{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,15]],"date-time":"2026-04-15T23:07:43Z","timestamp":1776294463618,"version":"3.50.1"},"publisher-location":"Cham","reference-count":28,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783032168078","type":"print"},{"value":"9783032168085","type":"electronic"}],"license":[{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-3-032-16808-5_27","type":"book-chapter","created":{"date-parts":[[2026,4,15]],"date-time":"2026-04-15T22:15:43Z","timestamp":1776291343000},"page":"329-342","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["KG-AndroidDefender: Knowledge Graph Embedding for Explainable Malware Family Classification"],"prefix":"10.1007","author":[{"given":"Chen","family":"Yi","sequence":"first","affiliation":[]},{"given":"Junping","family":"Zhou","sequence":"additional","affiliation":[]},{"given":"Fangbing","family":"Yue","sequence":"additional","affiliation":[]},{"given":"Guoai","family":"Xu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2026,4,1]]},"reference":[{"key":"27_CR1","unstructured":"Statista: Number of internet users worldwide from 2005 to 2024 (2024). https:\/\/www.statista.com\/statistics\/273018\/number-of-internet-users-worldwide\/. Accessed 16 Jan 2025"},{"key":"27_CR2","unstructured":"Statista: Mobile operating system market share worldwide (2024). https:\/\/www.statista.com\/statistics\/272308\/global-market-share-held-by-smartphone-operating-systems\/. Accessed 12 Jan 2025"},{"key":"27_CR3","unstructured":"Intelligence, G.: The mobile economy 2023 (2023). https:\/\/www.gsma.com\/r\/mobileeconomy\/. Accessed 19 Jan 2025"},{"key":"27_CR4","unstructured":"Verizon: 2023 data breach investigations report (dbir) (2023). https:\/\/www.verizon.com\/business\/resources\/reports\/dbir\/. Accessed 07 Feb 2025"},{"key":"27_CR5","unstructured":"Point, C.: Mobile security report 2023 (2023). https:\/\/www.checkpoint.com\/cyber-security-threats\/. Accessed 07 Jan 2025"},{"key":"27_CR6","unstructured":"Micro, T.: Android malware report 2023 (2023). https:\/\/www.trendmicro.com\/en_us\/research\/2023\/06\/android-malware-risks.html. Accessed 22 Jan 2025"},{"key":"27_CR7","unstructured":"Google: Google play security report 2023 (2023). https:\/\/play.google.com\/console\/. Accessed 30 Jan 2025"},{"key":"27_CR8","unstructured":"Symantec: 2022 cybersecurity threat report (2022), https:\/\/www.broadcom.com\/company\/newsroom\/press-releases?filtr=Cybersecurity. Accessed 10 Jan 2025"},{"key":"27_CR9","doi-asserted-by":"publisher","unstructured":"Zheng, M., Sun, M., Lui, J.C.S.: DroidAnalytics: a signature based analytic system to collect, extract, analyze and associate android malware (2013). https:\/\/doi.org\/10.48550\/arXiv.1302.7212","DOI":"10.48550\/arXiv.1302.7212"},{"key":"27_CR10","doi-asserted-by":"publisher","unstructured":"Faruki, P., Ganmoor, V., Laxmi, V., Gaur, M.S., Bharmal, A.: AndroSimilar: robust statistical feature signature for android malware detection. In: Proceedings of the 6th International Conference on Security of Information and Networks, pp. 152\u2013159 (2013). https:\/\/doi.org\/10.1145\/2523514.2523539","DOI":"10.1145\/2523514.2523539"},{"key":"27_CR11","doi-asserted-by":"publisher","unstructured":"Feng, Y., Anand, S., Dillig, I., Aiken, A.: Apposcopy: semantics-based detection of android malware through static analysis. In: Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering, pp. 576\u2013587 (2014). https:\/\/doi.org\/10.1145\/2635868.2635869","DOI":"10.1145\/2635868.2635869"},{"issue":"1","key":"27_CR12","doi-asserted-by":"publisher","first-page":"83","DOI":"10.1109\/TDSC.2016.2536605","volume":"15","author":"A Saracino","year":"2018","unstructured":"Saracino, A., Sgandurra, D., Dini, G., Martinelli, F.: MADAM: effective and efficient behavior-based android malware detection and prevention. IEEE Trans. Dependable Secure Comput. 