{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,2]],"date-time":"2026-05-02T12:09:52Z","timestamp":1777723792749,"version":"3.51.4"},"publisher-location":"Cham","reference-count":43,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319569901","type":"print"},{"value":"9783319569918","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,8,23]],"date-time":"2017-08-23T00:00:00Z","timestamp":1503446400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-56991-8_51","type":"book-chapter","created":{"date-parts":[[2017,8,22]],"date-time":"2017-08-22T03:57:16Z","timestamp":1503374236000},"page":"702-724","source":"Crossref","is-referenced-by-count":45,"title":["HADM: Hybrid Analysis for Detection of Malware"],"prefix":"10.1007","author":[{"given":"Lifan","family":"Xu","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dongping","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Nuwan","family":"Jayasena","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"John","family":"Cavazos","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2017,8,23]]},"reference":[{"key":"51_CR1","unstructured":"Mawston, N.: Android captured record 85 percent share of global smartphone shipments in q2 2014. Smartphone report, Strategy Analystics (2014)"},{"issue":"4","key":"51_CR2","doi-asserted-by":"crossref","first-page":"778","DOI":"10.1109\/TASLP.2014.2303296","volume":"22","author":"R Sarikaya","year":"2014","unstructured":"Sarikaya, R., Hinton, G.E., Deoras, A.: Application of deep belief networks for natural language understanding. IEEE\/ACM Trans. Audio Speech Lang. Proces. 22(4), 778\u2013784 (2014)","journal-title":"IEEE\/ACM Trans. Audio Speech Lang. Proces."},{"key":"51_CR3","first-page":"2211","volume":"12","author":"M Gonen","year":"2011","unstructured":"Gonen, M., Alpaydin, E.: Multiple kernel learning algorithms. J. Mach. Learn. Res. 12, 2211\u20132268 (2011)","journal-title":"J. Mach. Learn. Res."},{"key":"51_CR4","unstructured":"IDC. Smartphone OS market share, q1 2015. Technical report (2015)"},{"key":"51_CR5","unstructured":"PulseSecure. 2015 mobile threat report. Technical report (2015)"},{"key":"51_CR6","doi-asserted-by":"crossref","unstructured":"Wu, D., Mao, C., Wei, T., Lee, H., Droidmat, K.: Android malware detection through manifest and API calls tracing. In: Proceedings of the 7th Asia Joint Conference on Information Security (Asia JCIS), pp. 62\u201369, August 2012","DOI":"10.1109\/AsiaJCIS.2012.18"},{"key":"51_CR7","doi-asserted-by":"crossref","unstructured":"Grace, M., Zhou, Y., Zhang, Q., Zou, S., Jiang, X.: Riskranker: scalable and accurate zero-day android malware detection. In: Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services (MobiSys) (2012)","DOI":"10.1145\/2307636.2307663"},{"key":"51_CR8","doi-asserted-by":"crossref","unstructured":"Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K.: Drebin: effective and explainable detection of android malware in your pocket. In: Proceedings of the Network and Distributed System Security Symposium (NDSS) (2014)","DOI":"10.14722\/ndss.2014.23247"},{"key":"51_CR9","doi-asserted-by":"crossref","unstructured":"Zhang, M., Duan, Y., Yin, H., Zhao, Z.: Semantics-aware android malware classification using weighted contextual API dependency graphs. In: Proceedings of the 2014 ACM Conference on Computer and Communications Security (CCS) (2014)","DOI":"10.1145\/2660267.2660359"},{"key":"51_CR10","doi-asserted-by":"crossref","unstructured":"Yang, C., Xu, Z., Gu, G., Yegneswaran, V., Porras, P.: Droidminer: automated mining and characterization of fine-grained malicious