{"id":"https://openalex.org/W2271080438","doi":"https://doi.org/10.31274/etd-180810-4212","title":"Man-machine partial program analysis for malware detection","display_name":"Man-machine partial program analysis for malware detection","publication_year":2015,"publication_date":"2015-01-01","ids":{"openalex":"https://openalex.org/W2271080438","doi":"https://doi.org/10.31274/etd-180810-4212","mag":"2271080438"},"language":"en","primary_location":{"id":"doi:10.31274/etd-180810-4212","is_oa":false,"landing_page_url":"https://doi.org/10.31274/etd-180810-4212","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Iowa State University, Digital Repository","raw_type":"dissertation"},"type":"dissertation","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5001282059","display_name":"Thomas Norman Deering","orcid":null},"institutions":[{"id":"https://openalex.org/I173911158","display_name":"Iowa State University","ror":"https://ror.org/04rswrd78","country_code":"US","type":"education","lineage":["https://openalex.org/I173911158"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Thomas Norman Deering","raw_affiliation_strings":["Iowa State University"],"affiliations":[{"raw_affiliation_string":"Iowa State University","institution_ids":["https://openalex.org/I173911158"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5001282059"],"corresponding_institution_ids":["https://openalex.org/I173911158"],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9962999820709229,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9835000038146973,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.7877768874168396},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7346484065055847},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.5847434401512146},{"id":"https://openalex.org/keywords/cryptovirology","display_name":"Cryptovirology","score":0.575477123260498},{"id":"https://openalex.org/keywords/toolbox","display_name":"Toolbox","score":0.5688270330429077},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.5177016258239746},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.4939480423927307},{"id":"https://openalex.org/keywords/automation","display_name":"Automation","score":0.4466702938079834},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4337655007839203},{"id":"https://openalex.org/keywords/plug-in","display_name":"Plug-in","score":0.43280231952667236},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.38395458459854126},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.3617033362388611},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.18996679782867432},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.18102586269378662}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.7877768874168396},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7346484065055847},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.5847434401512146},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.575477123260498},{"id":"https://openalex.org/C2777655017","wikidata":"https://www.wikidata.org/wiki/Q1501161","display_name":"Toolbox","level":2,"score":0.5688270330429077},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.5177016258239746},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.4939480423927307},{"id":"https://openalex.org/C115901376","wikidata":"https://www.wikidata.org/wiki/Q184199","display_name":"Automation","level":2,"score":0.4466702938079834},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4337655007839203},{"id":"https://openalex.org/C4924752","wikidata":"https://www.wikidata.org/wiki/Q184148","display_name":"Plug-in","level":2,"score":0.43280231952667236},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.38395458459854126},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3617033362388611},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.18996679782867432},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.18102586269378662},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.31274/etd-180810-4212","is_oa":false,"landing_page_url":"https://doi.org/10.31274/etd-180810-4212","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Iowa State University, Digital Repository","raw_type":"dissertation"},{"id":"pmh:oai:lib.dr.iastate.edu:etd-5666","is_oa":false,"landing_page_url":"https://lib.dr.iastate.edu/cgi/viewcontent.cgi?article=5666&amp;amp;context=etd","pdf_url":null,"source":{"id":"https://openalex.org/S4377196104","display_name":"Iowa