{"id":"https://openalex.org/W4308627563","doi":"https://doi.org/10.1145/3548659.3561307","title":"KUBO: a framework for automated efficacy testing of anti-virus behavioral detection with procedure-based malware emulation","display_name":"KUBO: a framework for automated efficacy testing of anti-virus behavioral detection with procedure-based malware emulation","publication_year":2022,"publication_date":"2022-11-07","ids":{"openalex":"https://openalex.org/W4308627563","doi":"https://doi.org/10.1145/3548659.3561307"},"language":"en","primary_location":{"id":"doi:10.1145/3548659.3561307","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3548659.3561307","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 13th International Workshop on Automating Test Case Design, Selection and Evaluation","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5049959963","display_name":"Jakub Pru\u017einec","orcid":null},"institutions":[{"id":"https://openalex.org/I4210108443","display_name":"Advanced Digital Sciences Center","ror":"https://ror.org/01xaqx887","country_code":"SG","type":"facility","lineage":["https://openalex.org/I4210108443"]}],"countries":["SG"],"is_corresponding":true,"raw_author_name":"Jakub Pru\u017einec","raw_affiliation_strings":["HP-NTU Digital Manufacturing Corporate Lab, Singapore"],"affiliations":[{"raw_affiliation_string":"HP-NTU Digital Manufacturing Corporate Lab, Singapore","institution_ids":["https://openalex.org/I4210108443"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101188943","display_name":"Quynh Anh Mai Nguyen","orcid":null},"institutions":[{"id":"https://openalex.org/I4210108443","display_name":"Advanced Digital Sciences Center","ror":"https://ror.org/01xaqx887","country_code":"SG","type":"facility","lineage":["https://openalex.org/I4210108443"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Quynh Anh Nguyen","raw_affiliation_strings":["HP-NTU Digital Manufacturing Corporate Lab, Singapore"],"affiliations":[{"raw_affiliation_string":"HP-NTU Digital Manufacturing Corporate Lab, Singapore","institution_ids":["https://openalex.org/I4210108443"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103588511","display_name":"Adrian Baldwin","orcid":null},"institutions":[{"id":"https://openalex.org/I4210156325","display_name":"Hewlett-Packard (United Kingdom)","ror":"https://ror.org/05g4mtv59","country_code":"GB","type":"company","lineage":["https://openalex.org/I1324840837","https://openalex.org/I4210156325"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Adrian Baldwin","raw_affiliation_strings":["HP-Labs, UK"],"affiliations":[{"raw_affiliation_string":"HP-Labs, UK","institution_ids":["https://openalex.org/I4210156325"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5042851788","display_name":"Jonathan Griffin","orcid":null},"institutions":[{"id":"https://openalex.org/I4210156325","display_name":"Hewlett-Packard (United Kingdom)","ror":"https://ror.org/05g4mtv59","country_code":"GB","type":"company","lineage":["https://openalex.org/I1324840837","https://openalex.org/I4210156325"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Jonathan Griffin","raw_affiliation_strings":["HP-Labs, UK"],"affiliations":[{"raw_affiliation_string":"HP-Labs, UK","institution_ids":["https://openalex.org/I4210156325"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100355692","display_name":"Yang Liu","orcid":"https://orcid.org/0000-0001-7300-9215"},"institutions":[{"id":"https://openalex.org/I4210108443","display_name":"Advanced Digital Sciences Center","ror":"https://ror.org/01xaqx887","country_code":"SG","type":"facility","lineage":["https://openalex.org/I4210108443"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Yang Liu","raw_affiliation_strings":["HP-NTU Digital Manufacturing Corporate Lab, Singapore"],"affiliations":[{"raw_affiliation_string":"HP-NTU Digital Manufacturing Corporate Lab, Singapore","institution_ids":["https://openalex.org/I4210108443"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5049959963"],"corresponding_institution_ids":["https://openalex.org/I4210108443"],"apc_list":null,"apc_paid":null,"fwci":0.2972,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.51854037,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"37","last_page":"44"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9970999956130981,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9944999814033508,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/emulation","display_name":"Emulation","score":0.9298738241195679},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9251827001571655},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7846498489379883},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.5999256372451782},{"id":"https://openalex.org/keywords/anti-virus","display_name":"Anti