TY - JOUR AU - Shabtai, A. AU - Moskovitch, R. AU - Elovici, Y. AU - Glezer, C. PY - 2009 DA - 2009// TI - Detection of malicious code by applying machine learning classifiers on static features: A state-of-the-art survey JO - Information Security Technical Report VL - 14 UR - https://doi.org/10.1016/j.istr.2009.03.003 DO - 10.1016/j.istr.2009.03.003 ID - Shabtai2009 ER - TY - CHAP AU - Griffin, K. AU - Schneider, S. AU - Hu, X. AU - Chiueh, T. PY - 2009 DA - 2009// TI - Automatic generation of string signatures for malware detection BT - 12th International Symposium on Recent Advances in Intrusion Detection PB - Springer CY - Heidelberg UR - https://doi.org/10.1007/978-3-642-04342-0_6 DO - 10.1007/978-3-642-04342-0_6 ID - Griffin2009 ER - TY - CHAP AU - Rieck, K. AU - Holz, T. AU - Düssel, P. AU - Laskov, P. PY - 2008 DA - 2008// TI - Learning and classification of malware behavior BT - Conference on Detection of Intrusions and Malware & Vulnerability Assessment PB - Springer CY - Heidelberg UR - https://doi.org/10.1007/978-3-540-70542-0_6 DO - 10.1007/978-3-540-70542-0_6 ID - Rieck2008 ER - TY - CHAP AU - Bailey, M. AU - Oberheide, J. AU - Andersen, J. AU - Mao, Z. M. AU - Jahanian, F. AU - Nazario, J. PY - 2007 DA - 2007// TI - Automated classification and analysis of Internet malware BT - 12th International Symposium on Recent Advances in Intrusion Detection PB - Springer CY - Heidelberg UR - https://doi.org/10.1007/978-3-540-74320-0_10 DO - 10.1007/978-3-540-74320-0_10 ID - Bailey2007 ER - TY - JOUR AU - Lee, W. AU - Stolfo, S. J. PY - 2000 DA - 2000// TI - A framework for constructing features and models for intrusion detection systems JO - ACM Transactions on Information and System Security VL - 3 UR - https://doi.org/10.1145/382912.382914 DO - 10.1145/382912.382914 ID - Lee2000 ER - TY - JOUR AU - Moskovitch, R. AU - Elovici, Y. AU - Rokach, L. PY - 2008 DA - 2008// TI - Detection of unknown computer worms based on behavioral classification of the host JO - Computational Statistics and Data Analysis VL - 52 UR - https://doi.org/10.1016/j.csda.2008.01.028 DO - 10.1016/j.csda.2008.01.028 ID - Moskovitch2008 ER - TY - JOUR AU - Jacob, G. AU - Debar, H. AU - Filiol, E. PY - 2008 DA - 2008// TI - Behavioral detection of malware: from a survey towards an established taxonomy JO - Journal in Computer Virology VL - 4 UR - https://doi.org/10.1007/s11416-008-0086-0 DO - 10.1007/s11416-008-0086-0 ID - Jacob2008 ER - TY - CHAP AU - Shabtai, A. AU - Potashnik, D. AU - Fledel, Y. AU - Moskovitch, R. AU - Elovici, E. PY - 2010 DA - 2010// TI - Monitoring, analysis and filtering system for purifying network traffic of known and unknown malicious content BT - Security and Communication Networks ID - Shabtai2010 ER - TY - CHAP AU - Moser, A. AU - Kruegel, C. AU - Kirda, E. PY - 2007 DA - 2007// TI - Limits of static analysis for malware detection BT - Annual Computer Security Applications Conference, IEEE Computer Society ID - Moser2007 ER - TY - JOUR AU - Menahem, E. AU - Shabtai, A. AU - Rokach, L. AU - Elovici, Y. PY - 2008 DA - 2008// TI - Improving malware detection by applying multi-inducer ensemble JO - Computational Statistics and Data Analysis VL - 53 UR - https://doi.org/10.1016/j.csda.2008.10.015 DO - 10.1016/j.csda.2008.10.015 ID - Menahem2008 