15(1), 83\u201397 (2018). https:\/\/doi.org\/10.1109\/TDSC.2016.2536605","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"27_CR13","doi-asserted-by":"publisher","unstructured":"Carter, P., Mulliner, C., Lindorfer, M., Robertson, W., Kirda, E.: CuriousDroid: automated user interface interaction for android application analysis sandboxes. In: Grossklags, J., Preneel, B. (eds.) Financial Cryptography and Data Security, pp. 231\u2013249. Springer, Heidelberg (2017). https:\/\/doi.org\/10.1007\/978-3-662-54970-4_12","DOI":"10.1007\/978-3-662-54970-4_12"},{"issue":"5","key":"27_CR14","doi-asserted-by":"publisher","first-page":"1103","DOI":"10.1109\/TIFS.2016.2646641","volume":"12","author":"M Sun","year":"2016","unstructured":"Sun, M., Li, X., Lui, J.C., Ma, R.T., Liang, Z.: Monet: a user-oriented behavior-based malware variants detection system for android. IEEE Trans. Inf. Forensics Secur. 12(5), 1103\u20131112 (2016)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"27_CR15","doi-asserted-by":"publisher","unstructured":"Wu, W.C., Hung, S.H.: DroidDolphin: a dynamic android malware detection framework using big data and machine learning. In: Proceedings of the 2014 Conference on Research in Adaptive and Convergent Systems, pp. 247\u2013252 (2014). https:\/\/doi.org\/10.1145\/2663761.2664223","DOI":"10.1145\/2663761.2664223"},{"key":"27_CR16","doi-asserted-by":"publisher","unstructured":"Wu, D.J., Mao, C.H., Wei, T.E., Lee, H.M., Wu, K.P.: DroidMat: Android Malware Detection through Manifest and API Calls Tracing. In: 2012 Seventh Asia Joint Conference on Information Security. pp. 62\u201369 (2012). https:\/\/doi.org\/10.1109\/AsiaJCIS.2012.18","DOI":"10.1109\/AsiaJCIS.2012.18"},{"key":"27_CR17","doi-asserted-by":"publisher","unstructured":"Hou, S., Ye, Y., Song, Y., Abdulhayoglu, M.: HinDroid: an intelligent android malware detection system based on structured heterogeneous information network. In: Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1507\u20131515 (2017). https:\/\/doi.org\/10.1145\/3097983.3098026","DOI":"10.1145\/3097983.3098026"},{"key":"27_CR18","doi-asserted-by":"publisher","unstructured":"Sebasti\u00e1n, M., Rivera, R., Kotzias, P., Caballero, J.: AVclass: a tool for massive malware labeling. In: Monrose, F., Dacier, M., Blanc, G., Garcia-Alfaro, J. (eds.) Research in Attacks, Intrusions, and Defenses, pp. 230\u2013253 (2016). https:\/\/doi.org\/10.1007\/978-3-319-45719-2_11","DOI":"10.1007\/978-3-319-45719-2_11"},{"key":"27_CR19","doi-asserted-by":"publisher","unstructured":"Hurier, M., et al.: euphony: harmonious unification of cacophonous anti-virus vendor labels for android malware. In: 2017 IEEE\/ACM 14th International Conference on Mining Software Repositories (MSR), pp. 425\u2013435 (2017). https:\/\/doi.org\/10.1109\/MSR.2017.57","DOI":"10.1109\/MSR.2017.57"},{"key":"27_CR20","doi-asserted-by":"publisher","unstructured":"Zhang, M., Duan, Y., Yin, H., Zhao, Z.: Semantics-aware android malware classification using weighted contextual API dependency graphs. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 1105\u20131116 (2014). https:\/\/doi.org\/10.1145\/2660267.2660359","DOI":"10.1145\/2660267.2660359"},{"issue":"4","key":"27_CR21","doi-asserted-by":"publisher","first-page":"1104","DOI":"10.1016\/j.eswa.2013.07.106","volume":"41","author":"G Suarez-Tangil","year":"2014","unstructured":"Suarez-Tangil, G., Tapiador, J.E., Peris-Lopez, P., Blasco, J.: Dendroid: a text mining approach to analyzing and classifying code structures in android malware families. Expert Syst. Appl. 41(4), 1104\u20131117 (2014). https:\/\/doi.org\/10.1016\/j.eswa.2013.07.106","journal-title":"Expert Syst. Appl."