{"id":"https://openalex.org/W4313558727","doi":"https://doi.org/10.3390/s23020612","title":"An Insight into the Machine-Learning-Based Fileless Malware Detection","display_name":"An Insight into the Machine-Learning-Based Fileless Malware Detection","publication_year":2023,"publication_date":"2023-01-05","ids":{"openalex":"https://openalex.org/W4313558727","doi":"https://doi.org/10.3390/s23020612","pmid":"https://pubmed.ncbi.nlm.nih.gov/36679406"},"language":"en","primary_location":{"id":"doi:10.3390/s23020612","is_oa":true,"landing_page_url":"https://doi.org/10.3390/s23020612","pdf_url":null,"source":{"id":"https://openalex.org/S101949793","display_name":"Sensors","issn_l":"1424-8220","issn":["1424-8220"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj","pubmed"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.3390/s23020612","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5086301301","display_name":"Osama Khalid","orcid":"https://orcid.org/0000-0001-7979-0620"},"institutions":[{"id":"https://openalex.org/I201384688","display_name":"National University of Computer and Emerging Sciences","ror":"https://ror.org/003eyb898","country_code":"PK","type":"education","lineage":["https://openalex.org/I201384688"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Osama Khalid","raw_affiliation_strings":["FAST School of Computing, National University of Computer and Emerging Sciences (NUCES-FAST), Islamabad 44000, Pakistan"],"raw_orcid":"https://orcid.org/0000-0001-7979-0620","affiliations":[{"raw_affiliation_string":"FAST School of Computing, National University of Computer and Emerging Sciences (NUCES-FAST), Islamabad 44000, Pakistan","institution_ids":["https://openalex.org/I201384688"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5043574243","display_name":"Subhan Ullah","orcid":"https://orcid.org/0000-0002-3925-621X"},"institutions":[{"id":"https://openalex.org/I201384688","display_name":"National University of Computer and Emerging Sciences","ror":"https://ror.org/003eyb898","country_code":"PK","type":"education","lineage":["https://openalex.org/I201384688"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Subhan Ullah","raw_affiliation_strings":["FAST School of Computing, National University of Computer and Emerging Sciences (NUCES-FAST), Islamabad 44000, Pakistan"],"raw_orcid":"https://orcid.org/0000-0002-3925-621X","affiliations":[{"raw_affiliation_string":"FAST School of Computing, National University of Computer and Emerging Sciences (NUCES-FAST), Islamabad 44000, Pakistan","institution_ids":["https://openalex.org/I201384688"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053049014","display_name":"Tahir Ahmad","orcid":null},"institutions":[{"id":"https://openalex.org/I2277624104","display_name":"Fondazione Bruno Kessler","ror":"https://ror.org/01j33xk10","country_code":"IT","type":"facility","lineage":["https://openalex.org/I2277624104"]}],"countries":["IT"],"is_corresponding":true,"raw_author_name":"Tahir Ahmad","raw_affiliation_strings":["Center for Cybersecurity, Brunno Kessler Foundation, 38123 Trento, Italy"],"raw_orcid":"https://orcid.org/0000-0001-8105-6791","affiliations":[{"raw_affiliation_string":"Center for Cybersecurity, Brunno Kessler Foundation, 38123 Trento, Italy","institution_ids":["https://openalex.org/I2277624104"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5087762260","display_name":"Saqib Saeed","orcid":"https://orcid.org/0000-0001-7136-3480"},"institutions":[{"id":"https://openalex.org/I4210143841","display_name":"Saudi Aramco (Saudi Arabia)","ror":"https://ror.org/03ypap427","country_code":"SA","type":"company","lineage":["https://openalex.org/I4210143841"]},{"id":"https://openalex.org/I76571253","display_name":"Imam Abdulrahman Bin Faisal University","ror":"https://ror.org/038cy8j79","country_code":"SA","type":"education","lineage":["https://openalex.org/I76571253"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Saqib Saeed","raw_affiliation_strings":["SAUDI ARAMCO Cybersecurity Chair, Department of Computer Information Systems, College of Computer Science and Information Technology, Imam Abdulrahman Bin Faisal University, P.O. Box 1982, Dammam 