{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T05:18:21Z","timestamp":1742966301868,"version":"3.40.3"},"publisher-location":"Cham","reference-count":45,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031451362"},{"type":"electronic","value":"9783031451379"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-45137-9_4","type":"book-chapter","created":{"date-parts":[[2023,9,29]],"date-time":"2023-09-29T10:02:39Z","timestamp":1695981759000},"page":"69-97","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Explaining the\u00a0Use of\u00a0Cryptographic API in\u00a0Android Malware"],"prefix":"10.1007","author":[{"given":"Adam","family":"Janovsky","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Davide","family":"Maiorca","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dominik","family":"Macko","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Vashek","family":"Matyas","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Giorgio","family":"Giacinto","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,9,30]]},"reference":[{"key":"4_CR1","doi-asserted-by":"crossref","unstructured":"Allix, K., Bissyand\u00e9, T.F., Klein, J., Le Traon, Y.: AndroZoo: collecting millions of Android apps for the research community. In: Proceedings of MSR \u201916, pp. 468\u2013471. ACM (2016)","DOI":"10.1145\/2901739.2903508"},{"key":"4_CR2","doi-asserted-by":"crossref","unstructured":"Ami, A.S., Cooper, N., Kafle, K., Moran, K., Poshyvanyk, D., Nadkarni, A.: Why Crypto-detectors Fail: A Systematic Evaluation of Cryptographic Misuse Detection Techniques. arXiv:2107.07065 [cs], August 2021","DOI":"10.1109\/SP46214.2022.9833582"},{"key":"4_CR3","unstructured":"Anthony, D., Geoffroy, G.: Androguard (2012). https:\/\/github.com\/androguard\/androguard. Accessed 4 Aug 2019"},{"key":"4_CR4","doi-asserted-by":"crossref","unstructured":"Backes, M., Bugiel, S., Derr, E.: Reliable third-party library detection in android and its security applications. In: Proceedings of CCS \u201916, pp. 356\u2013367. ACM (2016)","DOI":"10.1145\/2976749.2978333"},{"key":"4_CR5","unstructured":"Bauer, V.: Android Arsenal (2014). https:\/\/android-arsenal.com, 5 June 2020"},{"issue":"1","key":"4_CR6","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/BF00630563","volume":"4","author":"E Biham","year":"1991","unstructured":"Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. J. Cryptol. 4(1), 3\u201372 (1991)","journal-title":"J. Cryptol."},{"key":"4_CR7","unstructured":"BusinessOfApps: Android statistics (2022). http:\/\/businessofapps.com\/data\/android-statistics"},{"key":"4_CR8","doi-asserted-by":"crossref","unstructured":"Chatzikonstantinou, A., Ntantogian, C., Karopoulos, G., Xenakis, C.: Evaluation of Cryptography Usage in Android Applications. In: Proceedings of EAI BCT \u201916, pp. 83\u201390. ACM (2016)","DOI":"10.4108\/eai.3-12-2015.2262471"},{"key":"4_CR9","doi-asserted-by":"crossref","unstructured":"Chen, S., Xue, M., Tang, Z., Xu, L., Zhu, H.: Stormdroid: a streaminglized machine learning-based system for detecting android malware. In: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, ASIA CCS 2016, pp. 377\u2013388. ACM, New York (2016)","DOI":"10.1145\/2897845.2897860"},{"key":"4_CR10","unstructured":"Daniel, A., Michael, S., Malte, H., Hugo, G., Rieck, K.: Drebin: efficient and explainable detection of android malware in your pocket. In: Proceedings 2014 Network and Distributed System Security Symposium, pp. 23\u201326. The Internet Society, San Diego (2014)"},{"key":"4_CR11","doi-asserted-by":"crossref","unstructured":"Egele, M., Brumley, D., Fratantonio, Y., Kruegel, C.: An