{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,3]],"date-time":"2026-06-03T20:36:23Z","timestamp":1780518983684,"version":"3.54.1"},"publisher-location":"Cham","reference-count":34,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319608754","type":"print"},{"value":"9783319608761","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-60876-1_12","type":"book-chapter","created":{"date-parts":[[2017,6,3]],"date-time":"2017-06-03T08:00:34Z","timestamp":1496476834000},"page":"252-276","source":"Crossref","is-referenced-by-count":264,"title":["Deep Ground Truth Analysis of Current Android Malware"],"prefix":"10.1007","author":[{"given":"Fengguo","family":"Wei","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Yuping","family":"Li","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Sankardas","family":"Roy","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Xinming","family":"Ou","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Wu","family":"Zhou","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2017,6,4]]},"reference":[{"key":"12_CR1","unstructured":"Building Web Apps in WebView. https:\/\/developer.android.com\/guide\/webapps\/webview.html"},{"key":"12_CR2","unstructured":"Contagio Mobile Malware Mini Dump. http:\/\/contagiominidump.blogspot.com\/"},{"key":"12_CR3","unstructured":"Drive-by Download. https:\/\/en.wikipedia.org\/wiki\/Drive-by_download"},{"key":"12_CR4","unstructured":"hexdump. https:\/\/www.freebsd.org\/cgi\/man.cgi?query=hexdump&sektion=1"},{"key":"12_CR5","unstructured":"IDA. https:\/\/www.hex-rays.com\/products\/ida\/index.shtml"},{"key":"12_CR6","unstructured":"VirusShare. https:\/\/virusshare.com\/"},{"key":"12_CR7","unstructured":"VirusTotal. https:\/\/www.virustotal.com\/"},{"key":"12_CR8","unstructured":"IDC: Smartphone OS Market Share 2015, 2014, 2013, and 2012 (2015). http:\/\/www.idc.com\/prodserv\/smartphone-os-market-share.jsp"},{"key":"12_CR9","unstructured":"A Growing Number of Android Malware Families Believed to Have a CommonOrigin: A Study Based on Binary Code (2016). https:\/\/community.fireeye.com\/external\/1438"},{"key":"12_CR10","doi-asserted-by":"crossref","unstructured":"Allix, K., Bissyand, T.F., Klein, J., Le Traon, Y.: AndroZoo: collecting millions of android apps for the research community. In: Proceedings of the Mining Software Repositories (MSR) (2016)","DOI":"10.1145\/2901739.2903508"},{"key":"12_CR11","doi-asserted-by":"crossref","unstructured":"Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K.: Drebin: effective and explainable detection of android malware in your pocket. In: Proceedings of the NDSS (2014)","DOI":"10.14722\/ndss.2014.23247"},{"key":"12_CR12","doi-asserted-by":"crossref","unstructured":"Bianchi, A., Corbetta, J., Invernizzi, L., Fratantonio, Y., Kruegel, C., Vigna, G.: What the app. is that? deception and countermeasures in the android user interface. In: Proceedings of the IEEE S&P (2015)","DOI":"10.1109\/SP.2015.62"},{"key":"12_CR13","unstructured":"Nikita Buchka. Taking root (2015). https:\/\/securelist.com\/blog\/mobile\/71981\/taking-root\/"},{"key":"12_CR14","unstructured":"Buchka, N., Kuzin, M.: Attack on Zygote: a new twist in the evolution of mobile threats (2016). https:\/\/securelist.com\/analysis\/publications\/74032\/attack-on-zygote-a-new-twist-in-the-evolution-of-mobile-threats\/"},{"key":"12_CR15","unstructured":"Chen, K., Wang, P., Lee, Y., Wang, X., Zhang, N., Huang, H., Zou, W., Liu, P.: Finding unknown malice in 10 seconds: mass vetting for new threats at the google-play scale. In: Proceedings of the USENIX Security Symposium, pp. 659\u2013674 (2015)"},{"key":"12_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"142","DOI":"10.1007\/978-3-319-40667-1_8","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"M Hurier","year":"2016","unstructured":"Hurier, M., Allix, K., Bissyand\u00e9, T.F., Klein, J., Le Traon, Y.: On the lack of consensus in anti-virus decisions: metrics and insights on building ground truths of android malware. In: Caballero, J., Zurutuza, U., Rodr\u00edguez, R.J. (eds.) DIMVA 2016. LNCS, vol. 9721, pp. 142\u2013162. Springer, Cham (2016). doi: 10.1007\/978-3-319-40667-1_8"},{"key":"12_CR17","unstructured":"Kessem, L.: Android Malware About to Get Worse: GM Bot Source Code Leaked (2016). https:\/\/securityintelligence.com\/android-malware-about-to-get-worse-gm-bot-source-code-leaked\/"},{"key":"12_CR18","unstructured":"Li, Y., Jang, J., Hu, X., Ou, X.: Android Malware Clustering through Malicious Payload Mining. Technical Report 2017\u20131, Argus Cybersecurity Lab, University of South Florida (2017). http:\/\/www.arguslab.org\/tech_reports\/2017-1"},{"key":"12_CR19","doi-asserted-by":"crossref","unstructured":"Lindorfer, M., Neugschwandtner, M., Weichselbaum, L., Fratantonio, Y., Van Der Veen, V., Platzer, C.: ANDRUBIS - 1,000,000 apps later: a view