31441, Saudi Arabia"],"raw_orcid":"https://orcid.org/0000-0001-7136-3480","affiliations":[{"raw_affiliation_string":"SAUDI ARAMCO Cybersecurity Chair, Department of Computer Information Systems, College of Computer Science and Information Technology, Imam Abdulrahman Bin Faisal University, P.O. Box 1982, Dammam 31441, Saudi Arabia","institution_ids":["https://openalex.org/I4210143841","https://openalex.org/I76571253"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5037791176","display_name":"Dina A. Alabbad","orcid":"https://orcid.org/0000-0001-7624-8924"},"institutions":[{"id":"https://openalex.org/I4210143841","display_name":"Saudi Aramco (Saudi Arabia)","ror":"https://ror.org/03ypap427","country_code":"SA","type":"company","lineage":["https://openalex.org/I4210143841"]},{"id":"https://openalex.org/I76571253","display_name":"Imam Abdulrahman Bin Faisal University","ror":"https://ror.org/038cy8j79","country_code":"SA","type":"education","lineage":["https://openalex.org/I76571253"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Dina A. Alabbad","raw_affiliation_strings":["SAUDI ARAMCO Cybersecurity Chair, Department of Computer Engineering, College of Computer Science and Information Technology, Imam Abdulrahman Bin Faisal University, P.O. Box 1982, Dammam 31441, Saudi Arabia"],"raw_orcid":"https://orcid.org/0000-0001-7624-8924","affiliations":[{"raw_affiliation_string":"SAUDI ARAMCO Cybersecurity Chair, Department of Computer Engineering, College of Computer Science and Information Technology, Imam Abdulrahman Bin Faisal University, P.O. Box 1982, Dammam 31441, Saudi Arabia","institution_ids":["https://openalex.org/I4210143841","https://openalex.org/I76571253"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5013416173","display_name":"Mudassar Aslam","orcid":"https://orcid.org/0000-0003-3223-4234"},"institutions":[{"id":"https://openalex.org/I201384688","display_name":"National University of Computer and Emerging Sciences","ror":"https://ror.org/003eyb898","country_code":"PK","type":"education","lineage":["https://openalex.org/I201384688"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Mudassar Aslam","raw_affiliation_strings":["FAST School of Computing, National University of Computer and Emerging Sciences (NUCES-FAST), Islamabad 44000, Pakistan"],"raw_orcid":"https://orcid.org/0000-0003-3223-4234","affiliations":[{"raw_affiliation_string":"FAST School of Computing, National University of Computer and Emerging Sciences (NUCES-FAST), Islamabad 44000, Pakistan","institution_ids":["https://openalex.org/I201384688"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5014971941","display_name":"Attaullah Buriro","orcid":"https://orcid.org/0000-0003-2723-2410"},"institutions":[{"id":"https://openalex.org/I171543936","display_name":"Free University of Bozen-Bolzano","ror":"https://ror.org/012ajp527","country_code":"IT","type":"education","lineage":["https://openalex.org/I171543936"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Attaullah Buriro","raw_affiliation_strings":["Faculty of Computer Science, Free University Bozen-Bolzano, 39100 Bolzano, Italy"],"raw_orcid":"https://orcid.org/0000-0003-2723-2410","affiliations":[{"raw_affiliation_string":"Faculty of Computer Science, Free University Bozen-Bolzano, 39100 Bolzano, Italy","institution_ids":["https://openalex.org/I171543936"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5046107005","display_name":"Rizwan Ahmad","orcid":"https://orcid.org/0000-0002-4758-7895"},"institutions":[{"id":"https://openalex.org/I929597975","display_name":"National University of Sciences and Technology","ror":"https://ror.org/03w2j5y17","country_code":"PK","type":"education","lineage":["https://openalex.org/I929597975"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Rizwan Ahmad","raw_affiliation_strings":["School of Electrical Engineering and Computer Science, National University of Sciences and Technology (NUST), Islamabad 44000, Pakistan"],"raw_orcid":"https://orcid.org/0000-0002-4758-7895","affiliations":[{"raw_affiliation_string":"School of Electrical Engineering and Computer Science, National University of Sciences and Technology (NUST), Islamabad 