{"id":"https://openalex.org/W2890703206","doi":"https://doi.org/10.3390/info9090231","title":"CryptoKnight: Generating and Modelling Compiled Cryptographic Primitives","display_name":"CryptoKnight: Generating and Modelling Compiled Cryptographic Primitives","publication_year":2018,"publication_date":"2018-09-10","ids":{"openalex":"https://openalex.org/W2890703206","doi":"https://doi.org/10.3390/info9090231","mag":"2890703206"},"language":"en","primary_location":{"id":"doi:10.3390/info9090231","is_oa":true,"landing_page_url":"https://doi.org/10.3390/info9090231","pdf_url":"https://www.mdpi.com/2078-2489/9/9/231/pdf?version=1536573432","source":{"id":"https://openalex.org/S4210219776","display_name":"Information","issn_l":"2078-2489","issn":["2078-2489"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information","raw_type":"journal-article"},"type":"article","indexed_in":["arxiv","crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/2078-2489/9/9/231/pdf?version=1536573432","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5110309008","display_name":"Gregory J. E. Hill","orcid":null},"institutions":[{"id":"https://openalex.org/I98677209","display_name":"University of Edinburgh","ror":"https://ror.org/01nrxwf90","country_code":"GB","type":"education","lineage":["https://openalex.org/I98677209"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Gregory Hill","raw_affiliation_strings":["School of Informatics, The University of Edinburgh, Edinburgh EH8 9YL, UK"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Informatics, The University of Edinburgh, Edinburgh EH8 9YL, UK","institution_ids":["https://openalex.org/I98677209"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5029196733","display_name":"Xavier Bellekens","orcid":"https://orcid.org/0000-0003-1849-5788"},"institutions":[{"id":"https://openalex.org/I877506347","display_name":"Abertay University","ror":"https://ror.org/04mwwnx67","country_code":"GB","type":"education","lineage":["https://openalex.org/I877506347"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Xavier Bellekens","raw_affiliation_strings":["Division of Cyber Security, Abertay University, Dundee DD1 1HG, UK"],"raw_orcid":"https://orcid.org/0000-0003-1849-5788","affiliations":[{"raw_affiliation_string":"Division of Cyber Security, Abertay University, Dundee DD1 1HG, UK","institution_ids":["https://openalex.org/I877506347"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5029196733"],"corresponding_institution_ids":["https://openalex.org/I877506347"],"apc_list":{"value":1400,"currency":"CHF","value_usd":1515},"apc_paid":{"value":1400,"currency":"CHF","value_usd":1515},"fwci":1.9942,"has_fulltext":true,"cited_by_count":19,"citation_normalized_percentile":{"value":0.87610908,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":"9","issue":"9","first_page":"231","last_page":"231"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9872999787330627,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9810000061988831,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8244959712028503},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.5847271680831909},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.5761390924453735},{"id":"https://openalex.org/keywords/cryptographic-primitive","display_name":"Cryptographic primitive","score":0.5656099319458008},{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.5651513338088989},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.5423591136932373},{"id":"https://openalex.org/keywords/obfuscation","display_name":"Obfuscation","score":0.534843385219574},{"id":"https://openalex.org/keywords/trace","display_name":"TRACE (psycholinguistics)","score":0.4937990605831146},{"id":"https://openalex.org/keywords/convolutional-neural-network","display_name":"Convolutional neural network","score":0.4881942868232727},{"id":"https://openalex.org/keywords/reverse-engineering","display_name":"Reverse engineering","score":0.4639856815338135},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3999885618686676},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.3478392958641052},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.32036328315734863},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.22569814324378967},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.20135203003883362},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.17652377486228943},{"id":"https://openalex.org/keywords/cryptographic-protocol","display_name":"Cryptographic protocol","score":0.103718101978302}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8244959712028503},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.5847271680831909},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.5761390924453735},{"id":"https://openalex.org/C15927051","wikidata":"https://www.wikidata.org/wiki/Q246593","display_name":"Cryptographic