{"id":"https://openalex.org/W3210786851","doi":"https://doi.org/10.1109/tnnls.2021.3121248","title":"Learning Fast and Slow: Propedeutica for Real-Time Malware Detection","display_name":"Learning Fast and Slow: Propedeutica for Real-Time Malware Detection","publication_year":2021,"publication_date":"2021-11-01","ids":{"openalex":"https://openalex.org/W3210786851","doi":"https://doi.org/10.1109/tnnls.2021.3121248","mag":"3210786851","pmid":"https://pubmed.ncbi.nlm.nih.gov/34723811"},"language":"en","primary_location":{"id":"doi:10.1109/tnnls.2021.3121248","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tnnls.2021.3121248","pdf_url":null,"source":{"id":"https://openalex.org/S4210175523","display_name":"IEEE Transactions on Neural Networks and Learning Systems","issn_l":"2162-237X","issn":["2162-237X","2162-2388"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Neural Networks and Learning Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","pubmed"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5086586147","display_name":"Ruimin Sun","orcid":"https://orcid.org/0000-0003-2940-5549"},"institutions":[{"id":"https://openalex.org/I12912129","display_name":"Northeastern University","ror":"https://ror.org/04t5xt781","country_code":"US","type":"education","lineage":["https://openalex.org/I12912129"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Ruimin Sun","raw_affiliation_strings":["Khoury College of Computer Sciences, Northeastern University, Boston, MA, USA","Khoury College of Computer Sciences, Northeastern University, Boston, MA 02115 USA"],"affiliations":[{"raw_affiliation_string":"Khoury College of Computer Sciences, Northeastern University, Boston, MA, USA","institution_ids":["https://openalex.org/I12912129"]},{"raw_affiliation_string":"Khoury College of Computer Sciences, Northeastern University, Boston, MA 02115 USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010643450","display_name":"Xiaoyong Yuan","orcid":"https://orcid.org/0000-0003-0782-4187"},"institutions":[{"id":"https://openalex.org/I11957088","display_name":"Michigan Technological University","ror":"https://ror.org/0036rpn28","country_code":"US","type":"education","lineage":["https://openalex.org/I11957088"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xiaoyong Yuan","raw_affiliation_strings":["College of Computing, Michigan Technological University, Houghton, MI, USA"],"affiliations":[{"raw_affiliation_string":"College of Computing, Michigan Technological University, Houghton, MI, USA","institution_ids":["https://openalex.org/I11957088"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101439615","display_name":"Pan He","orcid":"https://orcid.org/0000-0002-6525-6299"},"institutions":[{"id":"https://openalex.org/I33213144","display_name":"University of Florida","ror":"https://ror.org/02y3ad647","country_code":"US","type":"education","lineage":["https://openalex.org/I33213144"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Pan He","raw_affiliation_strings":["Department of Computer and Information Science and Engineering, University of Florida, Gainesville, FL, USA","Department of Computer and Information Science and Engineering, University of Florida, Gainesville, FL 32611 USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer and Information Science and Engineering, University of Florida, Gainesville, FL, USA","institution_ids":["https://openalex.org/I33213144"]},{"raw_affiliation_string":"Department of Computer and Information Science and Engineering, University of Florida, Gainesville, FL 32611 USA","institution_ids":["https://openalex.org/I33213144"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5079869432","display_name":"Qile Zhu","orcid":"https://orcid.org/0000-0002-8703-7425"},"institutions":[{"id":"https://openalex.org/I33213144","display_name":"University of Florida","ror":"https://ror.org/02y3ad647","country_code":"US","type":"education","lineage":["https://openalex.org/I33213144"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Qile Zhu","raw_affiliation_strings":["Department of Computer and Information Science and Engineering, University of Florida, Gainesville, FL, USA","Department of Computer and Information Science and Engineering, University of Florida, Gainesville, FL 32611 USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer and Information Science and Engineering, University of Florida, Gainesville, FL, USA","institution_ids":["https://openalex.org/I33213144"]},{"raw_affiliation_string":"Department of Computer and Information