidata":"https://www.wikidata.org/wiki/Q5416694","display_name":"Event (particle physics)","level":2,"score":0.4287130832672119},{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.4180297255516052},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.41501832008361816},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.3510587811470032},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2114386260509491},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.10577079653739929},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/soli60636.2023.10425463","is_oa":false,"landing_page_url":"https://doi.org/10.1109/soli60636.2023.10425463","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE International Conference on Service Operations and Logistics, and Informatics (SOLI)","raw_type":"proceedings-article"},{"id":"pmh:oai:figshare.com:article/26114284","is_oa":true,"landing_page_url":"https://figshare.com/articles/conference_contribution/A_SIEM_and_Multiple_Analysis_Software_Integrated_Malware_Detection_Approach/26114284","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"}],"best_oa_location":{"id":"pmh:oai:figshare.com:article/26114284","is_oa":true,"landing_page_url":"https://figshare.com/articles/conference_contribution/A_SIEM_and_Multiple_Analysis_Software_Integrated_Malware_Detection_Approach/26114284","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.6899999976158142}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":4,"referenced_works":["https://openalex.org/W2972552958","https://openalex.org/W3026718724","https://openalex.org/W3217530273","https://openalex.org/W4200017670"],"related_works":["https://openalex.org/W2964256930","https://openalex.org/W4292056024","https://openalex.org/W2914889256","https://openalex.org/W4389331041","https://openalex.org/W4206205939","https://openalex.org/W4237332204","https://openalex.org/W4392966178","https://openalex.org/W4240330722","https://openalex.org/W3211746486","https://openalex.org/W4293077671"],"abstract_inverted_index":{"The":[0],"organization's":[1],"IT":[2,5],"systems,":[3],"especially":[4],"and":[6,24,35,55,61,77,84,106,140,144,156],"OT":[7],"combined":[8],"systems":[9],"have":[10],"a":[11,45],"large":[12],"surface":[13],"exposed":[14],"to":[15,72,81,98],"sophisticated":[16],"cyber-attacks,":[17],"such":[18,101],"as":[19,102],"Advanced":[20],"Persistent":[21],"Threats":[22],"(APT)":[23],"malware":[25,75,127,153],"variants.":[26],"To":[27],"defend":[28],"against":[29],"those":[30],"cyber":[31],"attackers,":[32],"Security":[33],"Information":[34],"Event":[36],"Management":[37],"(SIEM)":[38],"technologies":[39],"could":[40],"be":[41,82,130],"leveraged.":[42],"SIEM":[43,118],"is":[44],"security":[46,53],"solution":[47],"that":[48,91,125],"helps":[49],"organizations":[50],"recognize":[51],"potential":[52],"threats":[54],"vulnerabilities,":[56],"detects":[57],"user":[58],"behaviour":[59,145],"anomalies,":[60],"provides":[62],"an":[63,116],"incident":[64],"response.":[65],"However,":[66],"the":[67,126,150],"existing":[68],"SIEMs":[69],"are":[70,87],"insufficient":[71],"effectively":[73],"counteract":[74],"attacks,":[76],"more":[78],"functionalities":[79],"need":[80],"developed":[83],"enhanced.":[85],"There":[86],"analysis":[88,122,128],"software":[89],"approaches":[90],"statically":[92],"or":[93],"dynamically":[94],"analyze":[95],"suspicious":[96],"files":[97],"detect":[99],"malware,":[100],"VirusTotal,":[103],"Capa,":[104],"Yara,":[105],"machine":[107],"learning":[108],"(ML)":[109],"algorithms.":[110],"In":[111],"this":[112],"work,":[113],"we":[114,148],"integrate":[115],"open-source":[117],"tool":[119],"with":[120],"multiple":[121],"software,":[123],"so":[124],"can":[129],"conducted":[131],"from":[132,136],"different":[133],"aspects,":[134],"i.e.,":[135],"log":[137],"data,":[138],"static":[139],"dynamic":[141],"code":[142],"analysis,":[143],"analysis.":[146],"And":[147],"demonstrate":[149],"enhanced":[151],"real-time":[152],"detection":[154],"capability":[155],"performance.":[157]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}