State University Digital Repository (Iowa State University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I173911158","host_organization_name":"Iowa State University","host_organization_lineage":["https://openalex.org/I173911158"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Graduate Theses and Dissertations","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6000000238418579,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":107,"referenced_works":["https://openalex.org/W7469215","https://openalex.org/W179639259","https://openalex.org/W206636664","https://openalex.org/W1520848031","https://openalex.org/W1553894716","https://openalex.org/W1597549781","https://openalex.org/W1849042743","https://openalex.org/W1856835768","https://openalex.org/W1865564993","https://openalex.org/W1868681840","https://openalex.org/W1915915253","https://openalex.org/W1943233084","https://openalex.org/W1954157985","https://openalex.org/W1959797194","https://openalex.org/W1963971515","https://openalex.org/W1964241047","https://openalex.org/W1966023382","https://openalex.org/W1969427878","https://openalex.org/W1971198057","https://openalex.org/W1974355965","https://openalex.org/W1974604404","https://openalex.org/W1981466760","https://openalex.org/W1982235649","https://openalex.org/W1985752637","https://openalex.org/W1986453394","https://openalex.org/W1988036170","https://openalex.org/W1988461443","https://openalex.org/W1990087033","https://openalex.org/W1990649188","https://openalex.org/W1992114977","https://openalex.org/W1994143452","https://openalex.org/W1994588724","https://openalex.org/W2001210019","https://openalex.org/W2002278076","https://openalex.org/W2007857904","https://openalex.org/W2010872735","https://openalex.org/W2011458734","https://openalex.org/W2012131382","https://openalex.org/W2014390890","https://openalex.org/W2019912855","https://openalex.org/W2023894381","https://openalex.org/W2024818492","https://openalex.org/W2025253701","https://openalex.org/W2028435315","https://openalex.org/W2028727337","https://openalex.org/W2032724464","https://openalex.org/W2039427951","https://openalex.org/W2041276426","https://openalex.org/W2043100293","https://openalex.org/W2051600169","https://openalex.org/W2051634947","https://openalex.org/W2058495559","https://openalex.org/W2060910994","https://openalex.org/W2068583268","https://openalex.org/W2070093650","https://openalex.org/W2072435623","https://openalex.org/W2072474927","https://openalex.org/W2074959961","https://openalex.org/W2077278164","https://openalex.org/W2077358611","https://openalex.org/W2078197322","https://openalex.org/W2080157505","https://openalex.org/W2089481916","https://openalex.org/W2095470000","https://openalex.org/W2097997737","https://openalex.org/W2100553995","https://openalex.org/W2100591395","https://openalex.org/W2106530774","https://openalex.org/W2107593769","https://openalex.org/W2109223453","https://openalex.org/W2109281874","https://openalex.org/W2114618422","https://openalex.org/W2117426803","https://openalex.org/W2122672392","https://openalex.org/W2123519624","https://openalex.org/W2124377830","https://openalex.org/W2125011234","https://openalex.org/W2125343911","https://openalex.org/W2126242334","https://openalex.org/W2127329916","https://openalex.org/W2127715253","https://openalex.org/W2128017182","https://openalex.org/W2131032015","https://openalex.org/W2132960674","https://openalex.org/W2135941874","https://openalex.org/W2136053107","https://openalex.org/W2136137337","https://openalex.org/W2139668965","https://openalex.org/W2143244564","https://openalex.org/W2144344516","https://openalex.org/W2145883452","https://openalex.org/W2147088720","https://openalex.org/W2147459295","https://openalex.org/W2153654970","https://openalex.org/W2156054519","https://openalex.org/W2158047578","https://openalex.org/W2162441576","https://openalex.org/W2163367563","https://openalex.org/W2169854666","https://openalex.org/W2171240827","https://openalex.org/W2171389360","https://openalex.org/W2177797324","https://openalex.org/W2291203434","https://openalex.org/W2398484989","https://openalex.org/W2615082125","https://openalex.org/W2618722342","https://openalex.org/W2913459036"],"related_works":["https://openalex.org/W2469507153","https://openalex.org/W2008790809","https