{"id":"https://openalex.org/W2073669204","doi":"https://doi.org/10.4304/jnw.8.11.2512-2519","title":"Analyzing Malware Based on Volatile Memory","display_name":"Analyzing Malware Based on Volatile Memory","publication_year":2013,"publication_date":"2013-10-16","ids":{"openalex":"https://openalex.org/W2073669204","doi":"https://doi.org/10.4304/jnw.8.11.2512-2519","mag":"2073669204"},"language":"en","primary_location":{"id":"doi:10.4304/jnw.8.11.2512-2519","is_oa":false,"landing_page_url":"https://doi.org/10.4304/jnw.8.11.2512-2519","pdf_url":null,"source":{"id":"https://openalex.org/S189188848","display_name":"Journal of Networks","issn_l":"1796-2056","issn":["1796-2056"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310318660","host_organization_name":"Academy Publisher","host_organization_lineage":["https://openalex.org/P4310318660"],"host_organization_lineage_names":["Academy Publisher"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Networks","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5109218904","display_name":"Liang Hu","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Liang Hu","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101412609","display_name":"Shinan Song","orcid":"https://orcid.org/0000-0002-8879-8445"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Shinan Song","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5068685047","display_name":"Xiaolu Zhang","orcid":"https://orcid.org/0000-0002-0322-1007"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Xiaolu Zhang","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101904558","display_name":"Zhenzhen Xie","orcid":"https://orcid.org/0000-0002-8907-2064"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zhenzhen Xie","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101798901","display_name":"Xiangyu Meng","orcid":"https://orcid.org/0000-0002-2725-0451"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Xiangyu Meng","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5008349845","display_name":"Kuo Zhao","orcid":"https://orcid.org/0000-0002-7030-0338"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Kuo Zhao","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5109218904"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.9576,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.75752606,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":"8","issue":"11","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9966999888420105,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9836999773979187,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.9340550899505615},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.5316833853721619},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.33711788058280945},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3315761685371399},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.3268003463745117}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.9340550899505615},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.5316833853721619},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.33711788058280945},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3315761685371399},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.3268003463745117}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.4304/jnw.8.11.2512-2519","is_oa":false,"landing_page_url":"https://doi.org/10.4304/jnw.8.11.2512-2519","pdf_url":null,"source":{"id":"https://openalex.org/S189188848","display_name":"Journal of Networks","issn_l":"1796-2056","issn":["1796-2056"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310318660","host_organization_name":"Academy Publisher","host_organization_lineage":["https://openalex.org/P4310318660"],"host_organization_lineage_names":["Academy Publisher"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Networks","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":24,"referenced_works":["https://openalex.org/W19161399","https://openalex.org/W1594972289","https://openalex.org/W1775772884","https://openalex.org/W1916732574","https://openalex.org/W2023981610","https://openalex.org/W2032124837","https://openalex.org/W2040527645","https://openalex.org/W2042454716","https://openalex.org/W2068661019","https://openalex.org/W2102970979","https://openalex.org/W2111038628","https://openalex.org/W2118534519","https://openalex.org/W2127955369","https://openalex.org/W2128213437","https://openalex.org/W2138644293","https://openalex.org/W2144360675","https://openalex.org/W2170418723","https://openalex.org/W2360430568","https://openalex.org/W2364561315","https://openalex.org/W3111526966","https://openalex.org/W3145128584","https://openalex.org/W6600778269","https://openalex.org/W6707375633","https://openalex.org/W7029321148"],"related_works":["https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2097492617","https://openalex.org/W2753240997","https://openalex.org/W1764168690","https://openalex.org/W2537959205","https://openalex.org/W3152891574","https://openalex.org/W4284893819","https://openalex.org/W4316881845","https://openalex.org/W4366249425"],"abstract_inverted_index":{"To":[0],"explain":[1],"the":[2,45,69,125,135],"necessity":[3],"of":[4,47,71,109],"comprehensive":[5,83],"and":[6,19,34,59,76,116,148],"automatically":[7],"analysis":[8,31,84],"process":[9,115,119],"for":[10,24,82,124,159],"volatile":[11,160],"memory,":[12],"this":[13],"paper":[14],"summarized":[15],"ordinarily":[16],"analyzing":[17,51,96],"methods":[18,154],"their":[20],"common":[21],"points":[22],"especially":[23],"concerned":[25],"data":[26,65,73,112],"source.":[27],"Then,":[28],"a":[29,53,88,139],"memory":[30,161],"framework":[32],"Volatiltiy-2.2":[33],"statistical":[35],"output":[36],"file":[37],"size":[38],"are":[39],"recommended.":[40],"In":[41],"addition,":[42],"to":[43,63],"address":[44],"limitation":[46],"plug-ins":[48],"classification":[49],"in":[50,99,134,143],"procedure,":[52],"user":[54],"perspective":[55],"classify":[56],"is":[57,80,97,104,127,150],"necessary":[58],"proposed.":[60],"Furthermore,":[61],"according":[62],"target":[64],"source":[66,113],"differences":[67],"on":[68],"base":[70],"result":[72],"set":[74],"volume":[75],"employed":[77,128],"relational":[78],"method":[79],"introduced":[81],"guideline":[85],"procedure.":[86],"Finally,":[87],"test":[89],"demo":[90],"including":[91],"DLLs":[92],"loading":[93],"order":[94],"list":[95,103],"recommend,":[98],"which":[100,137],"DLL":[101],"load":[102],"regard":[105],"as":[106],"different":[107],"kind":[108],"characteristics":[110],"typical":[111],"with":[114],"convert":[117],"into":[118],"behavior":[120,146],"fingerprint.":[121],"The":[122],"clustering":[123],"fingerprint":[126],"string":[129],"similar":[130],"degree":[131],"algorithm":[132],"model":[133],"demo,":[136],"has":[138],"wide":[140],"range":[141],"applications":[142],"traditional":[144],"malware":[145],"analysis,":[147],"it":[149],"proposed":[151],"that":[152],"these":[153],"also":[155],"can":[156],"be":[157],"applied":[158]},"counts_by_year":[{"year":2016,"cited_by_count":1},{"year":2014,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}