{"id":"https://openalex.org/W3023457216","doi":"https://doi.org/10.1145/3384544.3384556","title":"A Malware Detection Framework Based on Forensic and Unsupervised Machine Learning Methodologies","display_name":"A Malware Detection Framework Based on Forensic and Unsupervised Machine Learning Methodologies","publication_year":2020,"publication_date":"2020-02-18","ids":{"openalex":"https://openalex.org/W3023457216","doi":"https://doi.org/10.1145/3384544.3384556","mag":"3023457216"},"language":"en","primary_location":{"id":"doi:10.1145/3384544.3384556","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3384544.3384556","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2020 9th International Conference on Software and Computer Applications","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5043599152","display_name":"Ahmad Naim Irfan","orcid":null},"institutions":[{"id":"https://openalex.org/I4576418","display_name":"University of Technology Malaysia","ror":"https://ror.org/026w31v75","country_code":"MY","type":"education","lineage":["https://openalex.org/I4576418"]}],"countries":["MY"],"is_corresponding":true,"raw_author_name":"Ahmad Naim Irfan","raw_affiliation_strings":["University of Technology Malaysia, Kuala Lumpur, Malaysia"],"affiliations":[{"raw_affiliation_string":"University of Technology Malaysia, Kuala Lumpur, Malaysia","institution_ids":["https://openalex.org/I4576418"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5109456111","display_name":"Aswami Ariffin","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Aswami Ariffin","raw_affiliation_strings":["CyberSecurity Malaysia, Malaysia"],"affiliations":[{"raw_affiliation_string":"CyberSecurity Malaysia, Malaysia","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5003837846","display_name":"Mohd Naz\u2019ri Mahrin","orcid":"https://orcid.org/0000-0002-9604-9700"},"institutions":[{"id":"https://openalex.org/I4576418","display_name":"University of Technology Malaysia","ror":"https://ror.org/026w31v75","country_code":"MY","type":"education","lineage":["https://openalex.org/I4576418"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Mohd Naz'ri Mahrin","raw_affiliation_strings":["University of Technology Malaysia, Kuala Lumpur, Malaysia"],"affiliations":[{"raw_affiliation_string":"University of Technology Malaysia, Kuala Lumpur, Malaysia","institution_ids":["https://openalex.org/I4576418"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5062133260","display_name":"Syahid Anuar","orcid":null},"institutions":[{"id":"https://openalex.org/I4576418","display_name":"University of Technology Malaysia","ror":"https://ror.org/026w31v75","country_code":"MY","type":"education","lineage":["https://openalex.org/I4576418"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Syahid Anuar","raw_affiliation_strings":["University of Technology Malaysia, Kuala Lumpur, Malaysia"],"affiliations":[{"raw_affiliation_string":"University of Technology Malaysia, Kuala Lumpur, Malaysia","institution_ids":["https://openalex.org/I4576418"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5043599152"],"corresponding_institution_ids":["https://openalex.org/I4576418"],"apc_list":null,"apc_paid":null,"fwci":0.1515,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.40599078,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"194","last_page":"200"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9595377445220947},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8100764751434326},{"id":"https://openalex.org/keywords/evasion","display_name":"Evasion (ethics)","score":0.755324125289917},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6379332542419434},{"id":"https://openalex.org/keywords/identification","display_name":"Identification (biology)","score":0.6064499616622925},{"id":"https://openalex.org/keywords/signature","display_name":"Signature (topology)","score":0.5526495575904846},{"id":"https://openalex.org/keywords/cryptovirology","display_name":"Cryptovirology","score":0.5401332378387451},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.5395623445510864},{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.5140365362167358},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4741125702857971},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.43492671847343445}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9595377445220947},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8100764751434326},{"id":"https://openalex.org/C2781251061","wikidata":"https://www.wikidata.org/wiki/Q5416089","display_name":"Evasion (ethics)","level":3,"score":0.755324125289917},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6379332542419434},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.6064499616622925},{"id":"https://openalex.org/C2779696439","wikidata":"https://www.wikidata.org/wiki/Q7512811","display_name":"Signature (topology)","level":2,"score":0.5526495575904846},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.5401332378387451},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.5395623445510864},{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.5140365362167358},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4741125702857971},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.43492671847343445},{"id":"https://openalex.org/C203014093","wikidata":"https://www.wikidata.org/wiki/Q101929","display_name":"Immunology","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C8891405","wikidata":"https://www.wikidata.org/wiki/Q1059","display_name":"Immune system","level":2,"score":0.0},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0},{"id":"https://openalex.org/C59822182","wikidata":"https://www.wikidata.org/wiki/Q441","display_name":"Botany","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3384544.3384556","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3384544.3384556","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2020 9th International Conference on Software and Computer Applications","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6299999952316284,"id":"https://metadata.un.org/sdg/3","display_name":"Good health and well-being"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":18,"referenced_works":["https://openalex.org/W1981221397","https://openalex.org/W2000052253","https://openalex.org/W2032493468","https://openalex.org/W2038004736","https://openalex.org/W2050855115","https://openalex.org/W2084467408","https://openalex.org/W2346169715","https://openalex.org/W2514331801","https://openalex.org/W2765776360","https://openalex.org/W2775173651","https://openalex.org/W2783245716","https://openalex.org/W2792672492","https://openalex.org/W2792900243","https://openalex.org/W2801305544","https://openalex.org/W2915893383","https://openalex.org/W2962900357","https://openalex.org/W4242127608","https://openalex.org/W6728453822"],"related_works":["https://openalex.org/W3214090987","https://openalex.org/W4249009605","https://openalex.org/W2900526031","https://openalex.org/W4256304280","https://openalex.org/W4387298227","https://openalex.org/W2395100307","https://openalex.org/W2470029541","https://openalex.org/W4387065217","https://openalex.org/W2470502009","https://openalex.org/W4368275542"],"abstract_inverted_index":{"The":[0,129],"detection":[1,55,119],"of":[2,8,66],"malware":[3,20,36,40,54,62,83,93,118,137],"intrusion":[4],"requires":[5],"the":[6,19,39,82,141,145,148],"identification":[7],"its":[9],"signature.":[10],"However,":[11],"it":[12,48],"is":[13,32,49,88,107,131],"a":[14,53,78,105,117],"complex":[15],"task":[16],"due":[17,34],"to":[18,23,35,51,80,109,140,156],"sophisticated":[21],"ability":[22],"evade":[24],"security":[25],"mechanisms":[26],"deployed":[27],"by":[28,138],"cybersecurity":[29,154],"practitioners.":[30],"Evasion":[31],"possible":[33],"authors":[37],"changing":[38],"signature":[41,98,142],"using":[42,92],"metamorphism":[43],"or":[44,96],"polymorphism":[45],"tactics.":[46],"Currently,":[47],"necessary":[50],"formulate":[52],"method":[56],"focusing":[57],"on":[58,122],"dynamic":[59],"and":[60,101,124,133],"automated":[61],"analysis.":[63,146],"Malware":[64],"Indicator":[65],"Compromise":[67],"(IOC)":[68],"data":[69],"analysis":[70],"with":[71,94],"machine":[72,126],"learning":[73,127],"can":[74,150],"be":[75],"used":[76],"as":[77,90],"technique":[79],"obtain":[81],"signatures.":[84],"This":[85],"technical":[86],"approach":[87],"practical":[89],"cyber-attacks":[91],"new":[95],"changed":[97],"are":[99],"pandemic":[100],"remain":[102],"undetected,":[103],"therefore,":[104],"framework":[106,120,130,149],"needed":[108],"overcome":[110],"this":[111,114],"situation.":[112],"Thus,":[113],"research":[115],"proposed":[116],"based":[121],"forensic":[123],"unsupervised":[125],"methodologies.":[128],"experimented":[132],"proven":[134],"in":[135],"detecting":[136],"referring":[139],"derived":[143],"from":[144],"Furthermore,":[147],"provide":[151],"guidelines":[152],"for":[153],"practitioners":[155],"conduct":[157],"threat":[158],"hunting":[159],"within":[160],"their":[161],"IT":[162],"systems.":[163]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}