://openalex.org/W4285507391","https://openalex.org/W2768892939","https://openalex.org/W2507496997","https://openalex.org/W2610659201","https://openalex.org/W3107556205","https://openalex.org/W4234891089","https://openalex.org/W2805262980","https://openalex.org/W2067547021"],"abstract_inverted_index":{"With":[0],"the":[1,7,17,25,52,64,122,150,170,266,285,294,305,308,340],"meteoric":[2],"rise":[3],"in":[4,165,181,331],"popularity":[5],"of":[6,20,27,45,51,67,109,116,153,198,214,261,278,284,304,307,342],"Android":[8,316],"platform,":[9],"there":[10,100],"is":[11,39,101,194,246],"an":[12,46,68,166,279],"urgent":[13],"need":[14,104],"to":[15,60,105,148,172,216,239,254,269],"combat":[16],"accompanying":[18],"proliferation":[19],"malware.":[21],"Existing":[22],"work":[23],"addresses":[24],"area":[26],"consumer":[28],"malware":[29,37,110],"detection,":[30],"but":[31],"cannot":[32],"detect":[33,106],"novel,":[34,313],"sophisticated,":[35,314],"domain-specific":[36,73,315],"that":[38,287,319],"targeted":[40],"specifically":[41],"at":[42],"one":[43],"aspect":[44],"organization":[47],"(eg.":[48,290],"ground":[49],"operations":[50],"US":[53],"Military).":[54],"Adversaries":[55],"can":[56,183],"exploit":[57],"domain":[58],"knowledge":[59],"camoflauge":[61],"malice":[62],"within":[63],"legitimate":[65],"behaviors":[66,161],"app":[69],"and":[70,83,95,118,162,176,232,236,273,298,327,334,349],"behind":[71],"a":[72,102,145,200,210,218,223,251,271,345,352],"trigger,":[74],"rendering":[75],"traditional":[76],"approaches":[77],"such":[78],"as":[79,344,351],"signature-matching,":[80],"machine":[81],"learning,":[82],"dynamic":[84],"monitoring":[85],"ineffective.":[86],"Manual":[87],"code":[88],"inspections":[89],"are":[90],"also":[91,247,338],"inadequate,":[92],"scaling":[93],"poorly":[94],"introducing":[96],"human":[97],"error.":[98],"Yet,":[99],"dire":[103],"this":[107,129],"kind":[108],"before":[111],"it":[112,288],"causes":[113],"catastrophic":[114],"loss":[115],"life":[117],"property.\\nThis":[119],"dissertation":[120,292],"presents":[121,293],"Security":[123,192,244,267,295,309],"Toolbox,":[124,296],"our":[125,154,187,320],"novel":[126,201,252],"solution":[127,253],"for":[128,139,226,311],"challenging":[130],"new":[131,178],"problem":[132],"posed":[133],"by":[134,186,206,249],"DARPA's":[135],"Automated":[136],"Program":[137],"Analysis":[138],"Cybersecurity":[140],"(APAC)":[141],"program.":[142],"We":[143,300,337],"employ":[144],"human-in-the-loop":[146],"approach":[147,321],"amplify":[149],"natural":[151],"intelligence":[152],"analysts.":[155],"Our":[156],"automation":[157],"detects":[158],"interesting":[159],"program":[160,202,241,276,346],"exposes":[163,222],"them":[164],"analysis":[167,189,203,277,347],"Dashboard,":[168],"allowing":[169],"analyst":[171],"brainstorm":[173],"flaw":[174],"hypotheses":[175],"ask":[177],"questions,":[179],"which":[180],"turn":[182],"be":[184],"answered":[185],"automated":[188,235],"primitives.":[190],"The":[191,243],"Toolbox":[193,245,268,310],"built":[195],"on":[196],"top":[197],"Atlas,":[199,297],"platform":[204,348],"made":[205],"EnSoft.":[207],"Atlas":[208,343],"uses":[209,289],"graph-based":[211],"mathematical":[212],"abstraction":[213],"software":[215],"produce":[217],"unified":[219],"property":[220],"multigraph,":[221],"powerful":[224],"API":[225],"writing":[227],"analyzers":[228],"using":[229],"graph":[230],"traversals,":[231],"provides":[233],"both":[234,332],"interactive":[237],"capabilities":[238],"facilitate":[240],"comprehension.":[242],"powered":[248],"FlowMiner,":[250],"mine":[255],"fine-grained,":[256],"compact":[257],"data":[258],"flow":[259],"summaries":[260],"Java":[262],"libraries.":[263],"FlowMiner":[264,350],"allows":[265],"complete":[270],"scalable":[272],"accurate":[274],"partial":[275],"application":[280],"without":[281],"including":[282],"all":[283],"libraries":[286],"Android).\\nThis":[291],"FlowMiner.":[299],"provide":[301],"empirical":[302],"evidence":[303],"effectiveness":[306,341],"detecting":[312],"malware,":[317],"demonstrating":[318],"outperforms":[322],"other":[323],"cutting-edge":[324],"research":[325],"tools":[326],"state-of-the-art":[328],"commercial":[329],"programs":[330],"time":[333],"accuracy":[335],"metrics.":[336],"evaluate":[339],"library":[353],"summary":[354],"tool.":[355]},"counts_by_year":[],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}