primitive","level":4,"score":0.5656099319458008},{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.5651513338088989},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.5423591136932373},{"id":"https://openalex.org/C40305131","wikidata":"https://www.wikidata.org/wiki/Q2616305","display_name":"Obfuscation","level":2,"score":0.534843385219574},{"id":"https://openalex.org/C75291252","wikidata":"https://www.wikidata.org/wiki/Q1315756","display_name":"TRACE (psycholinguistics)","level":2,"score":0.4937990605831146},{"id":"https://openalex.org/C81363708","wikidata":"https://www.wikidata.org/wiki/Q17084460","display_name":"Convolutional neural network","level":2,"score":0.4881942868232727},{"id":"https://openalex.org/C207850805","wikidata":"https://www.wikidata.org/wiki/Q269608","display_name":"Reverse engineering","level":2,"score":0.4639856815338135},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3999885618686676},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.3478392958641052},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.32036328315734863},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.22569814324378967},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.20135203003883362},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.17652377486228943},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.103718101978302},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0}],"mesh":[],"locations_count":6,"locations":[{"id":"doi:10.3390/info9090231","is_oa":true,"landing_page_url":"https://doi.org/10.3390/info9090231","pdf_url":"https://www.mdpi.com/2078-2489/9/9/231/pdf?version=1536573432","source":{"id":"https://openalex.org/S4210219776","display_name":"Information","issn_l":"2078-2489","issn":["2078-2489"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information","raw_type":"journal-article"},{"id":"pmh:oai:rke.abertay.ac.uk:openaire_cris_publications/d8d59aa6-64f3-40fc-b89c-dba1d68c0299","is_oa":true,"landing_page_url":"https://rke.abertay.ac.uk/en/publications/d8d59aa6-64f3-40fc-b89c-dba1d68c0299","pdf_url":null,"source":{"id":"https://openalex.org/S4306402526","display_name":"Abertay Research Portal (Abertay University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I877506347","host_organization_name":"Abertay University","host_organization_lineage":["https://openalex.org/I877506347"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":"Hill , G &amp; Bellekens , X 2018 , ' CryptoKnight : generating and modelling compiled cryptographic primitives ' , Information (Switzerland) , vol. 9 , no. 9 . https://doi.org/10.3390/info9090231","raw_type":"article"},{"id":"pmh:oai:strathprints.strath.ac.uk:70629","is_oa":false,"landing_page_url":"https://strathprints.strath.ac.uk/view/author/854955.html>","pdf_url":null,"source":{"id":"https://openalex.org/S4306402226","display_name":"Strathprints: The University of Strathclyde institutional repository (University of Strathclyde)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I181647926","host_organization_name":"University of Strathclyde","host_organization_lineage":["https://openalex.org/I181647926"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":null,"raw_type":"PeerReviewed"},{"id":"pmh:oai:arXiv.org:1708.08725","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1708.08725","pdf_url":"https://arxiv.org/pdf/1708.08725","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"pmh:oai:doaj.org/article:d0dfbc7ceb3a44319c76b2b93b62235d","is_oa":true,"landing_page_url":"https://doaj.org/article/d0dfbc7ceb3a44319c76b2b93b62235d","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Information, Vol 9, Iss 9, p 231 (2018)","raw_type":"article"},{"id":"pmh:oai:mdpi.com:/2078-2489/9/9/231/","is_oa":true,"landing_page_url":"http://dx.doi.org/10.3390/info9090231","pdf_url":null,"source":{"id":"https://openalex.org/S4306400947","display_name":"MDPI (MDPI AG)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210097602","host_organization_name":"Multidisciplinary Digital Publishing Institute (Switzerland)","host_organization_lineage":["https://openalex.org/I4210097602"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Information","raw_type":"Text"}],"best_oa_location":{"id":"doi:10.3390/info9090231","is_oa":true,"landing_page_url":"https://doi.org/10.3390/info9090231","pdf_url":"https://www.mdpi.com/2078-2489/9/9/231/pdf?version=1536573432","source":{"id":"https://openalex.org/S4210219776","display_name":"Information","issn_l":"2078-2489","issn":["2078-2489"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2890703206.pdf","grobid_xml":"https://content.openalex.org/works/W2890703206.grobid-xml"},"referenced_works_count":45,"referenced_works":["https://openalex.org/W1394307","https://openalex.org/W6091113","https://openalex.org/W89505464","https://openalex.org/W126407768","https://openalex.org/W1495061682","https://openalex.org/W1578988526","https://openalex.org/W1621730125","https://openalex.org/W1646038686","https://openalex.org/W1655958391","https://openalex.org/W1674877186","https://openalex.org/W1965817476","https://openalex.org/W2015861736","https://openalex.org/W2031099509","https://openalex.org/W2039433315","https://openalex.org/W2049208027","https://openalex.org/W2060145807","https://openalex.org/W2065995359","https://openalex.org/W2093331366","https://openalex.org/W2094691798","https://openalex.org/W2096118443","https://openalex.org/W2096915403","https://openalex.org/W2097998348","https://openalex.org/W2115351238","https://openalex.org/W2119359024","https://openalex.org/W2120615054","https://openalex.org/W2132874238","https://openalex.org/W2170738476","https://openalex.org/W2180074456","https://openalex.org/W2314121694","https://openalex.org/W2498690138","https://openalex.org/W2508613954","https://openalex.org/W2513529237","https://openalex.org/W2576897537","https://openalex.org/W2591476802","https://openalex.org/W2591712613","https://openalex.org/W2670925489","https://openalex.org/W2802988977","https://openalex.org/W2919115771","https://openalex.org/W3098631962","https://openalex.org/W3100857292","https://openalex.org/W3104092367","https://openalex.org/W4239813889","https://openalex.org/W4293168393","https://openalex.org/W6606918967","https://openalex.org/W6674385629"],"related_works":["https://openalex.org/W2913519194","https://openalex.org/W2007287520","https://openalex.org/W4362634109","https://openalex.org/W4245435048","https://openalex.org/W2806976167","https://openalex.org/W2055981842","https://openalex.org/W4388820743","https://openalex.org/W2793135307","https://openalex.org/W2112192942","https://openalex.org/W3134235726"],"abstract_inverted_index":{"Cryptovirological":[0],"augmentations":[1],"present":[2],"an":[3,153],"immediate,":[4],"incomparable":[5],"threat.":[6],"Over":[7],"the":[8,11,31,68,106,126,184,193],"last":[9],"decade,":[10],"substantial":[12],"proliferation":[13],"of":[14,70,110,129,156],"crypto-ransomware":[15,198],"has":[16,33],"had":[17],"widespread":[18],"consequences":[19],"for":[20,67,125],"consumers":[21],"and":[22,49,108,113,161,190],"organisations":[23],"alike.":[24],"Established":[25],"preventive":[26],"measures":[27],"perform":[28],"well,":[29],"however,":[30],"problem":[32],"not":[34],"ceased.":[35],"Reverse":[36],"engineering":[37],"potentially":[38],"malicious":[39],"software":[40],"is":[41,89,133],"a":[42,64,83,101,123,145,196],"cumbersome":[43],"task":[44],"due":[45],"to":[46,92,114,143,163,182],"platform":[47],"eccentricities":[48],"obfuscated":[50],"transmutation":[51],"mechanisms,":[52],"hence":[53],"requiring":[54],"smarter,":[55],"more":[56],"efficient":[57],"detection":[58],"strategies.":[59],"The":[60,80,149],"following":[61],"manuscript":[62],"presents":[63],"novel":[65],"approach":[66],"classification":[69],"cryptographic":[71,131],"primitives":[72,137],"in":[73,195],"compiled":[74],"binary":[75],"executables":[76],"using":[77,135],"deep":[78],"learning.":[79],"model":[81,118],"blueprint,":[82],"Dynamic":[84],"Convolutional":[85],"Neural":[86],"Network":[87],"(DCNN),":[88],"fittingly":[90],"configured":[91],"learn":[93],"from":[94,100,138],"variable-length":[95],"control":[96],"flow":[97],"diagnostics":[98],"output":[99],"dynamic":[102],"trace.":[103],"To":[104],"rival":[105],"size":[107],"variability":[109],"equivalent":[111],"datasets,":[112],"adequately":[115],"train":[116],"our":[117],"without":[119],"risking":[120],"adverse":[121],"exposure,":[122],"methodology":[124],"procedural":[127],"generation":[128],"synthetic":[130],"binaries":[132],"defined,":[134],"core":[136,172],"OpenSSL":[139],"with":[140,187],"multivariate":[141],"obfuscation,":[142],"draw":[144],"vastly":[146],"scalable":[147],"distribution.":[148],"library,":[150],"CryptoKnight,":[151],"rendered":[152],"algorithmic":[154],"pool":[155,186],"AES,":[157],"RC4,":[158],"Blowfish,":[159],"MD5":[160],"RSA":[162],"synthesise":[164],"combinable":[165],"variants":[166],"which":[167],"automatically":[168],"fed":[169],"into":[170],"its":[171],"model.":[173],"Converging":[174],"at":[175],"96%":[176],"accuracy,":[177],"CryptoKnight":[178],"was":[179],"successfully":[180],"able":[181],"classify":[183],"sample":[185],"minimal":[188],"loss":[189],"correctly":[191],"identified":[192],"algorithm":[194],"real-world":[197],"application.":[199]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":3},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":3},{"year":2020,"cited_by_count":7},{"year":2019,"cited_by_count":2}],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2018-09-27T00:00:00"}