{"id":"https://openalex.org/W4386078284","doi":"https://doi.org/10.1109/tdsc.2023.3307445","title":"Malware Speaks! Deep Learning Based Assembly Code Processing for Detecting Evasive Cryptojacking","display_name":"Malware Speaks! Deep Learning Based Assembly Code Processing for Detecting Evasive Cryptojacking","publication_year":2023,"publication_date":"2023-08-22","ids":{"openalex":"https://openalex.org/W4386078284","doi":"https://doi.org/10.1109/tdsc.2023.3307445"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2023.3307445","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2023.3307445","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5040259531","display_name":"Ganapathy Mani","orcid":"https://orcid.org/0000-0002-8934-6424"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ganapathy Mani","raw_affiliation_strings":["Department of Computer Science, Purdue University, West Lafayatte, IN, USA"],"raw_orcid":"https://orcid.org/0000-0002-8934-6424","affiliations":[{"raw_affiliation_string":"Department of Computer Science, Purdue University, West Lafayatte, IN, USA","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5027897306","display_name":"Myeongsu Kim","orcid":"https://orcid.org/0000-0002-0392-2321"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Myeongsu Kim","raw_affiliation_strings":["Department of Computer Science, Purdue University, West Lafayatte, IN, USA"],"raw_orcid":"https://orcid.org/0000-0002-0392-2321","affiliations":[{"raw_affiliation_string":"Department of Computer Science, Purdue University, West Lafayatte, IN, USA","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5077320731","display_name":"Bharat Bhargava","orcid":"https://orcid.org/0000-0003-3803-8672"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Bharat Bhargava","raw_affiliation_strings":["Department of Computer Science, Purdue University, West Lafayatte, IN, USA"],"raw_orcid":"https://orcid.org/0000-0003-3803-8672","affiliations":[{"raw_affiliation_string":"Department of Computer Science, Purdue University, West Lafayatte, IN, USA","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5031174226","display_name":"Pelin Ang\u0131n","orcid":"https://orcid.org/0000-0002-6419-2043"},"institutions":[{"id":"https://openalex.org/I201799495","display_name":"Middle East Technical University","ror":"https://ror.org/014weej12","country_code":"TR","type":"education","lineage":["https://openalex.org/I201799495"]}],"countries":["TR"],"is_corresponding":false,"raw_author_name":"Pelin Angin","raw_affiliation_strings":["Department of Computer Engineering, Middle East Technical University, Ankara, Turkey"],"raw_orcid":"https://orcid.org/0000-0002-6419-2043","affiliations":[{"raw_affiliation_string":"Department of Computer Engineering, Middle East Technical University, Ankara, Turkey","institution_ids":["https://openalex.org/I201799495"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5011036203","display_name":"Ay\u00e7a Deniz","orcid":"https://orcid.org/0000-0002-9276-4811"},"institutions":[{"id":"https://openalex.org/I201799495","display_name":"Middle East Technical University","ror":"https://ror.org/014weej12","country_code":"TR","type":"education","lineage":["https://openalex.org/I201799495"]}],"countries":["TR"],"is_corresponding":false,"raw_author_name":"Ay\u00e7a Deniz","raw_affiliation_strings":["Department of Computer Engineering, Middle East Technical University, Ankara, Turkey"],"raw_orcid":"https://orcid.org/0000-0002-9276-4811","affiliations":[{"raw_affiliation_string":"Department of Computer Engineering, Middle East Technical University, Ankara, Turkey","institution_ids":["https://openalex.org/I201799495"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5023381616","display_name":"Vikram Pasumarti","orcid":"https://orcid.org/0009-0003-8769-0189"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Vikram Pasumarti","raw_affiliation_strings":["Department of Computer Science, Purdue University, West Lafayatte, IN, USA"],"raw_orcid":"https://orcid.org/0009-0003-8769-0189","affiliations":[{"raw_affiliation_string":"Department of Computer Science, Purdue University, West