FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W2072452374> ?p ?o ?g. }

• W2072452374 abstract "The exponential growth of unique malware binary artifacts has led researchers to explore automated techniques for characterizing unknown malware binaries' capabilities. Thus far, automatic malware analysis systems have relied on labeled training data and analyst defined rules to identify malware samples' software features and functional categories. Such approaches require substantial expert analyst effort to maintain, as malware authors change programming languages, APIs, malicious tactics, and operating system targets. In this paper we present preliminary results demonstrating the viability of a new research direction for malware capability identification that addresses these issues, the concept of mining web technical documentation to automatically identify malware capabilities. This approach does not require expert generation of rules or training labels and automatically stays up to date with the latest software engineering trends. We make two contributions aimed at demonstrating the value of this research direction: first, with a corpus of 6 million web technical postings from the programming question and answer website StackOverflow.com, we show that symbols found in a corpus of malicious executable files, such as registry keys, file names, and API call names, also occur frequently in the StackOverflow data, suggesting that applying natural language processing to the StackOverflow posts (and other technical documents) may help us automatically generate characterizations of technical symbols, and, thereby, capabilities, found in malware. Our second contribution is to show that by analyzing function call symbol co-occurrence within StackOverflow posts, as well as the semantic tags associated with these posts, we can create function relationship graphs over the symbols which show promise in helping to identifying malware software capabilities. We argue that these early findings demonstrate the promise of a web technical document based approach to automating malware capability identification." @default.
• W2072452374 created "2016-06-24" @default.
• W2072452374 creator A5018262669 @default.
• W2072452374 creator A5021150426 @default.
• W2072452374 creator A5055990462 @default.
• W2072452374 date "2013-07-01" @default.
• W2072452374 modified "2023-09-25" @default.
• W2072452374 title "Mining Web Technical Discussions to Identify Malware Capabilities" @default.
• W2072452374 cites W1546375476 @default.
• W2072452374 cites W1975241418 @default.
• W2072452374 cites W2130971075 @default.
• W2072452374 cites W2138644293 @default.
• W2072452374 doi "https://doi.org/10.1109/icdcsw.2013.56" @default.
• W2072452374 hasPublicationYear "2013" @default.
• W2072452374 type Work @default.
• W2072452374 sameAs 2072452374 @default.
• W2072452374 citedByCount "5" @default.
• W2072452374 countsByYear W20724523742014 @default.
• W2072452374 countsByYear W20724523742016 @default.
• W2072452374 countsByYear W20724523742018 @default.
• W2072452374 countsByYear W20724523742019 @default.
• W2072452374 crossrefType "proceedings-article" @default.
• W2072452374 hasAuthorship W2072452374A5018262669 @default.
• W2072452374 hasAuthorship W2072452374A5021150426 @default.
• W2072452374 hasAuthorship W2072452374A5055990462 @default.
• W2072452374 hasConcept C116834253 @default.
• W2072452374 hasConcept C136764020 @default.
• W2072452374 hasConcept C14036430 @default.
• W2072452374 hasConcept C160145156 @default.
• W2072452374 hasConcept C199360897 @default.
• W2072452374 hasConcept C23123220 @default.
• W2072452374 hasConcept C2777904410 @default.
• W2072452374 hasConcept C38652104 @default.
• W2072452374 hasConcept C41008148 @default.
• W2072452374 hasConcept C541664917 @default.
• W2072452374 hasConcept C56666940 @default.
• W2072452374 hasConcept C59822182 @default.
• W2072452374 hasConcept C78458016 @default.
• W2072452374 hasConcept C84525096 @default.
• W2072452374 hasConcept C86803240 @default.
• W2072452374 hasConceptScore W2072452374C116834253 @default.
• W2072452374 hasConceptScore W2072452374C136764020 @default.
• W2072452374 hasConceptScore W2072452374C14036430 @default.
• W2072452374 hasConceptScore W2072452374C160145156 @default.
• W2072452374 hasConceptScore W2072452374C199360897 @default.
• W2072452374 hasConceptScore W2072452374C23123220 @default.
• W2072452374 hasConceptScore W2072452374C2777904410 @default.
• W2072452374 hasConceptScore W2072452374C38652104 @default.
• W2072452374 hasConceptScore W2072452374C41008148 @default.
• W2072452374 hasConceptScore W2072452374C541664917 @default.
• W2072452374 hasConceptScore W2072452374C56666940 @default.
• W2072452374 hasConceptScore W2072452374C59822182 @default.
• W2072452374 hasConceptScore W2072452374C78458016 @default.
• W2072452374 hasConceptScore W2072452374C84525096 @default.
• W2072452374 hasConceptScore W2072452374C86803240 @default.
• W2072452374 hasLocation W20724523741 @default.
• W2072452374 hasOpenAccess W2072452374 @default.
• W2072452374 hasPrimaryLocation W20724523741 @default.
• W2072452374 hasRelatedWork W1605436333 @default.
• W2072452374 hasRelatedWork W198162143 @default.
• W2072452374 hasRelatedWork W2148542813 @default.
• W2072452374 hasRelatedWork W2170515552 @default.
• W2072452374 hasRelatedWork W2259219744 @default.
• W2072452374 hasRelatedWork W2292886763 @default.
• W2072452374 hasRelatedWork W2461011405 @default.
• W2072452374 hasRelatedWork W280584339 @default.
• W2072452374 hasRelatedWork W3081416576 @default.
• W2072452374 hasRelatedWork W3139383759 @default.
• W2072452374 isParatext "false" @default.
• W2072452374 isRetracted "false" @default.
• W2072452374 magId "2072452374" @default.
• W2072452374 workType "article" @default.