{"id":"https://openalex.org/W3207481842","doi":"https://doi.org/10.14428/esann/2021.es2021-27","title":"Validating static call graph-based malware signatures using community detection methods","display_name":"Validating static call graph-based malware signatures using community detection methods","publication_year":2021,"publication_date":"2021-01-01","ids":{"openalex":"https://openalex.org/W3207481842","doi":"https://doi.org/10.14428/esann/2021.es2021-27","mag":"3207481842"},"language":"en","primary_location":{"id":"doi:10.14428/esann/2021.es2021-27","is_oa":true,"landing_page_url":"http://doi.org/10.14428/esann/2021.es2021-27","pdf_url":"https://doi.org/10.14428/esann/2021.es2021-27","source":{"id":"https://openalex.org/S4306509709","display_name":"ESANN 2021 proceedings","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ESANN 2021 proceedings","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://doi.org/10.14428/esann/2021.es2021-27","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5034268689","display_name":"Attila Mester","orcid":"https://orcid.org/0000-0002-2251-5107"},"institutions":[{"id":"https://openalex.org/I3125347698","display_name":"Babe\u0219-Bolyai University","ror":"https://ror.org/02rmd1t30","country_code":"RO","type":"education","lineage":["https://openalex.org/I3125347698"]}],"countries":["RO"],"is_corresponding":true,"raw_author_name":"Attila Mester","raw_affiliation_strings":["-Babe-Bolyai University -Faculty of Mathematics and Computer Science Cluj-Napoca -Romania","-Bitdefender Cluj-Napoca -Romania","-Babe\u015f-Bolyai University -Faculty of Mathematics and Computer Science Cluj-Napoca -Romania"],"affiliations":[{"raw_affiliation_string":"-Babe-Bolyai University -Faculty of Mathematics and Computer Science Cluj-Napoca -Romania","institution_ids":["https://openalex.org/I3125347698"]},{"raw_affiliation_string":"-Bitdefender Cluj-Napoca -Romania","institution_ids":[]},{"raw_affiliation_string":"-Babe\u015f-Bolyai University -Faculty of Mathematics and Computer Science Cluj-Napoca -Romania","institution_ids":["https://openalex.org/I3125347698"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5087166070","display_name":"Zal\u00e1n Bod\u00f3","orcid":"https://orcid.org/0000-0002-4857-878X"},"institutions":[{"id":"https://openalex.org/I3125347698","display_name":"Babe\u0219-Bolyai University","ror":"https://ror.org/02rmd1t30","country_code":"RO","type":"education","lineage":["https://openalex.org/I3125347698"]}],"countries":["RO"],"is_corresponding":false,"raw_author_name":"Zal\u00e1n Bod\u00f3","raw_affiliation_strings":["-Babe\u015f-Bolyai University -Faculty of Mathematics and Computer Science Cluj-Napoca -Romania"],"affiliations":[{"raw_affiliation_string":"-Babe\u015f-Bolyai University -Faculty of Mathematics and Computer Science Cluj-Napoca -Romania","institution_ids":["https://openalex.org/I3125347698"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5034268689"],"corresponding_institution_ids":["https://openalex.org/I3125347698"],"apc_list":null,"apc_paid":null,"fwci":0.4584,"has_fulltext":true,"cited_by_count":4,"citation_normalized_percentile":{"value":0.66221879,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10064","display_name":"Complex Network Analysis Techniques","score":0.995199978351593,"subfield":{"id":"https://openalex.org/subfields/3109","display_name":"Statistical and Nonlinear Physics"},"field":{"id":"https://openalex.org/fields/31","display_name":"Physics and Astronomy"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9909999966621399,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8487404584884644},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.816569447517395},{"id":"https://openalex.org/keywords/call-graph","display_name":"Call