{"id":"https://openalex.org/W2101217223","doi":"https://doi.org/10.1145/2420950.2421000","title":"Towards network containment in malware analysis systems","display_name":"Towards network containment in malware analysis systems","publication_year":2012,"publication_date":"2012-12-03","ids":{"openalex":"https://openalex.org/W2101217223","doi":"https://doi.org/10.1145/2420950.2421000","mag":"2101217223"},"language":"en","primary_location":{"id":"doi:10.1145/2420950.2421000","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2420950.2421000","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 28th Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5090917415","display_name":"Mariano Graziano","orcid":"https://orcid.org/0009-0000-8842-9300"},"institutions":[{"id":"https://openalex.org/I1902872","display_name":"EURECOM","ror":"https://ror.org/00sse7z02","country_code":"FR","type":"education","lineage":["https://openalex.org/I1902872","https://openalex.org/I205703379"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Mariano Graziano","raw_affiliation_strings":["Institut Eurecom","[Institut Eurecom]"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institut Eurecom","institution_ids":["https://openalex.org/I1902872"]},{"raw_affiliation_string":"[Institut Eurecom]","institution_ids":["https://openalex.org/I1902872"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5109064815","display_name":"Corrado Leita","orcid":null},"institutions":[{"id":"https://openalex.org/I1308906816","display_name":"NortonLifeLock (United States)","ror":"https://ror.org/0449t3a80","country_code":"US","type":"company","lineage":["https://openalex.org/I1308906816"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Corrado Leita","raw_affiliation_strings":["Symantec Research Labs","Symantec Research Labs#TAB#"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Symantec Research Labs","institution_ids":["https://openalex.org/I1308906816"]},{"raw_affiliation_string":"Symantec Research Labs#TAB#","institution_ids":["https://openalex.org/I1308906816"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5002025561","display_name":"Davide Balzarotti","orcid":"https://orcid.org/0000-0001-5957-6213"},"institutions":[{"id":"https://openalex.org/I1902872","display_name":"EURECOM","ror":"https://ror.org/00sse7z02","country_code":"FR","type":"education","lineage":["https://openalex.org/I1902872","https://openalex.org/I205703379"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Davide Balzarotti","raw_affiliation_strings":["Institut Eurecom","[Institut Eurecom]"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institut Eurecom","institution_ids":["https://openalex.org/I1902872"]},{"raw_affiliation_string":"[Institut Eurecom]","institution_ids":["https://openalex.org/I1902872"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.9815,"has_fulltext":false,"cited_by_count":19,"citation_normalized_percentile":{"value":0.89578195,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"339","last_page":"348"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8884246349334717},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7812126278877258},{"id":"https://openalex.org/keywords/containment","display_name":"Containment (computer programming)","score":0.7289518713951111},{"id":"https://openalex.org/keywords/sandbox","display_name":"Sandbox (software development)","score":0.6555100679397583},{"id":"https://openalex.org/keywords/dependency","display_name":"Dependency (UML)","score":0.5939269661903381},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.575329601764679},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.5728543996810913},{"id":"https://openalex.org/keywords/sample","display_name":"Sample (material)","score":0.5719867944717407},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.571907639503479},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.49590739607810974},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.43404096364974976},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.3416861295700073},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.22246745228767395},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.15819236636161804},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.07419529557228088}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8884246349334717},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7812126278877258},{"id":"https://openalex.org/C2777019822","wikidata":"https://www.wikidata.org/wiki/Q390066","display_name":"Containment (computer programming)","level":2,"score":0.7289518713951111},{"id":"https://openalex.org/C167981075","wikidata":"https://www.wikidata.org/wiki/Q2667186","display_name":"Sandbox (software development)","level":2,"score":0.6555100679397583},{"id":"https://openalex.org/C19768560","wikidata":"https://www.wikidata.org/wiki/Q320727","display_name":"Dependency (UML)","level":2,"score":0.5939269661903381},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.575329601764679},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.5728543996810913},{"id":"https://openalex.org/C198531522","wikidata":"https://www.wikidata.org/wiki/Q485146","display_name":"Sample (material)","level":2,"score":0.5719867944717407},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.571907639503479},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.49590739607810974},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.43404096364974976},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3416861295700073},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.22246745228767395},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.15819236636161804},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.07419529557228088},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C43617362","wikidata":"https://www.wikidata.org/wiki/Q170050","display_name":"Chromatography","level":1,"score":0.0}],"mesh":[],"locations_count":5,"locations":[{"id":"doi:10.1145/2420950.2421000","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2420950.2421000","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 28th Annual Computer Security Applications Conference","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.298.3466","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.298.3466","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.iseclab.org/people/dbalzarotti/download/graziano_acsac12.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.685.3787","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.685.3787","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.syssec-project.eu/m/page-media/3/graziano-acsac12.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.722.7535","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.722.7535","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.people.vcu.edu/%7Ecfung/bib/Malware%20analysis%20systems_ACSAC12.pdf","raw_type":"text"},{"id":"pmh:oai:fr.eurecom:3887","is_oa":false,"landing_page_url":"http://www.eurecom.fr/publication/3887","pdf_url":null,"source":{"id":"https://openalex.org/S4377196942","display_name":"Graduate School and Research Center in Digital Science (EURECOM)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1902872","host_organization_name":"EURECOM","host_organization_lineage":["https://openalex.org/I1902872"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"ACSAC 2012, 28th Annual Computer Security Applications Conference, December 3-7, 2012, Orlando, Florida, USA ","raw_type":"Conference"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1320126135","display_name":null,"funder_award_id":"257007","funder_id":"https://openalex.org/F4320334960","funder_display_name":"Seventh Framework Programme"}],"funders":[{"id":"https://openalex.org/F4320334960","display_name":"Seventh Framework Programme","ror":"https://ror.org/00k4n6c32"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":25,"referenced_works":["https://openalex.org/W125551951","https://openalex.org/W179510128","https://openalex.org/W1489157620","https://openalex.org/W1503224444","https://openalex.org/W1538375546","https://openalex.org/W1853552390","https://openalex.org/W1910686388","https://openalex.org/W1921075642","https://openalex.org/W2015903771","https://openalex.org/W2049867480","https://openalex.org/W2074231493","https://openalex.org/W2092756033","https://openalex.org/W2100673955","https://openalex.org/W2105063115","https://openalex.org/W2117887253","https://openalex.org/W2120297918","https://openalex.org/W2159275560","https://openalex.org/W2161784403","https://openalex.org/W2164253698","https://openalex.org/W2172163424","https://openalex.org/W2213391909","https://openalex.org/W2752929869","https://openalex.org/W4285719527","https://openalex.org/W6629915129","https://openalex.org/W6639864006"],"related_works":["https://openalex.org/W2765820957","https://openalex.org/W4285507391","https://openalex.org/W2610659201","https://openalex.org/W65788704","https://openalex.org/W3107556205","https://openalex.org/W4367595269","https://openalex.org/W2507496997","https://openalex.org/W4388951020","https://openalex.org/W2805262980","https://openalex.org/W2765174411"],"abstract_inverted_index":{"This":[0,45,73],"paper":[1],"focuses":[2],"on":[3],"the":[4,9,26,30,48,51,54,61,68,71,85],"containment":[5,80],"and":[6,36],"control":[7,69],"of":[8,32,39,50,56,70,82,95],"network":[10,86],"interaction":[11],"generated":[12,88],"by":[13,89],"malware":[14,34,62,91],"samples":[15],"in":[16,25],"dynamic":[17],"analysis":[18],"environments.":[19],"A":[20],"currently":[21],"unsolved":[22],"problem":[23,74],"consists":[24],"existing":[27],"dependency":[28,46],"between":[29],"execution":[31,63],"a":[33,37,79,90],"sample":[35,92],"number":[38],"external":[40,58,107],"hosts":[41,59],"(e.g.":[42],"C&C":[43],"servers).":[44],"affects":[47],"repeatability":[49],"analysis,":[52],"since":[53],"state":[55],"these":[57],"influences":[60],"but":[64],"it":[65,100],"is":[66,75,93],"outside":[67],"sandbox.":[72],"also":[76],"important":[77],"from":[78],"point":[81],"view,":[83],"because":[84],"traffic":[87],"potentially":[94],"malicious":[96],"nature":[97],"and,":[98],"therefore,":[99],"should":[101],"not":[102],"be":[103],"allowed":[104],"to":[105],"reach":[106],"targets.":[108]},"counts_by_year":[{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":5},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":4},{"year":2014,"cited_by_count":2},{"year":2013,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}