empirical study of cryptographic misuse in android applications. In: Proceedings of CCS\u201913, pp. 73\u201384. ACM (2013)","DOI":"10.1145\/2508859.2516693"},{"key":"4_CR12","doi-asserted-by":"crossref","unstructured":"Fahl, S., Harbach, M., Muders, T., Smith, M., Baumg\u00e4rtner, L., Freisleben, B.: Why eve and mallory love android: An analysis of android SSL (in)security. In: Proceedings of CCS \u201912, pp. 50\u201361. ACM (2012)","DOI":"10.1145\/2382196.2382205"},{"key":"4_CR13","doi-asserted-by":"crossref","unstructured":"Gao, J., Kong, P., Li, L., Bissyande, T.F., Klein, J.: Negative results on mining crypto-API usage rules in android apps. In: Proceedings of MSR \u201919, pp. 388\u2013398. IEEE (2019)","DOI":"10.1109\/MSR.2019.00065"},{"key":"4_CR14","unstructured":"Google: Android Cryptography API Guide (2020). https:\/\/developer.android.com\/guide\/topics\/security\/cryptography. Accessed 4 Mar 2020"},{"key":"4_CR15","unstructured":"Google, i.: Conscrypt - a java security provider (2013). https:\/\/github.com\/google\/conscrypt. Accessed 5 June 2020"},{"key":"4_CR16","doi-asserted-by":"crossref","unstructured":"Hoffmann, J., Rytilahti, T., Maiorca, D., Winandy, M., Giacinto, G., Holz, T.: Evaluating analysis tools for android apps: status quo and robustness against obfuscation. In: Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy, pp. 139\u2013141. Association for Computing Machinery, New York (2016)","DOI":"10.1145\/2857705.2857737"},{"key":"4_CR17","unstructured":"Isode Limited, OpenLDAP Foundation: RFC 4422 - simple authentication and security layer (sasl) (2006). http:\/\/tools.ietf.org\/html\/rfc4422, March 2, 2022"},{"key":"4_CR18","doi-asserted-by":"publisher","unstructured":"Janovsky., A., Maiorca., D., Macko., D., Matyas., V., Giacinto., G.: A longitudinal study of cryptographic api: a decade of android malware. In: Proceedings of the 19th International Conference on Security and Cryptography - SECRYPT, pp. 121\u2013133. INSTICC, SciTePress (2022). https:\/\/doi.org\/10.5220\/0011265300003283","DOI":"10.5220\/0011265300003283"},{"key":"4_CR19","unstructured":"Kr\u00fcger, S., Sp\u00e4th, J., Ali, K., Bodden, E., Mezini, M.: CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs. In: Proceedings of ECOOP 2018, pp. 10:1\u201310:27. LIPIcs, vol. 109, LZI (2018)"},{"issue":"11","key":"4_CR20","doi-asserted-by":"publisher","first-page":"1","DOI":"10.18637\/jss.v036.i11","volume":"36","author":"MB Kursa","year":"2010","unstructured":"Kursa, M.B., Rudnicki, W.R., et al.: Feature selection with the boruta package. J. Stat. Softw. 36(11), 1\u201313 (2010)","journal-title":"J. Stat. Softw."},{"key":"4_CR21","unstructured":"Legion of the Bouncy Castle Inc.: The Legion of the Bouncy Castle (2020). https:\/\/www.bouncycastle.org\/java.html. Accessed 6 Apr 2020"},{"key":"4_CR22","unstructured":"Lundberg, S.M., Lee, S.I.: A unified approach to interpreting model predictions. In: Proceedings of NIPS 2017, pp. 4765\u20134774. Curran Associates, Inc. (2017). http:\/\/papers.nips.cc\/paper\/7062-a-unified-approach-to-interpreting-model-predictions.pdf"},{"key":"4_CR23","doi-asserted-by":"crossref","unstructured":"Ma, S., Lo, D., Li, T., Deng, R.H.: CDRep: automatic repair of cryptographic misuses in android applications. In: Proceedings of ASIACCS 2016, pp. 711\u2013722. ACM, Xi\u2019an, China (2016)","DOI":"10.1145\/2897845.2897896"},{"key":"4_CR24","doi-asserted-by":"crossref","unstructured":"Ma, Z., Wang, H., Guo, Y., Chen, X.: LibRadar: fast and accurate detection of third-party libraries in Android apps. In: Proceedings of ICSE 2016, pp. 653\u2013656. ACM, Austin, Texas (2016)","DOI":"10.1145\/2889160.2889178"},{"key":"4_CR25","doi-asserted-by":"crossref","unstructured":"Maiorca, D., Ariu, D., Corona, I., Aresu, M., Giacinto, G.: Stealth attacks: an extended insight into the obfuscation effects on android malware. Comput. Secur. 