{"id":"https://openalex.org/W4308973957","doi":"https://doi.org/10.3390/computers11110160","title":"Features Engineering for Malware Family Classification Based API Call","display_name":"Features Engineering for Malware Family Classification Based API Call","publication_year":2022,"publication_date":"2022-11-11","ids":{"openalex":"https://openalex.org/W4308973957","doi":"https://doi.org/10.3390/computers11110160"},"language":"en","primary_location":{"id":"doi:10.3390/computers11110160","is_oa":true,"landing_page_url":"https://doi.org/10.3390/computers11110160","pdf_url":"https://www.mdpi.com/2073-431X/11/11/160/pdf?version=1668235043","source":{"id":"https://openalex.org/S4210228075","display_name":"Computers","issn_l":"2073-431X","issn":["2073-431X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computers","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/2073-431X/11/11/160/pdf?version=1668235043","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5026418646","display_name":"Ammar Yahya Daeef","orcid":"https://orcid.org/0000-0003-2180-676X"},"institutions":[{"id":"https://openalex.org/I4210115078","display_name":"Middle Technical University","ror":"https://ror.org/02fvkg758","country_code":"IQ","type":"education","lineage":["https://openalex.org/I4210115078"]}],"countries":["IQ"],"is_corresponding":false,"raw_author_name":"Ammar Yahya Daeef","raw_affiliation_strings":["Technical Institute for Administration, Middle Technical University, Baghdad 10010, Iraq"],"raw_orcid":"https://orcid.org/0000-0003-2180-676X","affiliations":[{"raw_affiliation_string":"Technical Institute for Administration, Middle Technical University, Baghdad 10010, Iraq","institution_ids":["https://openalex.org/I4210115078"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000023371","display_name":"Ali Al\u2010Naji","orcid":"https://orcid.org/0000-0002-8840-9235"},"institutions":[{"id":"https://openalex.org/I170239107","display_name":"University of South Australia","ror":"https://ror.org/01p93h210","country_code":"AU","type":"education","lineage":["https://openalex.org/I170239107"]},{"id":"https://openalex.org/I4210115078","display_name":"Middle Technical University","ror":"https://ror.org/02fvkg758","country_code":"IQ","type":"education","lineage":["https://openalex.org/I4210115078"]}],"countries":["AU","IQ"],"is_corresponding":true,"raw_author_name":"Ali Al-Naji","raw_affiliation_strings":["Electrical Engineering Technical College, Middle Technical University, Baghdad 10022, Iraq","School of Engineering, University of South Australia, Mawson Lakes, SA 5095, Australia"],"raw_orcid":"https://orcid.org/0000-0002-8840-9235","affiliations":[{"raw_affiliation_string":"Electrical Engineering Technical College, Middle Technical University, Baghdad 10022, Iraq","institution_ids":["https://openalex.org/I4210115078"]},{"raw_affiliation_string":"School of Engineering, University of South Australia, Mawson Lakes, SA 5095, Australia","institution_ids":["https://openalex.org/I170239107"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5090327828","display_name":"Javaan Chahl","orcid":"https://orcid.org/0000-0001-6496-0543"},"institutions":[{"id":"https://openalex.org/I170239107","display_name":"University of South Australia","ror":"https://ror.org/01p93h210","country_code":"AU","type":"education","lineage":["https://openalex.org/I170239107"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Javaan Chahl","raw_affiliation_strings":["School of Engineering, University of South Australia, Mawson Lakes, SA 5095, Australia"],"raw_orcid":"https://orcid.org/0000-0001-6496-0543","affiliations":[{"raw_affiliation_string":"School of Engineering, University of South Australia, Mawson Lakes, SA 5095, Australia","institution_ids":["https://openalex.org/I170239107"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5000023371"],"corresponding_institution_ids":["https://openalex.org/I170239107","https://openalex.org/I4210115078"],"apc_list":{"value":1600,"currency":"CHF","value_usd":1732},"apc_paid":{"value":1600,"currency":"CHF","value_usd":1732},"fwci":1.6344,"has_fulltext":true,"cited_by_count":11,"citation_normalized_percentile":{"value":0.83612849,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":97,"max":98},"biblio":{"volume":"11","issue":"11","first_page":"160","last_page":"160"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9954000115394592,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9721999764442444,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8777023553848267},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8226280212402344},{"id":"https://openalex.org/keywords/random-forest","display_name":"Random