graph","score":0.5788664817810059},{"id":"https://openalex.org/keywords/graph","display_name":"Graph","score":0.4542135000228882},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.28230226039886475},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.266741544008255}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8487404584884644},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.816569447517395},{"id":"https://openalex.org/C102379954","wikidata":"https://www.wikidata.org/wiki/Q2589940","display_name":"Call graph","level":2,"score":0.5788664817810059},{"id":"https://openalex.org/C132525143","wikidata":"https://www.wikidata.org/wiki/Q141488","display_name":"Graph","level":2,"score":0.4542135000228882},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.28230226039886475},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.266741544008255}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.14428/esann/2021.es2021-27","is_oa":true,"landing_page_url":"http://doi.org/10.14428/esann/2021.es2021-27","pdf_url":"https://doi.org/10.14428/esann/2021.es2021-27","source":{"id":"https://openalex.org/S4306509709","display_name":"ESANN 2021 proceedings","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ESANN 2021 proceedings","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.14428/esann/2021.es2021-27","is_oa":true,"landing_page_url":"http://doi.org/10.14428/esann/2021.es2021-27","pdf_url":"https://doi.org/10.14428/esann/2021.es2021-27","source":{"id":"https://openalex.org/S4306509709","display_name":"ESANN 2021 proceedings","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ESANN 2021 proceedings","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3207481842.pdf","grobid_xml":"https://content.openalex.org/works/W3207481842.grobid-xml"},"referenced_works_count":15,"referenced_works":["https://openalex.org/W1966948031","https://openalex.org/W2012833704","https://openalex.org/W2012976560","https://openalex.org/W2126401948","https://openalex.org/W2127048411","https://openalex.org/W2599823825","https://openalex.org/W2601305972","https://openalex.org/W2609517418","https://openalex.org/W2753692828","https://openalex.org/W2900633536","https://openalex.org/W4230940751","https://openalex.org/W4231934124","https://openalex.org/W6631834165","https://openalex.org/W6735467509","https://openalex.org/W6922607811"],"related_works":["https://openalex.org/W1855034413","https://openalex.org/W3214962084","https://openalex.org/W1986274024","https://openalex.org/W2054093027","https://openalex.org/W2972851161","https://openalex.org/W2085562432","https://openalex.org/W2163938685","https://openalex.org/W1971139551","https://openalex.org/W2968146306","https://openalex.org/W193849731"],"abstract_inverted_index":{"Due":[0],"to":[1,13,23,40,52,75,110],"the":[2,25,44,54,70,86,112],"increasing":[3],"number":[4],"of":[5,47],"new":[6],"malware":[7,73],"appearing":[8],"daily,":[9],"it":[10],"is":[11,62],"impossible":[12],"manually":[14],"inspect":[15],"each":[16],"sample.":[17],"By":[18],"applying":[19,65,106],"data":[20],"mining":[21],"techniques":[22,109],"analyze":[24],"program":[26],"code,":[27],"we":[28,36],"can":[29],"help":[30],"manual":[31],"processing.":[32],"In":[33],"this":[34],"paper":[35],"propose":[37],"a":[38,48],"method":[39,61],"extract":[41],"signatures":[42,94],"from":[43],"executable":[45],"binary":[46],"malware,":[49],"in":[50,57,85],"order":[51],"query":[53],"local":[55],"neighborhood":[56],"real":[58],"time.":[59],"The":[60,93],"validated":[63],"by":[64],"community":[66],"detection":[67],"algorithms":[68],"on":[69],"common":[71],"fingerprint-based":[72],"graph":[74],"identify":[76],"families,":[77],"and":[78,105],"assessing":[79],"these":[80],"with":[81,116],"evaluation":[82],"metrics":[83],"used":[84],"field":[87],"(e.g.":[88],"modularity,":[89],"family":[90],"majority,":[91],"etc.).":[92],"are":[95],"obtained":[96],"via":[97],"static":[98],"code":[99],"analysis,":[100],"using":[101],"function":[102],"call":[103],"n-grams":[104],"locality-sensitive":[107],"hashing":[108],"enable":[111],"match":[113],"between":[114],"functions":[115],"highly":[117],"similar":[118],"instruction":[119],"lists.":[120]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}