Science and Engineering, University of Florida, Gainesville, FL 32611 USA","institution_ids":["https://openalex.org/I33213144"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5004483523","display_name":"Aokun Chen","orcid":"https://orcid.org/0000-0002-5100-3821"},"institutions":[{"id":"https://openalex.org/I33213144","display_name":"University of Florida","ror":"https://ror.org/02y3ad647","country_code":"US","type":"education","lineage":["https://openalex.org/I33213144"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Aokun Chen","raw_affiliation_strings":["Department of Electrical and Computer Engineering, University of Florida, Gainesville, FL, USA","Department of Electrical and Computer Engineering, University of Florida, Gainesville, FL 32611 USA"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, University of Florida, Gainesville, FL, USA","institution_ids":["https://openalex.org/I33213144"]},{"raw_affiliation_string":"Department of Electrical and Computer Engineering, University of Florida, Gainesville, FL 32611 USA","institution_ids":["https://openalex.org/I33213144"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5059851424","display_name":"Andr\u00e9 Gr\u00e9gio","orcid":"https://orcid.org/0000-0003-1766-5757"},"institutions":[{"id":"https://openalex.org/I52418104","display_name":"Universidade Federal do Paran\u00e1","ror":"https://ror.org/05syd6y78","country_code":"BR","type":"education","lineage":["https://openalex.org/I52418104"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Andr\u00e9 Gr\u00e9gio","raw_affiliation_strings":["Department of Informatics, Federal University of Parana, Curitiba, Brazil","Department of Informatics, Federal University of Parana, Curitiba 80060-000, Brazil"],"affiliations":[{"raw_affiliation_string":"Department of Informatics, Federal University of Parana, Curitiba, Brazil","institution_ids":["https://openalex.org/I52418104"]},{"raw_affiliation_string":"Department of Informatics, Federal University of Parana, Curitiba 80060-000, Brazil","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5082282267","display_name":"Daniela S Oliveira","orcid":"https://orcid.org/0000-0003-3488-0053"},"institutions":[{"id":"https://openalex.org/I33213144","display_name":"University of Florida","ror":"https://ror.org/02y3ad647","country_code":"US","type":"education","lineage":["https://openalex.org/I33213144"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Daniela Oliveira","raw_affiliation_strings":["Department of Electrical and Computer Engineering, University of Florida, Gainesville, FL, USA","Department of Electrical and Computer Engineering, University of Florida, Gainesville, FL 32611 USA"],"affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, University of Florida, Gainesville, FL, USA","institution_ids":["https://openalex.org/I33213144"]},{"raw_affiliation_string":"Department of Electrical and Computer Engineering, University of Florida, Gainesville, FL 32611 USA","institution_ids":["https://openalex.org/I33213144"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100353846","display_name":"Xiaolin Li","orcid":"https://orcid.org/0000-0002-3368-159X"},"institutions":[{"id":"https://openalex.org/I163361683","display_name":"Cognizant (United States)","ror":"https://ror.org/036s7bw54","country_code":"US","type":"company","lineage":["https://openalex.org/I163361683"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xiaolin Li","raw_affiliation_strings":["Cognization Lab, Palo Alto, CA, USA","Cognization Lab, Palo Alto, CA 94306 USA"],"affiliations":[{"raw_affiliation_string":"Cognization Lab, Palo Alto, CA, USA","institution_ids":["https://openalex.org/I163361683"]},{"raw_affiliation_string":"Cognization Lab, Palo Alto, CA 94306 USA","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":8,"corresponding_author_ids":["https://openalex.org/A5086586147"],"corresponding_institution_ids":["https://openalex.org/I12912129"],"apc_list":null,"apc_paid":null,"fwci":1.2312,"has_fulltext":false,"cited_by_count":11,"citation_normalized_percentile":{"value":0.79880545,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"33","issue":"6","first_page":"2518","last_page":"2529"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9936000108718872,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9898999929428101,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9180721044540405},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8410980701446533},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.6440049409866333},{