{"id":"https://openalex.org/W4411010512","doi":"https://doi.org/10.1145/3714393.3726003","title":"Padding Matters - Exploring Function Detection in PE Files: Data/Toolset paper","display_name":"Padding Matters - Exploring Function Detection in PE Files: Data/Toolset paper","publication_year":2024,"publication_date":"2024-06-19","ids":{"openalex":"https://openalex.org/W4411010512","doi":"https://doi.org/10.1145/3714393.3726003"},"language":"en","primary_location":{"id":"doi:10.1145/3714393.3726003","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3714393.3726003","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3714393.3726003","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Fifteenth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3714393.3726003","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5010608722","display_name":"Raphael Springer","orcid":null},"institutions":[{"id":"https://openalex.org/I4210122778","display_name":"University of Applied Sciences for Public Administration and Management","ror":"https://ror.org/02qbcmz19","country_code":"DE","type":"education","lineage":["https://openalex.org/I4210122778"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Raphael Springer","raw_affiliation_strings":["Institute for Internet Security, Westphalian University of Applied Sciences, Gelsenkirchen, Germany"],"raw_orcid":"https://orcid.org/0009-0008-8298-7895","affiliations":[{"raw_affiliation_string":"Institute for Internet Security, Westphalian University of Applied Sciences, Gelsenkirchen, Germany","institution_ids":["https://openalex.org/I4210122778"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Alexander Schmitz","orcid":"https://orcid.org/0009-0006-0514-9535"},"institutions":[{"id":"https://openalex.org/I4210122778","display_name":"University of Applied Sciences for Public Administration and Management","ror":"https://ror.org/02qbcmz19","country_code":"DE","type":"education","lineage":["https://openalex.org/I4210122778"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Alexander Schmitz","raw_affiliation_strings":["Institute for Internet Security, Westphalian University of Applied Sciences, Gelsenkirchen, Germany"],"raw_orcid":"https://orcid.org/0009-0006-0514-9535","affiliations":[{"raw_affiliation_string":"Institute for Internet Security, Westphalian University of Applied Sciences, Gelsenkirchen, Germany","institution_ids":["https://openalex.org/I4210122778"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5083668884","display_name":"Artur Leinweber","orcid":null},"institutions":[{"id":"https://openalex.org/I4210122778","display_name":"University of Applied Sciences for Public Administration and Management","ror":"https://ror.org/02qbcmz19","country_code":"DE","type":"education","lineage":["https://openalex.org/I4210122778"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Artur Leinweber","raw_affiliation_strings":["Institute for Internet Security, Westphalian University of Applied Sciences, Gelsenkirchen, Germany"],"raw_orcid":"https://orcid.org/0009-0001-7623-1038","affiliations":[{"raw_affiliation_string":"Institute for Internet Security, Westphalian University of Applied Sciences, Gelsenkirchen, Germany","institution_ids":["https://openalex.org/I4210122778"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5089427676","display_name":"Tobias Urban","orcid":"https://orcid.org/0000-0003-0908-0038"},"institutions":[{"id":"https://openalex.org/I4210122778","display_name":"University of Applied Sciences for Public Administration and Management","ror":"https://ror.org/02qbcmz19","country_code":"DE","type":"education","lineage":["https://openalex.org/I4210122778"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Tobias Urban","raw_affiliation_strings":["Institute for Internet Security, Westphalian University of Applied Sciences, Gelsenkirchen, Germany"],"raw_orcid":"https://orcid.org/0000-0003-0908-0038","affiliations":[{"raw_affiliation_string":"Institute for Internet Security, Westphalian University of Applied Sciences, Gelsenkirchen, Germany","institution_ids":["https://openalex.org/I4210122778"]}]},{"author_position":"last","author":{"id":null,"display_name":"Christian Dietrich","orcid":"https://orcid.org/0009-0001-5523-4467"},"institutions":[{"id":"https://openalex.org/I4210122778","display_name":"University of Applied Sciences for Public Administration and Management","ror":"https://ror.org/02qbcmz19","country_code":"DE","type":"education","lineage":["https://openalex.org/I4210122778"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Christian Dietrich","raw_affiliation_strings":["Institute for Internet Security, Westphalian University of Applied Sciences, Gelsenkirchen, Germany"],"raw_orcid":"https://orcid.org/0009-0001-5523-4467","affiliations":[{"raw_affiliation_string":"Institute for Internet Security, Westphalian University of Applied Sciences, Gelsenkirchen, Germany","institution_ids":["https://openalex.org/I4210122778"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5010608722"],"corresponding_institution_ids":["https://openalex.org/I4210122778"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.26959855,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"179","last_page":"184"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9941999912261963,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10478","display_name":"Diamond