forest","score":0.7190273404121399},{"id":"https://openalex.org/keywords/jaccard-index","display_name":"Jaccard index","score":0.666450560092926},{"id":"https://openalex.org/keywords/support-vector-machine","display_name":"Support vector machine","score":0.6663519740104675},{"id":"https://openalex.org/keywords/system-call","display_name":"System call","score":0.5816224217414856},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5546162724494934},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5401761531829834},{"id":"https://openalex.org/keywords/benchmark","display_name":"Benchmark (surveying)","score":0.5218747854232788},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.4552657902240753},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.4050007462501526},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.27052146196365356},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.14413318037986755},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.13576874136924744}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8777023553848267},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8226280212402344},{"id":"https://openalex.org/C169258074","wikidata":"https://www.wikidata.org/wiki/Q245748","display_name":"Random forest","level":2,"score":0.7190273404121399},{"id":"https://openalex.org/C203519979","wikidata":"https://www.wikidata.org/wiki/Q865360","display_name":"Jaccard index","level":3,"score":0.666450560092926},{"id":"https://openalex.org/C12267149","wikidata":"https://www.wikidata.org/wiki/Q282453","display_name":"Support vector machine","level":2,"score":0.6663519740104675},{"id":"https://openalex.org/C2778579508","wikidata":"https://www.wikidata.org/wiki/Q722192","display_name":"System call","level":2,"score":0.5816224217414856},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5546162724494934},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5401761531829834},{"id":"https://openalex.org/C185798385","wikidata":"https://www.wikidata.org/wiki/Q1161707","display_name":"Benchmark (surveying)","level":2,"score":0.5218747854232788},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.4552657902240753},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.4050007462501526},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.27052146196365356},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.14413318037986755},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.13576874136924744},{"id":"https://openalex.org/C13280743","wikidata":"https://www.wikidata.org/wiki/Q131089","display_name":"Geodesy","level":1,"score":0.0},{"id":"https://openalex.org/C205649164","wikidata":"https://www.wikidata.org/wiki/Q1071","display_name":"Geography","level":0,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.3390/computers11110160","is_oa":true,"landing_page_url":"https://doi.org/10.3390/computers11110160","pdf_url":"https://www.mdpi.com/2073-431X/11/11/160/pdf?version=1668235043","source":{"id":"https://openalex.org/S4210228075","display_name":"Computers","issn_l":"2073-431X","issn":["2073-431X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computers","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:5225538fe0f046548c28694a040592ff","is_oa":true,"landing_page_url":"https://doaj.org/article/5225538fe0f046548c28694a040592ff","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Computers, Vol 11, Iss 11, p 160 (2022)","raw_type":"article"},{"id":"pmh:oai:urm_publish:9916699030801831","is_oa":true,"landing_page_url":"https://hdl.handle.net/11541.2/31703","pdf_url":null,"source":{"id":"https://openalex.org/S4306402528","display_name":"UniSA Research Outputs Repository (University of South Australia)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I170239107","host_organization_name":"University