{"id":"https://openalex.org/W2808927717","doi":"https://doi.org/10.1145/3219819.3219862","title":"Gotcha - Sly Malware!","display_name":"Gotcha - Sly Malware!","publication_year":2018,"publication_date":"2018-07-19","ids":{"openalex":"https://openalex.org/W2808927717","doi":"https://doi.org/10.1145/3219819.3219862","mag":"2808927717"},"language":"en","primary_location":{"id":"doi:10.1145/3219819.3219862","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3219819.3219862","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery &amp; Data Mining","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101916154","display_name":"Yujie Fan","orcid":"https://orcid.org/0000-0002-2635-9420"},"institutions":[{"id":"https://openalex.org/I12097938","display_name":"West Virginia University","ror":"https://ror.org/011vxgd24","country_code":"US","type":"education","lineage":["https://openalex.org/I12097938"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Yujie Fan","raw_affiliation_strings":["West Virginia University, Morgantown, USA"],"affiliations":[{"raw_affiliation_string":"West Virginia University, Morgantown, USA","institution_ids":["https://openalex.org/I12097938"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5110964699","display_name":"Shifu Hou","orcid":null},"institutions":[{"id":"https://openalex.org/I12097938","display_name":"West Virginia University","ror":"https://ror.org/011vxgd24","country_code":"US","type":"education","lineage":["https://openalex.org/I12097938"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Shifu Hou","raw_affiliation_strings":["West Virginia University, Morgantown, USA"],"affiliations":[{"raw_affiliation_string":"West Virginia University, Morgantown, USA","institution_ids":["https://openalex.org/I12097938"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100395391","display_name":"Yiming Zhang","orcid":"https://orcid.org/0009-0000-9289-6227"},"institutions":[{"id":"https://openalex.org/I12097938","display_name":"West Virginia University","ror":"https://ror.org/011vxgd24","country_code":"US","type":"education","lineage":["https://openalex.org/I12097938"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yiming Zhang","raw_affiliation_strings":["West Virginia University, Morgantown, USA"],"affiliations":[{"raw_affiliation_string":"West Virginia University, Morgantown, USA","institution_ids":["https://openalex.org/I12097938"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101586436","display_name":"Yanfang Ye","orcid":"https://orcid.org/0000-0001-8376-7239"},"institutions":[{"id":"https://openalex.org/I12097938","display_name":"West Virginia University","ror":"https://ror.org/011vxgd24","country_code":"US","type":"education","lineage":["https://openalex.org/I12097938"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yanfang Ye","raw_affiliation_strings":["West Virginia University, Morgantown, WV, USA"],"affiliations":[{"raw_affiliation_string":"West Virginia University, Morgantown, WV, USA","institution_ids":["https://openalex.org/I12097938"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5038148456","display_name":"Melih Abdulhayoglu","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Melih Abdulhayoglu","raw_affiliation_strings":["Comodo Security Solutions, Inc., Clifton, NJ, USA"],"affiliations":[{"raw_affiliation_string":"Comodo Security Solutions, Inc., Clifton, NJ, USA","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5101916154"],"corresponding_institution_ids":["https://openalex.org/I12097938"],"apc_list":null,"apc_paid":null,"fwci":8.2572,"has_fulltext":false,"cited_by_count":85,"citation_normalized_percentile":{"value":0.98335875,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"253","last_page":"262"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8857479095458984},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8509684801101685},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.5881683230400085},{"id":"https://openalex.org/keywords/cryptovirology","display_name":"Cryptovirology","score":0.48991841077804565},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.4688951373100281},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.3380184471607208},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.32734358310699463},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2705468535423279},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.20651093125343323}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8857479095458984},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8509684801101685},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.5881683230400085},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.48991841077804565},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.4688951373100281},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.3380184471607208},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.32734358310699463},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2705468535423279},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.20651093125343323}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3219819.3219862","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3219819.3219862","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery &amp; Data Mining","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","score":0.5899999737739563,"display_name":"Industry, innovation