ER - TY - CHAP AU - Moskovitch, R. AU - Feher, C. AU - Tzachar, N. AU - Berger, E. AU - Gitelman, M. AU - Dolev, S. AU - Elovici, Y. PY - 2008 DA - 2008// TI - Unknown malcode detection using OpCode representation BT - European Conference on Intelligence and Security Informatics PB - Springer CY - Heidelberg UR - https://doi.org/10.1007/978-3-540-89900-6_21 DO - 10.1007/978-3-540-89900-6_21 ID - Moskovitch2008 ER - TY - JOUR AU - Moskovitch, R. AU - Stopel, D. AU - Feher, C. AU - Nissim, N. AU - Japkowicz, N. AU - Elovici, Y. PY - 2009 DA - 2009// TI - Unknown malcode detection and the imbalance problem JO - Journal in Computer Virology VL - 5 UR - https://doi.org/10.1007/s11416-009-0122-8 DO - 10.1007/s11416-009-0122-8 ID - Moskovitch2009 ER - TY - CHAP AU - Abou-Assaleh, T. AU - Keselj, V. AU - Sweidan, R. PY - 2004 DA - 2004// TI - N-gram based detection of new malicious code BT - Proc of the 28th Annual International Computer Software and Applications Conference, IEEE Computer Society ID - Abou-Assaleh2004 ER - TY - STD TI - McAfee Study Finds 4% of Search Results MaliciousFrederick Lane 2007. [http://www.newsfactor.com/story.xhtml?story_id=010000CEUEQO] UR - http://www.newsfactor.com/story.xhtml?story_id=010000CEUEQO ID - ref14 ER - TY - CHAP AU - Shin, S. AU - Jung, J. AU - Balakrishnan, H. PY - 2006 DA - 2006// TI - Malware prevalence in the KaZaA file-sharing network BT - Internet Measurement Conference(IMC), ACM Press ID - Shin2006 ER - TY - CHAP AU - Schultz, M. AU - Eskin, E. AU - Zadok, E. AU - Stolfo, S. PY - 2001 DA - 2001// TI - Data mining methods for detection of new malicious executables BT - Proc of the IEEE Symposium on Security and Privacy, IEEE Computer Society ID - Schultz2001 ER - TY - CHAP AU - Kolter, J. Z. AU - Maloof, M. A. PY - 2006 DA - 2006// TI - Learning to detect malicious executables in the wild BT - Proc of the 10th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, ACM Press ID - Kolter2006 ER - TY - JOUR AU - Kolter, J. AU - Maloof, M. PY - 2006 DA - 2006// TI - Learning to detect and classify malicious executables in the wild JO - Journal of Machine Learning Research VL - 7 ID - Kolter2006 ER - TY - JOUR AU - Cai, D. M. AU - Gokhale, M. AU - Theiler, J. PY - 2007 DA - 2007// TI - Comparison of feature selection and classification algorithms in identifying malicious executables JO - Computational Statistics and Data Analysis VL - 51 UR - https://doi.org/10.1016/j.csda.2006.09.005 DO - 10.1016/j.csda.2006.09.005 ID - Cai2007 ER - TY - JOUR AU - Karim, E. AU - Walenstein, A. AU - Lakhotia, A. AU - Parida, L. PY - 2005 DA - 2005// TI - Malware phylogeny generation using permutations of code JO - Journal in Computer Virology VL - 1 UR - https://doi.org/10.1007/s11416-005-0002-9 DO - 10.1007/s11416-005-0002-9 ID - Karim2005 ER - TY - CHAP AU - Siddiqui, M. AU - Wang, M. C. AU - Lee, J. PY - 2008 DA - 2008// TI - Data mining methods for malware detection using instruction sequences BT - Artificial Intelligence and Applications ID - Siddiqui2008 ER - TY - JOUR AU - Bilar, D. PY - 2007 DA - 2007// TI - Opcodes as predictor for malware JO - International Journal Electronic Security and Digital Forensics VL - 1 UR - https://doi.org/10.1504/IJESDF.2007.016865 DO - 10.1504/IJESDF.2007.016865 ID - Bilar2007 