and Carbon-based Materials Research","score":0.9818000197410583,"subfield":{"id":"https://openalex.org/subfields/2505","display_name":"Materials Chemistry"},"field":{"id":"https://openalex.org/fields/25","display_name":"Materials Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7718892097473145},{"id":"https://openalex.org/keywords/padding","display_name":"Padding","score":0.7376803755760193},{"id":"https://openalex.org/keywords/function","display_name":"Function (biology)","score":0.5999652147293091},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.23334822058677673}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7718892097473145},{"id":"https://openalex.org/C165435473","wikidata":"https://www.wikidata.org/wiki/Q1509884","display_name":"Padding","level":2,"score":0.7376803755760193},{"id":"https://openalex.org/C14036430","wikidata":"https://www.wikidata.org/wiki/Q3736076","display_name":"Function (biology)","level":2,"score":0.5999652147293091},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.23334822058677673},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C78458016","wikidata":"https://www.wikidata.org/wiki/Q840400","display_name":"Evolutionary biology","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3714393.3726003","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3714393.3726003","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3714393.3726003","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Fifteenth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2504.21520","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2504.21520","pdf_url":"https://arxiv.org/pdf/2504.21520","source":{"id":"https://openalex.org/S4393918464","display_name":"ArXiv.org","issn_l":"2331-8422","issn":["2331-8422"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"doi:10.1145/3714393.3726003","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3714393.3726003","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3714393.3726003","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Fifteenth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320321114","display_name":"Bundesministerium f\u00fcr Bildung und Forschung","ror":"https://ror.org/04pz7b180"},{"id":"https://openalex.org/F4320323817","display_name":"Universitas Brawijaya","ror":"https://ror.org/01wk3d929"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4411010512.pdf","grobid_xml":"https://content.openalex.org/works/W4411010512.grobid-xml"},"referenced_works_count":11,"referenced_works":["https://openalex.org/W646354405","https://openalex.org/W1412775481","https://openalex.org/W2496999134","https://openalex.org/W2583316335","https://openalex.org/W2625806818","https://openalex.org/W2991211322","https://openalex.org/W3137108338","https://openalex.org/W3191183436","https://openalex.org/W4200070817","https://openalex.org/W4386008977","https://openalex.org/W6683356291"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2142641794","https://openalex.org/W4384947563","https://openalex.org/W2946726629","https://openalex.org/W4231428344","https://openalex.org/W4391601668","https://openalex.org/W4322753435","https://openalex.org/W4243974052"],"abstract_inverted_index":{"Function":[0],"detection":[1,70,106],"is":[2,143],"a":[3,27],"well-known":[4],"problem":[5],"in":[6],"binary":[7],"analysis.":[8],"While":[9],"prior":[10],"work":[11],"has":[12],"focused":[13],"on":[14,104],"Linux/ELF,":[15],"Windows/PE":[16],"binaries":[17],"have":[18],"only":[19],"partially":[20],"been":[21],"considered.":[22],"This":[23],"paper":[24],"introduces":[25],"FuncPEval,":[26,52],"dataset":[28],"for":[29,47,80],"Windows":[30],"x86":[31],"and":[32,38,62,130],"x64":[33],"PE":[34],"files,":[35],"featuring":[36],"Chromium":[37,81],"the":[39,76,92,98,105,124,127,133,138,144,149],"Conti":[40],"ransomware,":[41],"along":[42],"with":[43],"ground":[44],"truth":[45],"data":[46],"1,092,820":[48],"function":[49,68],"starts.":[50],"Utilizing":[51],"we":[53,96],"evaluate":[54],"five":[55],"heuristics-based":[56],"(Ghidra,":[57],"IDA,":[58],"Nucleus,":[59],"rev.ng,":[60,113],"SMDA)":[61],"three":[63],"machine-learning-based":[64],"(DeepDi,":[65],"RNN,":[66,128],"XDA)":[67],"start":[69],"tools.":[71,151],"Among":[72,132],"these,":[73],"IDA":[74],"achieves":[75],"highest":[77],"F1-score":[78],"(98.44%)":[79],"x64,":[82],"while":[83,141],"DeepDi":[84,136],"closely":[85],"follows":[86],"(97%)":[87],"but":[88],"stands":[89],"out":[90],"as":[91],"fastest.":[93],"Towards":[94],"explainability,":[95],"examine":[97],"impact":[99],"of":[100,126],"padding":[101,121],"between":[102],"functions":[103],"results,":[107],"finding":[108],"all":[109],"tested":[110],"tools,":[111,135],"except":[112],"are":[114],"susceptible":[115],"to":[116],"randomized":[117,120],"padding.":[118],"The":[119],"significantly":[122],"diminishes":[123],"effectiveness":[125],"XDA,":[129],"Nucleus.":[131],"learning-based":[134],"exhibits":[137],"least":[139],"sensitivity,":[140],"Nucleus":[142],"most":[145],"adversely":[146],"affected":[147],"among":[148],"non-learning-based":[150]},"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-06-04T00:00:00"}