Lafayatte, IN, USA","institution_ids":["https://openalex.org/I219193219"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.4781,"has_fulltext":false,"cited_by_count":8,"citation_normalized_percentile":{"value":0.83335397,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":"21","issue":"4","first_page":"2461","last_page":"2477"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9958999752998352,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9951000213623047,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7460228204727173},{"id":"https://openalex.org/keywords/profiling","display_name":"Profiling (computer programming)","score":0.555679202079773},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5328235030174255},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.516558051109314},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.48644423484802246},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.48560017347335815},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.47406524419784546},{"id":"https://openalex.org/keywords/cryptocurrency","display_name":"Cryptocurrency","score":0.4546823799610138},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.44309017062187195},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.3593718409538269},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.3538203835487366},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3351011276245117}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7460228204727173},{"id":"https://openalex.org/C187191949","wikidata":"https://www.wikidata.org/wiki/Q1138496","display_name":"Profiling (computer programming)","level":2,"score":0.555679202079773},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5328235030174255},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.516558051109314},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.48644423484802246},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.48560017347335815},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.47406524419784546},{"id":"https://openalex.org/C180706569","wikidata":"https://www.wikidata.org/wiki/Q13479982","display_name":"Cryptocurrency","level":2,"score":0.4546823799610138},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.44309017062187195},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3593718409538269},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.3538203835487366},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3351011276245117},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tdsc.2023.3307445","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2023.3307445","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":81,"referenced_works":["https://openalex.org/W1547086561","https://openalex.org/W1577913004","https://openalex.org/W1999753800","https://openalex.org/W2058098870","https://openalex.org/W2064675550","https://openalex.org/W2069143585","https://openalex.org/W2148143831","https://openalex.org/W2160815625","https://openalex.org/W2166860375","https://openalex.org/W2171928131","https://openalex.org/W2250539671","https://openalex.org/W2250904038","https://openalex.org/W2265846598","https://openalex.org/W2290702548","https://openalex.org/W2401969231","https://openalex.org/W2408793237","https://openalex.org/W2513529237","https://openalex.org/W2517194566","https://openalex.org/W2564147261","https://openalex.org/W2599823825","https://openalex.org/W2605860169","https://openalex.org/W2606042658","https://openalex.org/W2612094043","https://openalex.org/W2728987420","https://openalex.org/W2740570963","https://openalex.org/W2748690817","https://openalex.org/W2782753921","https://openalex.org/W2797672282","https://openalex.org/W2799900537","https://openalex.org/W2883173712","https://openalex.org/W2884157903","https://openalex.org/W2885525054","https://openalex.org/W2887324343","https://openalex.org/W2890228473","https://openalex.org/W2903382683","https://openalex.org/W2911975451","https://openalex.org/W2917470759","https://openalex.org/W2919762867","https://openalex.org/W2945027786","https://openalex.org/W2949950066","https://openalex.org/W2963485370","https://openalex.org/W2963603877","https://openalex.org/W2978765985","https://openalex.org/W3002277530","https://openalex.org/W3015301903","https://openalex.org/W3036311049","https://openalex.org/W3083161653","https://openalex.org/W3104717442","https://openalex.org/W3121642005","https://openalex.org/W3138147846","https