behaviors in android applications. In: Computer Security - ESORICS 2014. Lecture Notes in Computer Science (2014)","DOI":"10.1007\/978-3-319-11203-9_10"},{"key":"51_CR11","unstructured":"Enck, W., Gilbert, P., Chun, B., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation (OSDI) (2010)"},{"key":"51_CR12","doi-asserted-by":"crossref","unstructured":"Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM), pp. 15\u201326 (2011)","DOI":"10.1145\/2046614.2046619"},{"key":"51_CR13","unstructured":"Yan, L.K., Yin, H.: Droidscope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic android malware analysis. In: Proceedings of the 21st USENIX Security Symposium (2012)"},{"issue":"1","key":"51_CR14","doi-asserted-by":"crossref","first-page":"161","DOI":"10.1007\/s10844-010-0148-x","volume":"38","author":"A Shabtai","year":"2012","unstructured":"Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y.: Andromaly: a behavioral malware detection framework for android devices. J. Intell. Inf. Syst. 38(1), 161\u2013190 (2012)","journal-title":"J. Intell. Inf. Syst."},{"key":"51_CR15","unstructured":"Reina, A., Fattori, A., Cavallaro, L.: A system call-centric analysis and stimulation technique to automatically reconstruct android malware behaviors. In: Proceedings of the 6th European Workshop on Systems Security (EuroSec) (2013)"},{"key":"51_CR16","doi-asserted-by":"crossref","unstructured":"Tam, S., Khan, J., Fattori, A., Cavallaro, L.: Copperdroid: automatic reconstruction of android malware behaviors. In: Proceedings of the Symposium on Network and Distributed System Security (NDSS) (2015)","DOI":"10.14722\/ndss.2015.23145"},{"key":"51_CR17","doi-asserted-by":"crossref","unstructured":"Dimja\u0161evic, M., Atzeni, S., Ugrina, I., Rakamaric, Z.: Android malware detection based on system calls. Technical report, University of Utah (2015)","DOI":"10.1145\/2875475.2875487"},{"key":"51_CR18","doi-asserted-by":"crossref","unstructured":"Bl\u00e4sing, T., Batyuk, L., Schmidt, A.D., Camtepe, S.A., Albayrak, S.: An android application sandbox system for suspicious software detection. In: Proceedings of the 5th International Conference on Malicious and Unwanted Software (MALCON), pp. 55\u201362, October 2010","DOI":"10.1109\/MALWARE.2010.5665792"},{"key":"51_CR19","doi-asserted-by":"crossref","unstructured":"Zheng, C., Zhu, S., Dai, S., Gu, G., Gong, X., Han, X., Zou, W.: Smartdroid: an automatic system for revealing UI-based trigger conditions in android applications. In: Proceedings of the 2nd ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM), New York, NY, USA, pp. 93\u2013104 (2012)","DOI":"10.1145\/2381934.2381950"},{"key":"51_CR20","doi-asserted-by":"crossref","first-page":"141","DOI":"10.1007\/s10207-014-0250-0","volume":"14","author":"M Spreitzenbarth","year":"2014","unstructured":"Spreitzenbarth, M., Schreck, T., Echtler, F., Arp, D., Hoffmann, J.: Mobile-sandbox: combining static and dynamic analysis with machine-learning techniques. Int. J. Inf. Secur. 14, 141\u2013153 (2014)","journal-title":"Int. J. Inf. Secur."