ER - TY - CHAP AU - Santos, I. AU - Brezo, F. AU - Nieves, J. AU - Penya, Y. K. AU - Sanz, B. AU - Laorden, C. AU - Bringas, P. G. PY - 2010 DA - 2010// TI - Idea: Opcode-sequence-based malware detection BT - Proc 2nd International Symposium on Engineering Secure Software and Systems UR - https://doi.org/10.1007/978-3-642-11747-3_3 DO - 10.1007/978-3-642-11747-3_3 ID - Santos2010 ER - TY - CHAP AU - Kubat, M. AU - Matwin, S. PY - 1997 DA - 1997// TI - Addressing the curse of imbalanced data sets: one-sided sampling BT - Proc of the 14th International Conference on Machine Learning ID - Kubat1997 ER - TY - JOUR AU - Chawla, N. V. AU - Japkowicz, N. AU - Kotcz, A. PY - 2004 DA - 2004// TI - Editorial: Special issue on learning from imbalanced datasets JO - SIGKDD Explorations Newsletter VL - 6 UR - https://doi.org/10.1145/1007730.1007733 DO - 10.1145/1007730.1007733 ID - Chawla2004 ER - TY - JOUR AU - Japkowicz, N. AU - Stephen, S. PY - 2002 DA - 2002// TI - The class imbalance problem: a systematic study JO - Intelligent Data Analysis Journal VL - 6 ID - Japkowicz2002 ER - TY - JOUR AU - Chawla, N. V. AU - Bowyer, K. W. AU - Kegelmeyer, W. P. PY - 2002 DA - 2002// TI - SMOTE: synthetic minority over-sampling technique JO - Journal of Artificial Intelligence Research (JAIR) VL - 16 ID - Chawla2002 ER - TY - CHAP AU - Lawrence, S. AU - Burns, I. AU - Back, A. D. AU - Tsoi, A. C. AU - Giles, C. L. ED - Orr, G. ED - Muller, K. -. R. ED - Cruana, R. PY - 1998 DA - 1998// TI - Neural network classification and unequal prior class probabilities BT - Tricks of the Trade, Lecture Notes in Computer Science State-of-the-Art Surveys ID - Lawrence1998 ER - TY - CHAP AU - Chen, C. AU - Liaw, A. AU - Breiman, L. PY - 2004 DA - 2004// TI - Using random forest to learn unbalanced data BT - Technical Report 666 PB - Statistics Department CY - University of California at Berkeley ID - Chen2004 ER - TY - CHAP AU - Morik, K. AU - Brockhausen, P. AU - Joachims, T. PY - 1999 DA - 1999// TI - Combining statistical learning with a knowledge-based approach - a case study in intensive care monitoring BT - ICML, Morgan Kaufmann Publishers Inc ID - Morik1999 ER - TY - JOUR AU - Weiss, G. M. AU - Provost, F. PY - 2003 DA - 2003// TI - Learning when training data are costly: the effect of class distribution on tree induction JO - Journal of Artificial Intelligence Research VL - 19 ID - Weiss2003 ER - TY - JOUR AU - Provost, F. AU - Fawcett, T. PY - 2001 DA - 2001// TI - Robust classification systems for imprecise environments JO - Machine Learning VL - 42 UR - https://doi.org/10.1023/A:1007601015854 DO - 10.1023/A:1007601015854 ID - Provost2001 ER - TY - JOUR AU - Kubat, M. AU - Matwin, S. PY - 1998 DA - 1998// TI - Machine learning for the detection of oil spills in satellite radar images JO - Machine Learning VL - 30 UR - https://doi.org/10.1023/A:1007452223027 DO - 10.1023/A:1007452223027 ID - Kubat1998 ER - TY - STD TI - Heavens VX[http://vx.netlux.org] UR - http://vx.netlux.org ID - ref34 ER - TY - CHAP AU - Linn, C. AU - Debray, S. PY - 2003 DA - 2003// TI - Obfuscation of executable code to improve resistance to static disassembly BT - Proc of the 10th ACM conference on Computer and communications security ID - Linn2003 ER - TY - CHAP AU - Dinaburg, A. AU - Royal, P. AU - Sharif, M. I. AU - Lee, W. PY - 2008 DA - 2008// TI - Ether: malware analysis via hardware virtualization extensions BT - ACM Conference on Computer and Communications Security, ACM Press UR - https://doi.org/10.1145/1455770.1455779 DO - 10.1145/1455770.1455779 ID - Dinaburg2008 ER - TY - CHAP AU - Perdisci, R. AU - Lanzi, A. AU - Lee, W. PY - 2008 DA - 2008// TI - McBoost: Boosting scalability in malware collection and analysis using statistical classification of executables BT - Annual Computer Security Applications Conference, IEEE Computer Society ID - Perdisci2008 ER - TY - CHAP AU - Royal, P. AU - Halpin, M. AU - Dagon, D. AU - Edmonds, R. AU - Lee, W. PY - 2006 DA - 2006// TI - PolyUnpack: automating the hidden-code extraction of unpack-executing malware BT - Annual Computer Security Applications Conference ID - Royal2006 ER - TY - JOUR AU - Salton, G. AU - Wong, A. AU - Yang, C. S. PY - 1975 DA - 1975// TI - A vector space model for automatic indexing JO - Communications of the ACM VL - 18 UR - https://doi.org/10.1145/361219.361220 DO - 10.1145/361219.361220 ID - Salton1975 ER - TY - BOOK AU - Mitchell, T. PY - 1997 DA - 1997// TI - Machine Learning ID - Mitchell1997 ER - TY - JOUR AU - Golub, T. AU - Slonim, D. K. AU - Tamayo, P. AU - Huard, C. AU - Gaasenbeek, M. AU - Mesirov, J. P. AU - Coller, H. AU - Loh, M. L. AU - Downing, J. R. AU - Caligiuri, M. A. AU - Bloomfield, C. D. AU - Lander, E. S. PY - 1999 DA - 1999// TI - Molecular classification of cancer: class discovery and class prediction by gene expression monitoring JO - Science VL - 286 UR - https://doi.org/10.1126/science.286.5439.531 DO - 10.1126/science.286.5439.531 ID - Golub1999 ER - TY - CHAP AU - Joachims, T. ED - Scholkopf, B. ED - Burges, C. ED - Smola, A. J. PY - 1999 DA - 1999// TI - Making large-scale support vector machine learning practical BT - Advances in Kernel Methods PB - MIT Press CY - Cambridge, MA ID - Joachims1999 ER - TY - BOOK AU - Neter, J. AU - Kutner, M. H. AU - Nachtsheim, C. J. AU - Wasserman, W. PY - 1996 DA - 1996// TI - Applied Linear Statistical Models ID - Neter1996 ER - TY - CHAP AU - Kam, H. T. PY - 1995 DA - 1995// TI - Random Decision Forest BT - Proc of the 3rd International Conference on Document Analysis and Recognition ID - Kam1995 ER - TY - BOOK AU - Bishop, C. PY - 1995 DA - 1995// TI - Neural Networks for Pattern Recognition PB - Clarendon Press CY - Oxford ID - Bishop1995 ER - TY - BOOK AU - Quinlan, J. R. PY - 1993 DA - 1993// TI - C4.5: Programs for Machine Learning PB - Morgan Kaufmann Publishers, Inc CY - San Francisco, CA, USA ID - Quinlan1993 ER - TY - JOUR AU - Domingos, P. AU - Pazzani, M. PY - 1997 DA - 1997// TI - On the optimality of simple Bayesian classifier under zero-one loss JO - Machine Learning VL - 29 UR - https://doi.org/10.1023/A:1007413511361 DO - 10.1023/A:1007413511361 ID - Domingos1997 ER - TY - CHAP AU - Freund, Y. AU - Schapire, R. E. PY - 1999 DA - 1999// TI - A brief introduction to boosting BT - International Joint Conference on Artificial Intelligence ID - Freund1999 ER - TY - BOOK AU - Witten, I. H. AU - Frank, E. PY - 2005 DA - 2005// TI - Data Mining: Practical Machine Learning Tools and Techniques PB - Morgan Kaufmann Publishers, Inc CY - San Francisco, CA, USA ID - Witten2005 ER -