://openalex.org/W3147107715","https://openalex.org/W3161833296","https://openalex.org/W3162825625","https://openalex.org/W3181764050","https://openalex.org/W3184036958","https://openalex.org/W4211068006","https://openalex.org/W4214742677","https://openalex.org/W4220811039","https://openalex.org/W4231510805","https://openalex.org/W4248175462","https://openalex.org/W4256383029","https://openalex.org/W4280602979","https://openalex.org/W4293571337","https://openalex.org/W4294170691","https://openalex.org/W4294215016","https://openalex.org/W4302282827","https://openalex.org/W4312476421","https://openalex.org/W6602413418","https://openalex.org/W6616837769","https://openalex.org/W6628233427","https://openalex.org/W6632644879","https://openalex.org/W6638218497","https://openalex.org/W6639619044","https://openalex.org/W6684191040","https://openalex.org/W6692924172","https://openalex.org/W6713134421","https://openalex.org/W6713639923","https://openalex.org/W6725533135","https://openalex.org/W6734770194","https://openalex.org/W6757107679","https://openalex.org/W6779716109"],"related_works":["https://openalex.org/W4366411693","https://openalex.org/W3211641817","https://openalex.org/W3164717803","https://openalex.org/W4389915954","https://openalex.org/W3123387860","https://openalex.org/W4291291739","https://openalex.org/W2915579847","https://openalex.org/W3110645133","https://openalex.org/W4321377877","https://openalex.org/W4394604524"],"abstract_inverted_index":{"The":[0],"increasing":[1],"prevalence":[2],"of":[3,27,38,85,125,131,164],"blockchain-based":[4],"cryptocurrencies":[5,39],"as":[6,67],"a":[7,24,93],"payment":[8],"instrument":[9],"in":[10,23,47,133,149,161],"the":[11,15,19,51,83,122,129,139,150,162,181,196,204],"past":[12],"decade":[13],"and":[14,75,89,168,173,202],"rewards":[16],"earned":[17],"by":[18,62,70],"cryptominers":[20],"has":[21],"resulted":[22],"new":[25],"class":[26],"cyber":[28,127],"attacks,":[29],"<italic":[30],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[31,106,110,113],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">cryptojacking</i>":[32],",":[33],"which":[34,102,192],"involves":[35],"unauthorized":[36],"mining":[37],"on":[40],"someone's":[41],"system.":[42],"Spotting":[43],"cryptojacking":[44,166],"is":[45,158],"difficult":[46],"many":[48],"cases,":[49],"since":[50],"relevant":[52],"software":[53,65],"tries":[54],"to":[55,59,136],"disguise":[56],"its":[57],"presence":[58],"evade":[60],"detection,":[61],"mimicking":[63],"benign":[64],"such":[66],"compression":[68],"applications":[69],"performing":[71],"similar":[72],"bitwise,":[73],"cryptographic,":[74],"encryption":[76],"operations.":[77],"In":[78],"this":[79],"paper,":[80],"we":[81,103,153],"propose":[82],"processing":[84],"assembly":[86],"code\u2014a":[87],"fundamental":[88],"platform-independent":[90],"programming":[91],"language\u2014as":[92],"natural":[94],"language":[95],"using":[96],"deep":[97,205],"learning":[98,206],"for":[99,200],"profiling":[100,151],"applications,":[101],"call":[104],"<underline":[105,109,112],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">De</u>":[107],"ep":[108],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">Code</u>":[111],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">Pro</u>":[114],"filer":[115],"(DeCode":[116],"Pro).":[117],"Our":[118],"proposed":[119],"solution":[120],"leverages":[121],"immutable":[123],"step":[124],"any":[126],"attack:":[128],"deployment":[130],"instructions":[132],"system":[134],"memory":[135],"carry":[137],"out":[138],"attack.":[140],"Through":[141],"extensive":[142],"experimentation":[143],"with":[144,188],"different":[145],"neural":[146],"network":[147],"architectures":[148],"stage,":[152],"show":[154,179],"that":[155,180],"DeCode":[156],"Pro":[157],"highly":[159],"effective":[160],"detection":[163],"evasive":[165],"attacks":[167],"achieves":[169,183],"low":[170],"false":[171,174],"positive":[172],"negative":[175],"rates.":[176],"We":[177],"also":[178],"model":[182],"high":[184],"classification":[185],"accuracy":[186],"even":[187],"limited":[189],"training":[190,201],"data,":[191],"can":[193],"considerably":[194],"reduce":[195],"computing":[197],"resources":[198],"required":[199],"retraining":[203],"model.":[207]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}