},{"key":"51_CR21","doi-asserted-by":"crossref","unstructured":"Lindorfer, M., Neugschwandtner, M., Weichselbaum, L., Fratantonio, Y., van der Veen, V., Platzer, C.: Andrubis-1,000,000 apps later: a view on current android malware behaviors. In: Proceedings of the the 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS) (2014)","DOI":"10.1109\/BADGERS.2014.7"},{"key":"51_CR22","unstructured":"Weichselbaum, L., Neugschwandtner, M., Lindorfer, M., Fratantonio, Y., van der Veen, V., Platzer, C.: Andrubis: android malware under the magnifying glass. Vienna University of Technology, Techical report, TRISECLAB-0414-001 (2014)"},{"key":"51_CR23","doi-asserted-by":"crossref","unstructured":"Lindorfer, M., Neugschwandtner, M., Platzer, C.: Marvin: efficient and comprehensive mobile app classification through static and dynamic analysis. In: Proceedings of the 39th Annual International Computers, Software and Applications Conference (COMPSAC) (2015)","DOI":"10.1109\/COMPSAC.2015.103"},{"key":"51_CR24","doi-asserted-by":"crossref","unstructured":"Zhao, S., Li, X., Xu, G., Zhang, L., Feng, Z.: Attack tree based android malware detection with hybrid analysis. In: Proceedings of the IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) (2014)","DOI":"10.1109\/TrustCom.2014.49"},{"issue":"1","key":"51_CR25","doi-asserted-by":"crossref","first-page":"99","DOI":"10.1109\/TIFS.2013.2290431","volume":"9","author":"V Rastogi","year":"2014","unstructured":"Rastogi, V., Chen, Y., Jiang, X.: Catch me if you can: evaluating android anti-malware against transformation attacks. IEEE Trans. Inf. Forensics Secur. 9(1), 99\u2013108 (2014)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"51_CR26","doi-asserted-by":"crossref","first-page":"22","DOI":"10.1016\/j.diin.2015.02.001","volume":"13","author":"A Feizollah","year":"2015","unstructured":"Feizollah, A., Anuar, N.B., Salleh, R., Wahab, A.W.A.: A review on feature selection in mobile malware detection. Digital Invest. 13, 22\u201337 (2015)","journal-title":"Digital Invest."},{"key":"51_CR27","doi-asserted-by":"crossref","first-page":"197","DOI":"10.1561\/2000000039","volume":"7","author":"L Deng","year":"2014","unstructured":"Deng, L., Yu, D.: Deep learning: methods and applications. Found. Trends Signal Process. 7, 197\u2013387 (2014)","journal-title":"Found. Trends Signal Process."},{"key":"51_CR28","doi-asserted-by":"crossref","unstructured":"Hinton, G.E.: A practical guide to training restricted Boltzmann machines. In: Neural Networks: Tricks of the Trade. Lecture Notes in Computer Science. Springer, Heidelberg (2012)","DOI":"10.1007\/978-3-642-35289-8_32"},{"key":"51_CR29","unstructured":"Krizhevsky, A., Hinton, G.E.: Using very deep autoencoders for content-based image retrieval. In: Proceedings of the European Symposium on Artificial Neural Networks (ESANN) (2011)"},{"key":"51_CR30","unstructured":"Ranzato, M., Boureau, Y., Cun, Y.L.: Sparse feature learning for deep belief networks. In: Proceedings of the Neural Information Processing Systems (NIPS), pp. 1185\u20131192 (2007)"},{"issue":"6","key":"51_CR31","doi-asserted-by":"crossref","first-page":"1631","DOI":"10.1162\/neco.2008.04-07-510","volume":"20","author":"N Roux Le","year":"2008","unstructured":"Le Roux, N., Bengio, Y.: Representational power of restricted boltzmann machines and deep belief networks. Neural Comput. 20(6), 1631\u20131649 (2008)","journal-title":"Neural Comput."},{"key":"51_CR32","doi-asserted-by":"crossref","unstructured":"Deng, L., Seltzer, M.L., Yu, D., Acero, A., Mohamed, A.R., Hinton, G.E.: Binary coding of speech spectrograms using a deep auto-encoder. In: INTERSPEECH, pp. 1692\u20131695 (2010)","DOI":"10.21437\/Interspeech.2010-487"},{"key":"51_CR33","doi-asserted-by":"crossref","unstructured":"Borgwardt, K.M., Kriegel, H.P.: Shortest-path kernels on graphs. In: Proceedings of the IEEE International Conference on Data Mining (ICDM), pp. 74\u201381 (2005)","DOI":"10.1109\/ICDM.2005.132"},{"key":"51_CR34","unstructured":"Xu, L., Wei, W., Alvarez, M.A., Cavazos, J., Zhang, D.: Parallelization of shortest path graph kernels on multi-core CPUS and