of South Australia","host_organization_lineage":["https://openalex.org/I170239107"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"text"}],"best_oa_location":{"id":"doi:10.3390/computers11110160","is_oa":true,"landing_page_url":"https://doi.org/10.3390/computers11110160","pdf_url":"https://www.mdpi.com/2073-431X/11/11/160/pdf?version=1668235043","source":{"id":"https://openalex.org/S4210228075","display_name":"Computers","issn_l":"2073-431X","issn":["2073-431X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computers","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4308973957.pdf","grobid_xml":"https://content.openalex.org/works/W4308973957.grobid-xml"},"referenced_works_count":30,"referenced_works":["https://openalex.org/W1966917005","https://openalex.org/W1995416968","https://openalex.org/W2064236037","https://openalex.org/W2307930854","https://openalex.org/W2514847810","https://openalex.org/W2747715470","https://openalex.org/W2776884785","https://openalex.org/W2796394805","https://openalex.org/W2808519772","https://openalex.org/W2889435903","https://openalex.org/W2898457271","https://openalex.org/W2917661079","https://openalex.org/W2939746199","https://openalex.org/W2952766703","https://openalex.org/W2969763191","https://openalex.org/W2990527448","https://openalex.org/W2994101726","https://openalex.org/W3015605314","https://openalex.org/W3045322569","https://openalex.org/W3080279788","https://openalex.org/W3119729076","https://openalex.org/W3127265720","https://openalex.org/W3171309826","https://openalex.org/W4213380630","https://openalex.org/W4226299747","https://openalex.org/W4283662439","https://openalex.org/W4283786836","https://openalex.org/W4288060471","https://openalex.org/W4294383271","https://openalex.org/W6796941835"],"related_works":["https://openalex.org/W4396689146","https://openalex.org/W4200112873","https://openalex.org/W2955796858","https://openalex.org/W2439951656","https://openalex.org/W2004826645","https://openalex.org/W1573526548","https://openalex.org/W4360982091","https://openalex.org/W3176864451","https://openalex.org/W3019631707","https://openalex.org/W2053632570"],"abstract_inverted_index":{"Malware":[0],"is":[1,16,37],"used":[2,92,113],"to":[3,38,46,64,98,125],"carry":[4],"out":[5],"malicious":[6,20],"operations":[7],"on":[8],"networks":[9],"and":[10,61,87,147],"computer":[11],"systems.":[12],"Consequently,":[13],"malware":[14,31,72,128],"classification":[15,44,49],"crucial":[17],"for":[18,29,43],"preventing":[19],"attacks.":[21],"Application":[22],"programming":[23],"interfaces":[24],"(APIs)":[25],"are":[26],"ideal":[27],"candidates":[28],"characterizing":[30],"behavior.":[32],"However,":[33],"the":[34,58,66,136,142],"primary":[35],"challenge":[36],"produce":[39],"API":[40,73,107,121,138],"call":[41,108,122,139],"features":[42,140],"algorithms":[45],"achieve":[47,52],"high":[48],"accuracy.":[50],"To":[51],"this":[53,55,94,115],"aim,":[54],"work":[56],"employed":[57],"Jaccard":[59],"similarity":[60],"visualization":[62],"analysis":[63],"find":[65],"hidden":[67],"patterns":[68],"created":[69],"by":[70],"various":[71],"calls.":[74],"Traditional":[75],"machine":[76,85],"learning":[77],"classifiers,":[78],"i.e.,":[79],"random":[80],"forest":[81],"(RF),":[82],"support":[83],"vector":[84],"(SVM),":[86],"k-nearest":[88],"neighborhood":[89],"(KNN),":[90],"were":[91],"in":[93,114],"research":[95],"as":[96],"alternatives":[97],"existing":[99],"neural":[100],"networks,":[101],"which":[102],"use":[103],"millions":[104],"of":[105,120],"length":[106],"sequences.":[109],"The":[110,130],"benchmark":[111],"dataset":[112],"study":[116],"contains":[117],"7107":[118],"samples":[119],"sequences":[123],"(labeled":[124],"eight":[126],"different":[127],"families).":[129],"results":[131],"showed":[132],"that":[133],"RF":[134],"with":[135],"proposed":[137],"outperformed":[141],"LSTM":[143],"(long":[144],"short-term":[145],"memory)":[146],"gated":[148],"recurrent":[149],"unit":[150],"(GRU)-based":[151],"methods":[152],"against":[153],"overall":[154],"evaluation":[155],"metrics.":[156]},"counts_by_year":[{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":6}],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2022-11-20T00:00:00"}