on current android malware behaviors. In: 2014 Third International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS), pp. 3\u201317. IEEE (2014)","DOI":"10.1109\/BADGERS.2014.7"},{"key":"12_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"144","DOI":"10.1007\/978-3-642-25560-1_10","volume-title":"Information Systems Security","author":"F Maggi","year":"2011","unstructured":"Maggi, F., Bellini, A., Salvaneschi, G., Zanero, S.: Finding non-trivial malware naming inconsistencies. In: Jajodia, S., Mazumdar, C. (eds.) ICISS 2011. LNCS, vol. 7093, pp. 144\u2013159. Springer, Heidelberg (2011). doi: 10.1007\/978-3-642-25560-1_10"},{"key":"12_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"112","DOI":"10.1007\/978-3-319-08509-8_7","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"A Mohaisen","year":"2014","unstructured":"Mohaisen, A., Alrawi, O.: AV-Meter: an evaluation of antivirus scans and labels. In: Dietrich, S. (ed.) DIMVA 2014. LNCS, vol. 8550, pp. 112\u2013131. Springer, Cham (2014). doi: 10.1007\/978-3-319-08509-8_7"},{"key":"12_CR22","unstructured":"Polkovnichenko, A., Koriat, O., Horde, V.: A New Type of Android Malware on Google Play (2016). http:\/\/blog.checkpoint.com\/2016\/05\/09\/viking-horde-a-new-type-of-android-malware-on-google-play\/"},{"key":"12_CR23","doi-asserted-by":"crossref","unstructured":"Rasthofer, S., Arzt, S., Miltenberger, M., Bodden, E.: Harvesting runtime values in android applications that feature anti-analysis techniques. In: Proceedings of the NDSS (2016)","DOI":"10.14722\/ndss.2016.23066"},{"key":"12_CR24","doi-asserted-by":"crossref","unstructured":"Rastogi, V., Shao, R., Chen, Y., Pan, X., Zou, S., Riley, R.: Are these ads safe: detecting hidden attacks through the mobile app-web interfaces. In: Proceedings of the NDSS (2016)","DOI":"10.14722\/ndss.2016.23234"},{"key":"12_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"230","DOI":"10.1007\/978-3-319-45719-2_11","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"M Sebasti\u00e1n","year":"2016","unstructured":"Sebasti\u00e1n, M., Rivera, R., Kotzias, P., Caballero, J.: AVclass: a tool for massive malware labeling. In: Monrose, F., Dacier, M., Blanc, G., Garcia-Alfaro, J. (eds.) RAID 2016. LNCS, vol. 9854, pp. 230\u2013253. Springer, Cham (2016). doi: 10.1007\/978-3-319-45719-2_11"},{"key":"12_CR26","unstructured":"Shatilin, I.: Banking Trojans: mobile\u2019s major cyberthreat. https:\/\/blog.kaspersky.com\/android-banking-trojans\/9897\/"},{"key":"12_CR27","doi-asserted-by":"crossref","unstructured":"Tam, K., Khan, S.J., Fattori, A., Cavallaro, L.: CopperDroid: automatic reconstruction of android malware behaviors. In: Proceedings of the NDSS (2015)","DOI":"10.14722\/ndss.2015.23145"},{"key":"12_CR28","doi-asserted-by":"crossref","unstructured":"Wei, F., Roy, S., Ou, X., Robby: Amandroid: a precise and general inter-component data flow analysis framework for security vetting of android apps. In: Proceedings of the CCS (2014)","DOI":"10.1145\/2660267.2660357"},{"key":"12_CR29","unstructured":"Woods, V., van der Meulen, R.: Gartner Says Emerging Markets Drove Worldwide Smartphone Sales to 15.5 Percent Growth in Third Quarter of 2015 (2015). http:\/\/www.gartner.com\/newsroom\/id\/3169417"},{"key":"12_CR30","unstructured":"Zhang, Y.: Kemoge: Another Mobile Malicious Adware Infecting Over 20 Contries (2015). https:\/\/www.fireeye.com\/blog\/threat-research\/2015\/10\/kemoge_another_mobi.html"},{"key":"12_CR31","unstructured":"Zhou, W., Chen, Z., Su, J., Xie, J., Huang, H.: SlemBunk: An Evolving Android Trojan Family Targeting Users of Worldwide Banking Apps (2015). https:\/\/www.fireeye.com\/blog\/threat-research\/2015\/12\/slembunk_an_evolvin.html"},{"key":"12_CR32","unstructured":"Zhou, W., Deyu, H., Jimmy, S., Yong Kang, R.: The Latest Family of Android Malware Attacking Users in Russia via SMS Phishing (2016). https:\/\/www.fireeye.com\/blog\/threat-research\/2016\/04\/rumms-android-malware.html"},{"key":"12_CR33","unstructured":"Zhou, W., Huang, H., Chen, Z., Xie, J., Su, J.: SlemBunk Part II: Prolonged Attack Chain and Better-Organized Campaign (2016). https:\/\/www.fireeye.com\/blog\/threat-research\/2016\/01\/slembunk-part-two.html"},{"key":"12_CR34","doi-asserted-by":"crossref","unstructured":"Zhou, Y., Jiang, X.: Dissecting android malware: Characterization and evolution. In: Proceedings of the IEEE S&P (2012)","DOI":"10.1109\/SP.2012.16"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-60876-1_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,25]],"date-time":"2019-09-25T11:17:55Z","timestamp":1569410275000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-60876-1_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319608754","9783319608761"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-60876-1_12","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]}}}