"id":"https://openalex.org/keywords/detector","display_name":"Detector","score":0.5274921655654907},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.5026464462280273},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.498380184173584},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.45364758372306824},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.412082314491272},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4059640169143677},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.3837552070617676},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.33500978350639343}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9180721044540405},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8410980701446533},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.6440049409866333},{"id":"https://openalex.org/C94915269","wikidata":"https://www.wikidata.org/wiki/Q1834857","display_name":"Detector","level":2,"score":0.5274921655654907},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.5026464462280273},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.498380184173584},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.45364758372306824},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.412082314491272},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4059640169143677},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.3837552070617676},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.33500978350639343},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/tnnls.2021.3121248","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tnnls.2021.3121248","pdf_url":null,"source":{"id":"https://openalex.org/S4210175523","display_name":"IEEE Transactions on Neural Networks and Learning Systems","issn_l":"2162-237X","issn":["2162-237X","2162-2388"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Neural Networks and Learning Systems","raw_type":"journal-article"},{"id":"pmid:34723811","is_oa":false,"landing_page_url":"https://pubmed.ncbi.nlm.nih.gov/34723811","pdf_url":null,"source":{"id":"https://openalex.org/S4306525036","display_name":"PubMed","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1299303238","host_organization_name":"National Institutes of Health","host_organization_lineage":["https://openalex.org/I1299303238"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE transactions on neural networks and learning systems","raw_type":null},{"id":"pmh:oai:digitalcommons.mtu.edu:michigantech-p-34821","is_oa":false,"landing_page_url":"https://digitalcommons.mtu.edu/michigantech-p/15519","pdf_url":null,"source":{"id":"https://openalex.org/S4377196391","display_name":"Digital Commons - Michigan Tech (Michigan Technological University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I11957088","host_organization_name":"Michigan Technological University","host_organization_lineage":["https://openalex.org/I11957088"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Michigan Tech Publications, Part 1","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G8326767501","display_name":null,"funder_award_id":"1801599","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":95,"referenced_works":["https://openalex.org/W1545528966","https://openalex.org/W1549656520","https://openalex.org/W1574901103","https://openalex.org/W1581009051","https://openalex.org/W1666731339","https://openalex.org/W1836465849","https://openalex.org/W1851403712","https://openalex.org/W1893133781","https://openalex.org/W1941427975","https://openalex.org/W1966948031","https://openalex.org/W1972544015","https://openalex.org/W1981221397","https://openalex.org/W1981738628","https://openalex.org/W2013916093","https://openalex.org/W2021264330","https://openalex.org/W2042454716","https://openalex.org/W2064675550","https://openalex.org/W2076063813","https://openalex.org/W2095705004","https://openalex.org/W2111038628","https://openalex.org/W2120215974","https://openalex.org/W2125743503","https://openalex.org/W2126345423","https://openalex.org/W2128302979","https://openalex.org/W2131523719","https://openalex.org/W2137365926","https://openalex.org/W2138644293","https://openalex.org/W2145688371","https://openalex.org/W2151135920","https://openalex.org/W2158167094","https://openalex.org/W2173506482","https://openalex.org/W2237959143","https://openalex.org/W2287408518","https://openalex.org/W2291034565","https://openalex.org/W2295598076","https://openalex.org/W2432142698","https://openalex.org/W2476429474","https://openalex.org/W2491054514","https://openalex.org/