44000, Pakistan","institution_ids":["https://openalex.org/I929597975"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":8,"corresponding_author_ids":["https://openalex.org/A5053049014"],"corresponding_institution_ids":["https://openalex.org/I2277624104"],"apc_list":{"value":2400,"currency":"CHF","value_usd":2598},"apc_paid":{"value":2400,"currency":"CHF","value_usd":2598},"fwci":9.4652,"has_fulltext":true,"cited_by_count":51,"citation_normalized_percentile":{"value":0.98749071,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":99,"max":100},"biblio":{"volume":"23","issue":"2","first_page":"612","last_page":"612"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9312678575515747},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7984281778335571},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.7369160652160645},{"id":"https://openalex.org/keywords/random-forest","display_name":"Random forest","score":0.7113488912582397},{"id":"https://openalex.org/keywords/support-vector-machine","display_name":"Support vector machine","score":0.7019443511962891},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6516878604888916},{"id":"https://openalex.org/keywords/decision-tree","display_name":"Decision tree","score":0.6337802410125732},{"id":"https://openalex.org/keywords/gradient-boosting","display_name":"Gradient boosting","score":0.6100075244903564},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.529346764087677},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.39112043380737305},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.22969681024551392}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9312678575515747},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7984281778335571},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.7369160652160645},{"id":"https://openalex.org/C169258074","wikidata":"https://www.wikidata.org/wiki/Q245748","display_name":"Random forest","level":2,"score":0.7113488912582397},{"id":"https://openalex.org/C12267149","wikidata":"https://www.wikidata.org/wiki/Q282453","display_name":"Support vector machine","level":2,"score":0.7019443511962891},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6516878604888916},{"id":"https://openalex.org/C84525736","wikidata":"https://www.wikidata.org/wiki/Q831366","display_name":"Decision tree","level":2,"score":0.6337802410125732},{"id":"https://openalex.org/C70153297","wikidata":"https://www.wikidata.org/wiki/Q5591907","display_name":"Gradient boosting","level":3,"score":0.6100075244903564},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.529346764087677},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.39112043380737305},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.22969681024551392}],"mesh":[{"descriptor_ui":"D000069550","descriptor_name":"Machine Learning","qualifier_ui":null,"qualifier_name":null,"is_major_topic":true},{"descriptor_ui":"D000069550","descriptor_name":"Machine Learning","qualifier_ui":null,"qualifier_name":null,"is_major_topic":true},{"descriptor_ui":"D000069550","descriptor_name":"Machine Learning","qualifier_ui":null,"qualifier_name":null,"is_major_topic":true},{"descriptor_ui":"D000093743","descriptor_name":"Random Forest","qualifier_ui":null,"qualifier_name":null,"is_major_topic":false},{"descriptor_ui":"D000093743","descriptor_name":"Random Forest","qualifier_ui":null,"qualifier_name":null,"is_major_topic":false},{"descriptor_ui":"D000093743","descriptor_name":"Random Forest","qualifier_ui":null,"qualifier_name":null,"is_major_topic":false},{"descriptor_ui":"D000465","descriptor_name":"Algorithms","qualifier_ui":null,"qualifier_name":null,"is_major_topic":true},{"descriptor_ui":"D000465","descriptor_name":"Algorithms","qualifier_ui":null,"qualifier_name":null,"is_major_topic":true},{"descriptor_ui":"D000465","descriptor_name":"Algorithms","qualifier_ui":null,"qualifier_name":null,"is_major_topic":true},{"descriptor_ui":"D016015","descriptor_name":"Logistic Models","qualifier_ui":null,"qualifier_name":null,"is_major_topic":false},{"descriptor_ui":"D016015","descriptor_name":"Logistic Models","qualifier_ui":null,"qualifier_name":null,"is_major_topic":false},{"descriptor_ui":"D016015","descriptor_name":"Logistic