{"id":"https://openalex.org/W4401067348","doi":"https://doi.org/10.1145/3670105.3670209","title":"Automatically Generate Malware Detection Rules By Extracting Risk Information","display_name":"Automatically Generate Malware Detection Rules By Extracting Risk Information","publication_year":2024,"publication_date":"2024-05-24","ids":{"openalex":"https://openalex.org/W4401067348","doi":"https://doi.org/10.1145/3670105.3670209"},"language":"en","primary_location":{"id":"doi:10.1145/3670105.3670209","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3670105.3670209","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 5th International Conference on Computing, Networks and Internet of Things","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5006725452","display_name":"Haocong Li","orcid":"https://orcid.org/0009-0001-2314-1354"},"institutions":[{"id":"https://openalex.org/I21193070","display_name":"Beijing Jiaotong University","ror":"https://ror.org/01yj56c84","country_code":"CN","type":"education","lineage":["https://openalex.org/I21193070"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Haocong Li","raw_affiliation_strings":["Beijing Jiaotong University, China"],"raw_orcid":"https://orcid.org/0009-0001-2314-1354","affiliations":[{"raw_affiliation_string":"Beijing Jiaotong University, China","institution_ids":["https://openalex.org/I21193070"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5114986000","display_name":"Jie Li","orcid":"https://orcid.org/0000-0002-3896-2403"},"institutions":[{"id":"https://openalex.org/I3125743391","display_name":"China University of Geosciences (Beijing)","ror":"https://ror.org/04q6c7p66","country_code":"CN","type":"education","lineage":["https://openalex.org/I3125743391"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jie Li","raw_affiliation_strings":["China University of Geosciences, China"],"raw_orcid":"https://orcid.org/0000-0002-3896-2403","affiliations":[{"raw_affiliation_string":"China University of Geosciences, China","institution_ids":["https://openalex.org/I3125743391"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5006725452"],"corresponding_institution_ids":["https://openalex.org/I21193070"],"apc_list":null,"apc_paid":null,"fwci":0.3288,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.51958861,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"595","last_page":"599"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.796713650226593},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7752830982208252},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.43570244312286377},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.41031938791275024},{"id":"https://openalex.org/keywords/information-retrieval","display_name":"Information retrieval","score":0.36594778299331665},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.26178959012031555}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.796713650226593},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7752830982208252},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.43570244312286377},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.41031938791275024},{"id":"https://openalex.org/C23123220","wikidata":"https://www.wikidata.org/wiki/Q816826","display_name":"Information retrieval","level":1,"score":0.36594778299331665},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.26178959012031555}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3670105.3670209","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3670105.3670209","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 5th International Conference on Computing, Networks and Internet of Things","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":10,"referenced_works":["https://openalex.org/W2078410218","https://openalex.org/W2791437017","https://openalex.org/W2894779647","https://openalex.org/W2911716162","https://openalex.org/W3046453918","https://openalex.org/W3084078945","https://openalex.org/W3105646798","https://openalex.org/W3208665740","https://openalex.org/W4231029117","https://openalex.org/W4312503753"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2097492617","https://openalex.org/W2753240997","https://openalex.org/W1764168690","https://openalex.org/W2537959205","https://openalex.org/W2740895074","https://openalex.org/W2772446090","https://openalex.org/W4284893819"],"abstract_inverted_index":{"With":[0],"the":[1,7,18,34,50,105,108,120,142,158],"continuous":[2],"growth":[3],"of":[4,20,53,107,144,155,160],"packages":[5],"in":[6,17,33,176],"open-source":[8],"software":[9],"ecosystem,":[10],"there":[11,38],"has":[12],"been":[13],"an":[14],"explosive":[15],"increase":[16],"number":[19],"malware.":[21,54],"Therefore,":[22],"how":[23],"to":[24,85,94,130,167],"quickly":[25],"and":[26,37,98,127,134,170],"accurately":[27],"identify":[28],"malware":[29],"is":[30,39,92,101,163,172],"a":[31,60],"concern":[32],"security":[35],"field,":[36],"relatively":[40],"less":[41],"work":[42],"focused":[43],"on":[44,68,104],"generating":[45,64,83],"detection":[46],"rules":[47,66,84,112,126,145],"directly":[48],"from":[49],"source":[51,109],"code":[52],"In":[55],"this":[56,148],"paper,":[57],"we":[58],"propose":[59],"method":[61,149],"for":[62,115],"automatically":[63,82],"YARA":[65],"based":[67,103],"risk":[69,96,117],"information":[70,99],"(RICYara),":[71],"which":[72],"can":[73],"cover":[74],"malicious":[75],"behaviors":[76],"as":[77,79],"much":[78],"possible":[80],"while":[81],"ensure":[86],"their":[87],"effectiveness.":[88],"Named":[89],"entity":[90],"recognition":[91],"used":[93],"mine":[95],"information,":[97],"grouping":[100],"performed":[102],"content":[106],"code.":[110],"Three":[111],"are":[113,150],"designed":[114],"selecting":[116],"group.":[118],"Then,":[119],"feature":[121],"extraction":[122],"algorithm":[123],"uses":[124],"heuristic":[125],"Isolation":[128],"Forests":[129],"create":[131],"black-and-white":[132],"list":[133],"then":[135],"generate":[136],"rules.":[137],"Experimental":[138],"results":[139],"show":[140],"that":[141],"scores":[143],"generated":[146],"by":[147],"significantly":[151],"higher":[152,165],"than":[153],"those":[154],"other":[156,168],"methods,":[157,169],"efficiency":[159],"rule":[161],"effectiveness":[162],"exponentially":[164],"compared":[166],"it":[171],"also":[173],"more":[174],"accurate":[175],"practical":[177],"detection.":[178]},"counts_by_year":[{"year":2024,"cited_by_count":1}],"updated_date":"2025-12-26T23:08:49.675405","created_date":"2025-10-10T00:00:00"}