virus","score":0.5463292598724365},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5380842685699463},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5277957320213318},{"id":"https://openalex.org/keywords/computer-virus","display_name":"Computer virus","score":0.4890647828578949},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.15714848041534424},{"id":"https://openalex.org/keywords/virology","display_name":"Virology","score":0.06473875045776367}],"concepts":[{"id":"https://openalex.org/C149810388","wikidata":"https://www.wikidata.org/wiki/Q5374873","display_name":"Emulation","level":2,"score":0.9298738241195679},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9251827001571655},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7846498489379883},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.5999256372451782},{"id":"https://openalex.org/C2983655198","wikidata":"https://www.wikidata.org/wiki/Q93249","display_name":"Anti virus","level":2,"score":0.5463292598724365},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5380842685699463},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5277957320213318},{"id":"https://openalex.org/C19407854","wikidata":"https://www.wikidata.org/wiki/Q485","display_name":"Computer virus","level":2,"score":0.4890647828578949},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.15714848041534424},{"id":"https://openalex.org/C159047783","wikidata":"https://www.wikidata.org/wiki/Q7215","display_name":"Virology","level":1,"score":0.06473875045776367},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C50522688","wikidata":"https://www.wikidata.org/wiki/Q189833","display_name":"Economic growth","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3548659.3561307","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3548659.3561307","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 13th International Workshop on Automating Test Case Design, Selection and Evaluation","raw_type":"proceedings-article"},{"id":"pmh:oai:dr.ntu.edu.sg:10356/171747","is_oa":false,"landing_page_url":"https://hdl.handle.net/10356/171747","pdf_url":null,"source":{"id":"https://openalex.org/S4306402609","display_name":"DR-NTU (Nanyang Technological University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I172675005","host_organization_name":"Nanyang Technological University","host_organization_lineage":["https://openalex.org/I172675005"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Conference Paper"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.5600000023841858}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":19,"referenced_works":["https://openalex.org/W200681053","https://openalex.org/W1973403081","https://openalex.org/W2024170198","https://openalex.org/W2054756892","https://openalex.org/W2107889964","https://openalex.org/W2142902108","https://openalex.org/W2215444025","https://openalex.org/W2403995870","https://openalex.org/W2499898264","https://openalex.org/W2560828726","https://openalex.org/W2583329118","https://openalex.org/W2784097977","https://openalex.org/W2907611437","https://openalex.org/W2997993688","https://openalex.org/W2998066361","https://openalex.org/W3048012689","https://openalex.org/W3092781945","https://openalex.org/W3113318878","https://openalex.org/W6608206699"],"related_works":["https://openalex.org/W2073106194","https://openalex.org/W2156366773","https://openalex.org/W2765922303","https://openalex.org/W4360996742","https://openalex.org/W2356039636","https://openalex.org/W2166844173","https://openalex.org/W2741867772","https://openalex.org/W1513332347","https://openalex.org/W3170525725","https://openalex.org/W2150675148"],"abstract_inverted_index":{"Traditional":[0],"testing":[1],"of":[2,13,36,63],"Anti-Virus":[3],"(AV)":[4],"products":[5],"is":[6,48],"usually":[7],"performed":[8],"on":[9,25,33],"a":[10],"curated":[11],"set":[12],"malware":[14],"samples.":[15],"While":[16],"this":[17],"approach":[18],"can":[19],"evaluate":[20],"an":[21],"AV's":[22],"overall":[23],"performance":[24],"known":[26,64],"threats,":[27],"it":[28],"fails":[29],"to":[30],"provide":[31],"details":[32],"the":[34],"coverage":[35,46],"exact":[37],"attack":[38,55,65],"techniques":[39],"used":[40],"by":[41],"adversaries":[42],"and":[43,61],"malware.":[44],"Such":[45],"information":[47],"crucial":[49],"in":[50],"helping":[51],"users":[52],"understand":[53],"potential":[54],"paths":[56],"formed":[57],"using":[58],"new":[59],"code":[60],"combinations":[62],"techniques.":[66]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}