Models","qualifier_ui":null,"qualifier_name":null,"is_major_topic":false},{"descriptor_ui":"D060388","descriptor_name":"Support Vector Machine","qualifier_ui":null,"qualifier_name":null,"is_major_topic":false},{"descriptor_ui":"D060388","descriptor_name":"Support Vector Machine","qualifier_ui":null,"qualifier_name":null,"is_major_topic":false},{"descriptor_ui":"D060388","descriptor_name":"Support Vector Machine","qualifier_ui":null,"qualifier_name":null,"is_major_topic":false}],"locations_count":7,"locations":[{"id":"doi:10.3390/s23020612","is_oa":true,"landing_page_url":"https://doi.org/10.3390/s23020612","pdf_url":null,"source":{"id":"https://openalex.org/S101949793","display_name":"Sensors","issn_l":"1424-8220","issn":["1424-8220"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors","raw_type":"journal-article"},{"id":"pmid:36679406","is_oa":false,"landing_page_url":"https://pubmed.ncbi.nlm.nih.gov/36679406","pdf_url":null,"source":{"id":"https://openalex.org/S4306525036","display_name":"PubMed","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1299303238","host_organization_name":"National Institutes of Health","host_organization_lineage":["https://openalex.org/I1299303238"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors (Basel, Switzerland)","raw_type":null},{"id":"pmh:oai:iris.unive.it:10278/5065189","is_oa":true,"landing_page_url":"https://hdl.handle.net/10278/5065189","pdf_url":"https://iris.unive.it/bitstream/10278/5065189/1/sensors-23-00612.pdf","source":{"id":"https://openalex.org/S4306402336","display_name":"ARCA (Universit\u00e0 Ca' Foscari Venezia)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I149461666","host_organization_name":"Ca' Foscari University of Venice","host_organization_lineage":["https://openalex.org/I149461666"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"info:eu-repo/semantics/article"},{"id":"pmh:oai:pubmedcentral.nih.gov:9861630","is_oa":true,"landing_page_url":"https://www.ncbi.nlm.nih.gov/pmc/articles/9861630","pdf_url":"https://pmc.ncbi.nlm.nih.gov/articles/PMC9861630/pdf/sensors-23-00612.pdf","source":{"id":"https://openalex.org/S2764455111","display_name":"PubMed Central","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1299303238","host_organization_name":"National Institutes of Health","host_organization_lineage":["https://openalex.org/I1299303238"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Sensors (Basel)","raw_type":"Text"},{"id":"pmh:oai:doaj.org/article:72e3a887af1045cc9013ba83076e1fea","is_oa":true,"landing_page_url":"https://doaj.org/article/72e3a887af1045cc9013ba83076e1fea","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Sensors, Vol 23, Iss 2, p 612 (2023)","raw_type":"article"},{"id":"pmh:oai:iris.unige.it:11567/1237965","is_oa":false,"landing_page_url":"https://hdl.handle.net/11567/1237965","pdf_url":null,"source":{"id":"https://openalex.org/S4377196291","display_name":"CINECA IRIS Institutial Research Information System (University of Genoa)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I83816512","host_organization_name":"University of Genoa","host_organization_lineage":["https://openalex.org/I83816512"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/article"},{"id":"pmh:oai:mdpi.com:/1424-8220/23/2/612/","is_oa":true,"landing_page_url":"https://dx.doi.org/10.3390/s23020612","pdf_url":null,"source":{"id":"https://openalex.org/S4306400947","display_name":"MDPI (MDPI AG)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210097602","host_organization_name":"Multidisciplinary Digital Publishing Institute (Switzerland)","host_organization_lineage":["https://openalex.org/I4210097602"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Sensors; Volume 23; Issue 2; Pages: 