51(C), 16\u201331 (2015)","DOI":"10.1016\/j.cose.2015.02.007"},{"key":"4_CR26","doi-asserted-by":"crossref","unstructured":"Maiorca, D., Mercaldo, F., Giacinto, G., Visaggio, C.A., Martinelli, F.: R-PackDroid: API package-based characterization and detection of mobile ransomware. In: Proceedings of SAC 2017, pp. 1718\u20131723. ACM (2017)","DOI":"10.1145\/3019612.3019793"},{"key":"4_CR27","doi-asserted-by":"crossref","unstructured":"McAfee Labs: McAfee labs threats report, august 2019 (2019). http:\/\/mcafee.com\/enterprise\/en-us\/threat-center\/mcafee-labs\/reports.html. 7 March 2022","DOI":"10.1016\/S1361-3723(19)30004-1"},{"key":"4_CR28","doi-asserted-by":"crossref","unstructured":"Melis, M., Maiorca, D., Biggio, B., Giacinto, G., Roli, F.: Explaining black-box android malware detection. In: 26th European Signal Processing Conference. EUSIPCO 2018, pp. 524\u2013528. IEEE, Rome, Italy (2018)","DOI":"10.23919\/EUSIPCO.2018.8553598"},{"issue":"1","key":"4_CR29","doi-asserted-by":"publisher","first-page":"217","DOI":"10.1007\/s13042-021-01393-7","volume":"13","author":"M Melis","year":"2022","unstructured":"Melis, M., Scalas, M., Demontis, A., Maiorca, D., Biggio, B., Giacinto, G., Roli, F.: Do gradient-based explanations tell anything about adversarial robustness to android malware? Int. J. Mach. Learn. Cybern. 13(1), 217\u2013232 (2022). https:\/\/doi.org\/10.1007\/s13042-021-01393-7","journal-title":"Int. J. Mach. Learn. Cybern."},{"key":"4_CR30","unstructured":"Menezes, A.J., Katz, J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied cryptography. CRC Press (1996)"},{"key":"4_CR31","doi-asserted-by":"crossref","unstructured":"Muslukhov, I., Boshmaf, Y., Beznosov, K.: Source attribution of cryptographic API misuse in android applications. In: Proceedings of ASIACCS 2018, pp. 133\u2013146. ACM (2018)","DOI":"10.1145\/3196494.3196538"},{"key":"4_CR32","unstructured":"Oltrogge, M., Huaman, N., Amft, S., Acar, Y., Backes, M., Fahl, S.: Why eve and mallory still love android: Revisiting TLS (In)Security in android applications. In: Proceedings of USENIX \u201921, pp. 4347\u20134364. USENIX (2021)"},{"key":"4_CR33","doi-asserted-by":"crossref","unstructured":"Paletov, R., Tsankov, P., Raychev, V., Vechev, M.: Inferring crypto API rules from code changes. In: Proceedings of PLDI 2018, pp. 450\u2013464. ACM (2018)","DOI":"10.1145\/3296979.3192403"},{"key":"4_CR34","doi-asserted-by":"crossref","unstructured":"Piccolboni, L., Guglielmo, G.D., Carloni, L.P., Sethumadhavan, S.: CRYLOGGER: detecting crypto misuses dynamically. In: Proceedings of IEEE SP 2021, pp. 1972\u20131989. IEEE (2021)","DOI":"10.1109\/SP40001.2021.00010"},{"key":"4_CR35","unstructured":"Platform, J.: Java Cryptography Architecture (JCA) Reference Guide (2017). https:\/\/docs.oracle.com\/javase\/7\/docs\/technotes\/guides\/security\/crypto\/CryptoSpec.html. Accessed 4 Mar 2020"},{"key":"4_CR36","doi-asserted-by":"crossref","unstructured":"Rahaman, S., et al.: CryptoGuard: high precision detection of cryptographic vulnerabilities in massive-sized java projects. In: Proceedings of CCS 2019, pp. 2455\u20132472. ACM (2019)","DOI":"10.1145\/3319535.3345659"},{"key":"4_CR37","doi-asserted-by":"crossref","unstructured":"Salem, A.: Towards accurate labeling of Android apps for reliable malware detection. arXiv preprint arXiv:2007.00464 (2020)","DOI":"10.1145\/3422337.3447849"},{"key":"4_CR38","doi-asserted-by":"crossref","unstructured":"Shapley, L.: A value for n-person games. contributions to the theory of games. Annals of mathematics studies (2) (1953)","DOI":"10.1515\/9781400881970-018"},{"key":"4_CR39","doi-asserted-by":"crossref","unstructured":"Shuai, S., Guowei, D., Tao, G., Tianchang, Y., Chenjie, S.: Modelling analysis and auto-detection of cryptographic misuse in android applications. In: Proceedings of DASC 2014, pp. 75\u201380. IEEE (2014)","DOI":"10.1109\/DASC.2014.22"},{"key":"4_CR40","unstructured":"skylot: Jadx decompiler (2020). https:\/\/github.com\/skylot\/jadx, 15 December 2019"},{"key":"4_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"570","DOI":"10.1007\/978-3-319-63688-7_19","volume-title":"Advances in Cryptology \u2013 CRYPTO 2017","author":"M Stevens","year":"2017","unstructured":"Stevens, M., Bursztein, E., Karpman, P., Albertini, A., Markov, Y.: The first collision for full SHA-1. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10401, pp. 570\u2013596. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-63688-7_19"},{"key":"4_CR42","doi-asserted-by":"crossref","unstructured":"Wang, H., Guo, Y., Ma, Z., Chen, X.: WuKong: a scalable and accurate two-phase approach to Android app clone detection. In: Proceedings of ISSTA 2015, pp. 71\u201382. ACM (2015)","DOI":"10.1145\/2771783.2771795"},{"key":"4_CR43","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/11426639_2","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"X Wang","year":"2005","unstructured":"Wang, X., Yu, H.: How to Break MD5 and other hash functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19\u201335. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11426639_2"},{"key":"4_CR44","doi-asserted-by":"crossref","unstructured":"Zhan, X., et al.: Automated third-party library detection for Android applications: are we there yet? In: Proceedings of ASE 2020, pp. 919\u2013930. ACM, December 2020","DOI":"10.1145\/3324884.3416582"},{"key":"4_CR45","doi-asserted-by":"crossref","unstructured":"Zhang, X., Zhang, Y., Li, J., Hu, Y., Li, H., Gu, D.: Embroidery: patching vulnerable binary code of fragmentized android devices. In: Proceedings of ICSME 2017, pp. 47\u201357. IEEE (2017)","DOI":"10.1109\/ICSME.2017.15"}],"container-title":["Communications in Computer and Information Science","E-Business and Telecommunications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-45137-9_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,9,29]],"date-time":"2023-09-29T10:03:09Z","timestamp":1695981789000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-45137-9_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031451362","9783031451379"],"references-count":45,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-45137-9_4","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"30 September 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SECRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security and Cryptography","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Lisbon","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Portugal","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 July 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 July 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"secrypt2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/secrypt.scitevents.org\/?y=2022","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"PRIMORIS","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"118","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"6","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}