{"id":"https://openalex.org/W2785643584","doi":"https://doi.org/10.1109/pkia.2017.8278956","title":"Malsign: Threat analysis of signed and implicitly trusted malicious code","display_name":"Malsign: Threat analysis of signed and implicitly trusted malicious code","publication_year":2017,"publication_date":"2017-11-01","ids":{"openalex":"https://openalex.org/W2785643584","doi":"https://doi.org/10.1109/pkia.2017.8278956","mag":"2785643584"},"language":"en","primary_location":{"id":"doi:10.1109/pkia.2017.8278956","is_oa":false,"landing_page_url":"https://doi.org/10.1109/pkia.2017.8278956","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 International Conference on Public Key Infrastructure and its Applications (PKIA)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5025904765","display_name":"Soumajit Pal","orcid":null},"institutions":[{"id":"https://openalex.org/I81556334","display_name":"Amrita Vishwa Vidyapeetham","ror":"https://ror.org/03am10p12","country_code":"IN","type":"education","lineage":["https://openalex.org/I81556334"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"Soumajit Pal","raw_affiliation_strings":["Amrita Center for Cyber Security Amrita Vishwa Vidyapeetham, Amritapuri, Kollam, Kerala, India"],"affiliations":[{"raw_affiliation_string":"Amrita Center for Cyber Security Amrita Vishwa Vidyapeetham, Amritapuri, Kollam, Kerala, India","institution_ids":["https://openalex.org/I81556334"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029900047","display_name":"Prabaharan Poornachandran","orcid":null},"institutions":[{"id":"https://openalex.org/I81556334","display_name":"Amrita Vishwa Vidyapeetham","ror":"https://ror.org/03am10p12","country_code":"IN","type":"education","lineage":["https://openalex.org/I81556334"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Prabaharan Poornachandran","raw_affiliation_strings":["Amrita Center for Cyber Security Amrita Vishwa Vidyapeetham, Amritapuri, Kollam, Kerala, India"],"affiliations":[{"raw_affiliation_string":"Amrita Center for Cyber Security Amrita Vishwa Vidyapeetham, Amritapuri, Kollam, Kerala, India","institution_ids":["https://openalex.org/I81556334"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5017861068","display_name":"Manu R. Krishnan","orcid":null},"institutions":[{"id":"https://openalex.org/I81556334","display_name":"Amrita Vishwa Vidyapeetham","ror":"https://ror.org/03am10p12","country_code":"IN","type":"education","lineage":["https://openalex.org/I81556334"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Manu R. Krishnan","raw_affiliation_strings":["Amrita Center for Cyber Security Amrita Vishwa Vidyapeetham, Amritapuri, Kollam, Kerala, India"],"affiliations":[{"raw_affiliation_string":"Amrita Center for Cyber Security Amrita Vishwa Vidyapeetham, Amritapuri, Kollam, Kerala, India","institution_ids":["https://openalex.org/I81556334"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5074454766","display_name":"A. Sankar","orcid":null},"institutions":[{"id":"https://openalex.org/I81556334","display_name":"Amrita Vishwa Vidyapeetham","ror":"https://ror.org/03am10p12","country_code":"IN","type":"education","lineage":["https://openalex.org/I81556334"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"A.U. Prem Sankar","raw_affiliation_strings":["Amrita Center for Cyber Security Amrita Vishwa Vidyapeetham, Amritapuri, Kollam, Kerala, India"],"affiliations":[{"raw_affiliation_string":"Amrita Center for Cyber Security Amrita Vishwa Vidyapeetham, Amritapuri, Kollam, Kerala, India","institution_ids":["https://openalex.org/I81556334"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5067681747","display_name":"Parvathy Sasikala","orcid":null},"institutions":[{"id":"https://openalex.org/I81556334","display_name":"Amrita Vishwa Vidyapeetham","ror":"https://ror.org/03am10p12","country_code":"IN","type":"education","lineage":["https://openalex.org/I81556334"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Parvathy Sasikala","raw_affiliation_strings":["Amrita Center for Cyber Security Amrita Vishwa Vidyapeetham, Amritapuri, Kollam, Kerala, India"],"affiliations":[{"raw_affiliation_string":"Amrita Center for Cyber Security Amrita Vishwa Vidyapeetham, Amritapuri, Kollam, Kerala, India","institution_ids":["https://openalex.org/I81556334"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5025904765"],"corresponding_institution_ids":["https://openalex.org/I81556334"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.20741047,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"23","last_page":"27"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.891902506351471},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.8054596781730652},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.7920107245445251},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7673016786575317},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.6560553312301636},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5633774995803833},{"id":"https://openalex.org/keywords/cryptovirology","display_name":"Cryptovirology","score":0.5398508906364441},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.5171850919723511},{"id":"https://openalex.org/keywords/static-program-analysis","display_name":"Static