612","raw_type":"Text"}],"best_oa_location":{"id":"doi:10.3390/s23020612","is_oa":true,"landing_page_url":"https://doi.org/10.3390/s23020612","pdf_url":null,"source":{"id":"https://openalex.org/S101949793","display_name":"Sensors","issn_l":"1424-8220","issn":["1424-8220"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Sensors","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.46000000834465027,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":27,"referenced_works":["https://openalex.org/W2270641698","https://openalex.org/W2740279402","https://openalex.org/W2799784398","https://openalex.org/W2951384144","https://openalex.org/W2965893286","https://openalex.org/W2991580804","https://openalex.org/W3008875367","https://openalex.org/W3013804952","https://openalex.org/W3091453511","https://openalex.org/W3115619375","https://openalex.org/W3116329143","https://openalex.org/W3116565206","https://openalex.org/W3117169309","https://openalex.org/W3183826413","https://openalex.org/W3206877124","https://openalex.org/W3213511415","https://openalex.org/W4200569302","https://openalex.org/W4220987924","https://openalex.org/W4221059487","https://openalex.org/W4225293062","https://openalex.org/W4226427748","https://openalex.org/W4307264729","https://openalex.org/W4307570965","https://openalex.org/W4308465325","https://openalex.org/W6693927565","https://openalex.org/W6750762285","https://openalex.org/W6787923900"],"related_works":["https://openalex.org/W2469507153","https://openalex.org/W2768892939","https://openalex.org/W2008790809","https://openalex.org/W4386690025","https://openalex.org/W3164408430","https://openalex.org/W4285507391","https://openalex.org/W2397240470","https://openalex.org/W2602767565","https://openalex.org/W170652726","https://openalex.org/W2883822334"],"abstract_inverted_index":{"In":[0],"recent":[1],"years,":[2],"massive":[3],"development":[4,24],"in":[5],"the":[6,10,41,106,111,117,123,139,146],"malware":[7,14,33,45,100,197],"industry":[8],"changed":[9],"entire":[11],"landscape":[12],"for":[13,98,195],"development.":[15],"Therefore,":[16,63],"cybercriminals":[17],"became":[18],"more":[19],"sophisticated":[20],"by":[21],"advancing":[22],"their":[23],"techniques":[25,68],"from":[26,199],"file-based":[27,32],"to":[28,37,57],"fileless":[29,44,76,99,196],"malware.":[30],"As":[31],"depends":[34],"on":[35,40,92,145],"files":[36],"spread":[38],"itself,":[39],"other":[42,158],"hand,":[43],"does":[46],"not":[47],"require":[48],"a":[49,88,183],"traditional":[50],"file":[51],"system":[52],"and":[53,69,81,113,172,208],"uses":[54],"benign":[55],"processes":[56],"carry":[58],"out":[59],"its":[60,78,82],"malicious":[61,112],"intent.":[62],"it":[64,86],"evades":[65],"conventional":[66],"detection":[67,89],"remains":[70],"stealthy.":[71],"This":[72],"paper":[73],"briefly":[74],"explains":[75],"malware,":[77],"life":[79],"cycle,":[80],"infection":[83],"chain.":[84],"Moreover,":[85],"proposes":[87],"technique":[90],"based":[91,144],"feature":[93],"analysis":[94],"using":[95,122,132],"machine":[96,104,133,159],"learning":[97,134,160],"detection.":[101],"The":[102],"virtual":[103],"acquired":[105],"memory":[107,125],"dumps":[108],"upon":[109],"executing":[110],"non-malicious":[114],"samples.":[115],"Then":[116],"necessary":[118],"features":[119],"are":[120],"extracted":[121],"Volatility":[124],"forensics":[126],"tool,":[127],"which":[128],"is":[129,142],"then":[130],"analyzed":[131],"classification":[135],"algorithms.":[136],"After":[137],"that,":[138],"best":[140],"algorithm":[141],"selected":[143],"k-fold":[147],"cross-validation":[148],"score.":[149],"Experimental":[150],"evaluation":[151],"has":[152],"shown":[153],"that":[154],"Random":[155],"Forest":[156],"outperforms":[157],"classifiers":[161],"(Decision":[162],"Tree,":[163],"Support":[164],"Vector":[165],"Machine,":[166],"Logistic":[167],"Regression,":[168],"K-Nearest":[169],"Neighbor,":[170],"XGBoost,":[171],"Gradient":[173],"Boosting).":[174],"It":[175],"achieved":[176],"an":[177],"overall":[178],"accuracy":[179],"of":[180,188],"93.33%":[181],"with":[182],"True":[184],"Positive":[185,192],"Rate":[186,193],"(TPR)":[187],"87.5%":[189],"at":[190],"zeroFalse":[191],"(FPR)":[194],"collected":[198],"five":[200],"widely":[201],"used":[202],"datasets":[203],"(VirusShare,":[204],"AnyRun,":[205],"PolySwarm,":[206],"HatchingTriage,":[207],"JoESadbox).":[209]},"counts_by_year":[{"year":2026,"cited_by_count":6},{"year":2025,"cited_by_count":24},{"year":2024,"cited_by_count":9},{"year":2023,"cited_by_count":12}],"updated_date":"2026-06-05T09:01:59.212387","created_date":"2025-10-10T00:00:00"}