},{"key":"27_CR22","doi-asserted-by":"publisher","first-page":"266","DOI":"10.1016\/j.compeleceng.2017.02.013","volume":"61","author":"N Milosevic","year":"2017","unstructured":"Milosevic, N., Dehghantanha, A., Choo, K.K.R.: Machine learning aided Android malware classification. Comput. Electr. Eng. 61, 266\u2013274 (2017). https:\/\/doi.org\/10.1016\/j.compeleceng.2017.02.013","journal-title":"Comput. Electr. Eng."},{"key":"27_CR23","unstructured":"AndroVault: Constructing Knowledge Graph from Millions of Android Apps for Automated Analysis"},{"key":"27_CR24","doi-asserted-by":"publisher","unstructured":"Ma, D., Bai, Y., Xing, Z., Sun, L., Li, X.: A knowledge graph-based sensitive feature selection for android malware classification. In: 2020 27th Asia-Pacific Software Engineering Conference (APSEC), pp. 188\u2013197 (2020). https:\/\/doi.org\/10.1109\/APSEC51365.2020.00027","DOI":"10.1109\/APSEC51365.2020.00027"},{"issue":"9","key":"27_CR25","doi-asserted-by":"publisher","DOI":"10.1007\/s11432-021-3414-7","volume":"66","author":"Y Bai","year":"2023","unstructured":"Bai, Y., Chen, S., Xing, Z., Li, X.: ArgusDroid: detecting android malware variants by mining permission-API knowledge graph. Sci. China Inf. Sci. 66(9), 192101 (2023). https:\/\/doi.org\/10.1007\/s11432-021-3414-7","journal-title":"Sci. China Inf. Sci."},{"key":"27_CR26","unstructured":"Neo4j, I.: Neo4j the world\u2019s leading graph database (2025). https:\/\/neo4j.com\/. Accessed 09 Feb 2025"},{"key":"27_CR27","doi-asserted-by":"publisher","unstructured":"Zhang, X., et al.: Enhancing State-of-the-art classifiers with API semantics to detect evolved android malware. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, pp. 757\u2013770 (2020). https:\/\/doi.org\/10.1145\/3372297.3417291","DOI":"10.1145\/3372297.3417291"},{"key":"27_CR28","unstructured":"Zhu, S., et al.: Measuring and modeling the label dynamics of online anti-malware engines. In: Proceedings of the 29th USENIX Conference on Security Symposium, SEC\u201920. USENIX Association (2020)"}],"container-title":["Communications in Computer and Information Science","Information and Software Technologies"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-16808-5_27","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,15]],"date-time":"2026-04-15T22:15:45Z","timestamp":1776291345000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-16808-5_27"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026]]},"ISBN":["9783032168078","9783032168085"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-16808-5_27","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"value":"1865-0929","type":"print"},{"value":"1865-0937","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026]]},"assertion":[{"value":"1 April 2026","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"We declare that we have no conflict of interest.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Disclosure of Interests"}},{"value":"ICIST","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information and Software Technologies","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Kaunas","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Lithuania","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 October 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17 October 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"31","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icist2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/icist.ktu.edu\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}