[1]OrMeir O, Nissim N, Elovici Y, et al. Dynamic Malware analysis in the modern era—A state of the art survey[J]. ACM Computing Surveys, 2019, 52(5): 148[2]AV Test Malware Statistic. Malware statistics & trends report| AVTEST[EBOL]. [20221223]. https:www.avtest.orgenstatisticsmalware[3]曹婉莹, 曹旭栋, 葛平原, 等.中美网络安全漏洞披露与共享政策研究[J]. 信息安全研究, 2023, 9(6): 602608[4]Nataraj L, Karthikeyan S, Jacob G, et al. Malware images:Visualization and automatic classification[C] Proc of the 8th Int Symp on Visualization for Cyber security. New York:ACM,2011: 17[5]Schultz M G, Eskin E, Zadok F, et al. Data mining methods for detection of new malicious executables[C] Proc of the IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2000: 3849[6]Iwamoto K, Wasaki K. Malware classification based on extracted API sequences using static analysis[C] Proc of the 8th Asian Internet Engineering Conf. New York: ACM, 2012: 3138[7]Zhang H, Xiao X, Mercaldo F, et al. Classification of ransomware families with machine learning based on Ngram of opcodes[J]. Future Generation Computer Systems, 2019, 90: 211221[8]Soni H, Kishore P, Mohapatra D P. Opcode and API based machine learning framework for malware classification[C] Proc of the 2nd Int Conf on Intelligent Technologies (CONIT). Piscataway, NJ: IEEE, 2022: 17[9]Anderson B, Quist D, Neil J, et al. Graphbased malware detection using dynamic analysis[J]. Journal in Computer Virology, 2011, 7: 247258[10]Nair V P, Jain H, Golecha Y K, et al. Medusa: Metamorphic malware dynamic analysis usingsignature from API[C] Proc of the 3rd Int Conf on Security of Information and Networks. New York: ACM, 2010: 263269[11]Bayer U, Comparetti P M, Hlauschek C, et al. Scalable, behaviorbased malware clustering[COL] Proc of NDSS. 2009 [20230901]. https:www.ndsssymposium.orgndss2009[12]Bozkir A S, Tahillioglu E, Aydos M, et al. Catch them alive: A malware detection approach through memory forensics, manifold learning and computer vision[J]. Computers & Security, 2021, 103: 102166[13]Otsuki Y, Kawakoya Y, Iwamura M, et al. Building stack traces from memory dump of Windows x64[J]. Digital Investigation, 2018, 24: 101110[14]Uroz D, Rodríguez R J. Characteristics and detectability ofwindows autostart extensibility points in memory forensics[J]. Digital Investigation, 2019, 28: 95104[15]MartínPérez M, Rodríguez R J, Balzarotti D. Preprocessing memory dumps to improve similarity score of windows modules[J]. Computers & Security, 2021, 101: 102119[16]Microsoft Malware Protection Center. Kaggle[J]. arXiv preprint, arXiv:1802.10135, 2014[17]Catak F O, Yaz A F, Elezaj O, et al. Deep learning basedsequential model for malware analysis using windows exe API calls[J]. PeerJ Computer Science, 2020, 6: 285[18]The Volatility Foundation.Volatility2.6[EBOL]. [20221223]. https:www.volatilityfoundation.orgreleases[19]王连海. 基于物理内存分析的在线取证模型与方法的研究[D]. 济南: 山东大学, 2014[20]卢喜东, 段哲民, 钱叶魁, 等. 一种基于深度森林的恶意代码分类方法[J]. 软件学报, 2020, 31(5): 14541464
|