program analysis","score":0.4528416693210602},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.43303996324539185},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2872081398963928},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.24054181575775146},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.2094731628894806}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.891902506351471},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.8054596781730652},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.7920107245445251},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7673016786575317},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.6560553312301636},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5633774995803833},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.5398508906364441},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.5171850919723511},{"id":"https://openalex.org/C137287247","wikidata":"https://www.wikidata.org/wiki/Q1329550","display_name":"Static program analysis","level":4,"score":0.4528416693210602},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.43303996324539185},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2872081398963928},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.24054181575775146},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.2094731628894806},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/pkia.2017.8278956","is_oa":false,"landing_page_url":"https://doi.org/10.1109/pkia.2017.8278956","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 International Conference on Public Key Infrastructure and its Applications (PKIA)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":7,"referenced_works":["https://openalex.org/W1968519345","https://openalex.org/W2143251458","https://openalex.org/W2186028149","https://openalex.org/W2187211701","https://openalex.org/W2339535537","https://openalex.org/W6681043223","https://openalex.org/W6687045481"],"related_works":["https://openalex.org/W2469507153","https://openalex.org/W2008790809","https://openalex.org/W2768892939","https://openalex.org/W2160963033","https://openalex.org/W3022706011","https://openalex.org/W2909615516","https://openalex.org/W2249256574","https://openalex.org/W2397240470","https://openalex.org/W3128265165","https://openalex.org/W4210907385"],"abstract_inverted_index":{"Code":[0],"signing":[1,37,42,112,127,160],"which":[2,44],"at":[3],"present":[4,104,137],"is":[5,14,150,169],"the":[6,22,25,35,41,78,91,109,133,138,151],"only":[7],"methodology":[8],"of":[9,24,53,94,124,132,157],"trusting":[10],"a":[11,57,60,71,105,117],"code":[12,36,111,126,159],"that":[13,120],"distributed":[15],"to":[16],"others.":[17],"It":[18],"heavily":[19],"relies":[20],"on":[21,34],"security":[23],"software":[26,62,73],"providers":[27,74],"private":[28,75],"key.":[29],"Attackers":[30],"employ":[31],"targeted":[32],"attacks":[33],"infrastructure":[38],"for":[39,48,108],"stealing":[40],"keys":[43],"are":[45],"used":[46],"later":[47],"distributing":[49],"malware":[50,58,96],"in":[51],"disguise":[52],"genuine":[54],"software.":[55],"Differentiating":[56],"from":[59],"benign":[61],"becomes":[63],"extremely":[64],"difficult":[65],"once":[66],"it":[67,141,144],"gets":[68],"signed":[69,84,95],"by":[70,97,128],"trusted":[72],"key":[76],"as":[77],"operating":[79],"systems":[80],"implicitly":[81],"trusts":[82],"this":[83,87,122,149,154],"code.":[85],"In":[86],"paper,":[88],"we":[89],"analyze":[90],"growing":[92],"menace":[93],"examining":[98],"several":[99],"real":[100],"world":[101],"incidents":[102],"and":[103,143,165],"threat":[106,140],"model":[107],"current":[110],"infrastructure.":[113],"We":[114,135],"also":[115,136],"propose":[116],"novel":[118],"solution":[119,168],"prevents":[121],"issue":[123,156],"malicious":[125],"requiring":[129],"additional":[130],"verification":[131],"executable.":[134],"serious":[139],"poses":[142],"consequences.":[145],"To":[146],"our":[147],"knowledge":[148],"first":[152],"time":[153],"specific":[155],"Malicious":[158],"has":[161],"been":[162],"thoroughly":[163],"studied":[164],"an":[166],"implementable":[167],"proposed.":[170]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}