W2493100395","https://openalex.org/W2514847810","https://openalex.org/W2515415680","https://openalex.org/W2518060702","https://openalex.org/W2519091744","https://openalex.org/W2546191734","https://openalex.org/W2549139847","https://openalex.org/W2554148185","https://openalex.org/W2557513839","https://openalex.org/W2577741565","https://openalex.org/W2587002069","https://openalex.org/W2594639291","https://openalex.org/W2594902547","https://openalex.org/W2599354622","https://openalex.org/W2610321374","https://openalex.org/W2746791238","https://openalex.org/W2785844809","https://openalex.org/W2799420851","https://openalex.org/W2891828758","https://openalex.org/W2902758299","https://openalex.org/W2919115771","https://openalex.org/W2942795289","https://openalex.org/W2944250323","https://openalex.org/W2949639282","https://openalex.org/W2949848919","https://openalex.org/W2963045681","https://openalex.org/W2963178695","https://openalex.org/W2963857521","https://openalex.org/W2964136807","https://openalex.org/W2966708309","https://openalex.org/W2973628901","https://openalex.org/W2997574889","https://openalex.org/W3000689925","https://openalex.org/W3112370249","https://openalex.org/W3136767761","https://openalex.org/W3165716503","https://openalex.org/W4248437541","https://openalex.org/W4255466416","https://openalex.org/W6629915129","https://openalex.org/W6636501900","https://openalex.org/W6638667902","https://openalex.org/W6639864006","https://openalex.org/W6640826072","https://openalex.org/W6674330103","https://openalex.org/W6677743974","https://openalex.org/W6679436768","https://openalex.org/W6681096077","https://openalex.org/W6687566353","https://openalex.org/W6696151112","https://openalex.org/W6717848421","https://openalex.org/W6738397735","https://openalex.org/W6743618022","https://openalex.org/W6748365352","https://openalex.org/W6751070894","https://openalex.org/W6773250199","https://openalex.org/W6784203933","https://openalex.org/W6787397131"],"related_works":["https://openalex.org/W2097492617","https://openalex.org/W2753240997","https://openalex.org/W1764168690","https://openalex.org/W2537959205","https://openalex.org/W2740895074","https://openalex.org/W2772446090","https://openalex.org/W3152891574","https://openalex.org/W2249809453","https://openalex.org/W4284893819","https://openalex.org/W4316881845"],"abstract_inverted_index":{"Existing":[0],"malware":[1,29,129,176],"detectors":[2],"on":[3],"safety-critical":[4],"devices":[5],"have":[6],"difficulties":[7],"in":[8],"runtime":[9],"detection":[10],"due":[11],"to":[12,81,87,95],"the":[13,32,65,72,76,90,139,164],"performance":[14,100],"overhead.":[15],"In":[16,44],"this":[17],"article,":[18],"we":[19,112],"introduce":[20,113],"Propedeutica,":[21,45],"a":[22,57,68,96,114,143,156],"framework":[23],"for":[24,61,119,138,167],"efficient":[25],"and":[26,39,54,84,108,131,155],"effective":[27],"real-time":[28],"detection,":[30],"leveraging":[31],"best":[33],"of":[34,146,153,159,163],"conventional":[35,58],"machine":[36],"learning":[37,41],"(ML)":[38],"deep":[40],"(DL)":[42],"techniques.":[43],"all":[46],"software":[47,66,77,91,109,134],"start":[48],"executions":[49],"are":[50],"considered":[51],"as":[52],"benign":[53,83,133],"monitored":[55],"by":[56],"ML":[59,73],"classifier":[60],"fast":[62],"detection.":[63],"If":[64],"receives":[67],"borderline":[69,144],"classification":[70],"from":[71,135],"detector":[74],"(e.g.,":[75],"is":[78],"50%":[79,85],"likely":[80,86],"be":[82,88,93],"malicious),":[89],"will":[92],"transferred":[94],"more":[97],"accurate,":[98],"yet":[99],"demanding":[101],"DL":[102,116],"detector.":[103],"To":[104],"address":[105],"spatial-temporal":[106],"dynamics":[107],"execution":[110],"heterogeneity,":[111],"novel":[115],"architecture":[117],"(DeepMalware)":[118],"Propedeutica":[120,126,149,173],"with":[121,127,161],"multistream":[122],"inputs.":[123],"We":[124],"evaluated":[125],"9115":[128],"samples":[130,165],"1338":[132],"various":[136],"categories":[137],"Windows":[140],"OS.":[141],"With":[142],"interval":[145],"[30%,":[147],"70%],":[148],"achieves":[150],"an":[151],"accuracy":[152],"94.34%":[154],"false-positive":[157],"rate":[158],"8.75%,":[160],"41.45%":[162],"moved":[166],"DeepMalwareanalysis.":[168],"Even":[169],"using":[170],"only":[171],"CPU,":[172],"can":[174],"detect":[175],"within":[177],"less":[178],"than":[179],"0.1":[180],"s.":[181]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":1},{"year":2020,"cited_by_count":1}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-10-10T00:00:00"}