and infrastructure"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":54,"referenced_works":["https://openalex.org/W5748870","https://openalex.org/W67486310","https://openalex.org/W103340358","https://openalex.org/W1194372791","https://openalex.org/W1614298861","https://openalex.org/W1776735834","https://openalex.org/W1888005072","https://openalex.org/W1975563293","https://openalex.org/W2019421101","https://openalex.org/W2021264330","https://openalex.org/W2044660163","https://openalex.org/W2050918226","https://openalex.org/W2056729444","https://openalex.org/W2066459332","https://openalex.org/W2099053789","https://openalex.org/W2100550848","https://openalex.org/W2109480754","https://openalex.org/W2110143557","https://openalex.org/W2122492127","https://openalex.org/W2143156479","https://openalex.org/W2152442131","https://openalex.org/W2153579005","https://openalex.org/W2154851992","https://openalex.org/W2164163973","https://openalex.org/W2166128942","https://openalex.org/W2237959143","https://openalex.org/W2242818087","https://openalex.org/W2244985651","https://openalex.org/W2331224188","https://openalex.org/W2393319904","https://openalex.org/W2397211345","https://openalex.org/W2417677256","https://openalex.org/W2520563735","https://openalex.org/W2585021848","https://openalex.org/W2612186685","https://openalex.org/W2732916693","https://openalex.org/W2735810033","https://openalex.org/W2743104969","https://openalex.org/W2743159750","https://openalex.org/W2744097819","https://openalex.org/W2764074721","https://openalex.org/W2767560037","https://openalex.org/W2767774008","https://openalex.org/W2768352146","https://openalex.org/W2772265308","https://openalex.org/W2780061022","https://openalex.org/W2789207453","https://openalex.org/W2962756421","https://openalex.org/W2963919031","https://openalex.org/W3005158208","https://openalex.org/W3028642772","https://openalex.org/W3104097132","https://openalex.org/W3105705953","https://openalex.org/W3148981562"],"related_works":["https://openalex.org/W2469507153","https://openalex.org/W2008790809","https://openalex.org/W3022706011","https://openalex.org/W2768892939","https://openalex.org/W2160963033","https://openalex.org/W2909615516","https://openalex.org/W4210907385","https://openalex.org/W2249256574","https://openalex.org/W2397240470","https://openalex.org/W4381279634"],"abstract_inverted_index":{"Due":[0],"to":[1,7,43,50,54,95,123,151,190],"its":[2],"severe":[3],"damages":[4],"and":[5,13,26,47,67,90,166],"threats":[6],"the":[8,11,20,32,68,97,103,108,135,148,153,157,163,179,225],"security":[9],"of":[10,22,58,228],"Internet":[12],"computing":[14],"devices,":[15],"malware":[16,34,112,172,193,214],"detection":[17,113,194,215],"has":[18,220],"caught":[19],"attention":[21],"both":[23,45,162],"anti-malware":[24],"industry":[25],"researchers":[27],"for":[28,120,127,156,171],"decades.":[29],"To":[30,101,129],"combat":[31],"evolving":[33],"attacks,":[35],"in":[36,159],"this":[37,131],"paper,":[38],"we":[39,81,139],"first":[40,149],"study":[41,177],"how":[42],"utilize":[44],"content-":[46],"relation-based":[48],"features":[49],"characterize":[51],"sly":[52],"malware;":[53],"model":[55,145],"different":[56],"types":[57],"entities":[59],"(i.e.,":[60,74],"file,":[61],"archive,":[62],"machine,":[63],"API,":[64],"DLL":[65],")":[66],"rich":[69],"semantic":[70],"relationships":[71],"among":[72],"them":[73],"file-archive,":[75],"file-machine,":[76],"file-file,":[77],"API-DLL,":[78],"file-API":[79],"relations),":[80],"then":[82],"construct":[83],"a":[84,115,141],"structural":[85],"heterogeneous":[86],"information":[87],"network":[88],"(HIN)":[89],"present":[91],"meta-graph":[92,137],"based":[93,133],"approach":[94],"depict":[96],"relatedness":[98,104],"over":[99,105],"files.":[100],"measure":[102],"files":[106],"on":[107,134,147,178],"constructed":[109],"HIN,":[110,160],"since":[111],"is":[114,188],"cost-sensitive":[116],"task,":[117],"it":[118],"calls":[119],"efficient":[121],"methods":[122],"learn":[124,152],"latent":[125],"representations":[126,155],"HIN.":[128],"address":[130],"challenge,":[132],"built":[136],"schemes,":[138],"propose":[140],"new":[142],"HIN":[143,164],"embedding":[144],"metagraph2vec":[146],"attempt":[150],"low-dimensional":[154],"nodes":[158],"where":[161],"structures":[165],"semantics":[167],"are":[168],"maximally":[169],"preserved":[170],"detection.":[173],"A":[174],"comprehensive":[175],"experimental":[176,198],"real":[180],"sample":[181],"collections":[182],"from":[183],"Comodo":[184,229],"Cloud":[185],"Security":[186],"Center":[187],"performed":[189],"compare":[191],"various":[192],"approaches.":[195],"The":[196,217],"promising":[197],"results":[199],"demonstrate":[200],"that":[201],"our":[202,208],"developed":[203,218],"system":[204,219],"Scorpion":[205],"which":[206],"integrate":[207],"proposed":[209],"method":[210],"outperforms":[211],"other":[212],"alternative":[213],"techniques.":[216],"already":[221],"been":[222],"incorporated":[223],"into":[224],"scanning":[226],"tool":[227],"Antivirus":[230],"product.":[231]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":13},{"year":2022,"cited_by_count":10},{"year":2021,"cited_by_count":15},{"year":2020,"cited_by_count":20},{"year":2019,"cited_by_count":10},{"year":2018,"cited_by_count":5}],"updated_date":"2026-02-25T23:00:34.991745","created_date":"2025-10-10T00:00:00"}