GPUS, In: Proceedings of the Programmability Issues for Heterogeneous Multicores (MultiProg), Vienna, Austria (2014)"},{"key":"51_CR35","doi-asserted-by":"crossref","unstructured":"Cristianini, N., Shawe-Taylor, J.: An introduction to support vector machines and other kernel-based learning methods. Cambridge University Press (2000)","DOI":"10.1017\/CBO9780511801389"},{"key":"51_CR36","doi-asserted-by":"crossref","DOI":"10.7551\/mitpress\/4175.001.0001","volume-title":"Learning with Kernels: Support Vector Machines, Regularization, Optimization, and Beyond","author":"B Scholkopf","year":"2001","unstructured":"Scholkopf, B., Smola, A.J.: Learning with Kernels: Support Vector Machines, Regularization, Optimization, and Beyond. MIT Press, Cambridge (2001)"},{"key":"51_CR37","unstructured":"Jain, A., Vishwanathan, S.V.N., Varma, M.: SPG-GMKL: generalized multiple kernel learning with a million kernels. In: Proceedings of the 18th ACM International Conference on Knowledge Discovery and Data Mining (KDD)"},{"key":"51_CR38","unstructured":"Zhou, Y., Wang, Z., Zhou, W., Jiang, X.: Hey, you, get off of my market: detecting malicious apps in official and alternative Android markets. In: Proceedings of the Network and Distributed System Security Symposium (NDSS), February 2012"},{"key":"51_CR39","doi-asserted-by":"crossref","unstructured":"Yuan, Z., Lu, Y., Wang, X., Xue, Y.: Droid-sec: deep learning in android malware detection. In: Proceedings of the ACM conference on SIGCOMM (2014)","DOI":"10.1145\/2619239.2631434"},{"issue":"01","key":"51_CR40","doi-asserted-by":"crossref","first-page":"114","DOI":"10.1109\/TST.2016.7399288","volume":"21","author":"Z Yuan","year":"2016","unstructured":"Yuan, Z., Lu, Y., Xue, Y.: Droiddetector: android malware characterization and detection using deep learning. Tsinghua Sci. Technol. 21(01), 114\u2013123 (2016)","journal-title":"Tsinghua Sci. Technol."},{"key":"51_CR41","doi-asserted-by":"crossref","unstructured":"David, O.E., Netanyahu, N.S.: Deepsign: deep learning for automatic malware signature generation and classification. In: Proceedings of the International Joint Conference on Neural Networks (IJCNN), pp. 1\u20138, July 2015","DOI":"10.1109\/IJCNN.2015.7280815"},{"key":"51_CR42","doi-asserted-by":"crossref","unstructured":"Saxe, J., Berlin, K.: Deep neural network based malware detection using two dimensional binary program features. CoRR, abs\/1508.03096 (2015)","DOI":"10.1109\/MALWARE.2015.7413680"},{"issue":"4","key":"51_CR43","doi-asserted-by":"crossref","first-page":"247","DOI":"10.1007\/s11416-011-0152-x","volume":"7","author":"B Anderson","year":"2011","unstructured":"Anderson, B., Quist, D., Neil, J., Storlie, C., Lane, T.: Graph-based malware detection using dynamic analysis. J. Comput. Virol. 7(4), 247\u2013258 (2011)","journal-title":"J. Comput. Virol."}],"container-title":["Lecture Notes in Networks and Systems","Proceedings of SAI Intelligent Systems Conference (IntelliSys) 2016"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-56991-8_51","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,25]],"date-time":"2025-06-25T00:24:24Z","timestamp":1750811064000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-56991-8_51"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,8,23]]},"ISBN":["9783319569901","9783319569918"],"references-count":43,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-56991-8_51","relation":{},"ISSN":["2367-3370","2367-3389"],"issn-type":[{"value":"2367-3370","type":"print"},{"value":"2367-3389","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017,8,23]]}}}