{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,26]],"date-time":"2026-02-26T00:21:51Z","timestamp":1772065311460,"version":"3.50.1"},"publisher-location":"Cham","reference-count":34,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319663319","type":"print"},{"value":"9783319663326","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-66332-6_9","type":"book-chapter","created":{"date-parts":[[2017,10,11]],"date-time":"2017-10-11T07:58:05Z","timestamp":1507708685000},"page":"192-214","source":"Crossref","is-referenced-by-count":54,"title":["Android Malware Clustering Through Malicious Payload Mining"],"prefix":"10.1007","author":[{"given":"Yuping","family":"Li","sequence":"first","affiliation":[]},{"given":"Jiyong","family":"Jang","sequence":"additional","affiliation":[]},{"given":"Xin","family":"Hu","sequence":"additional","affiliation":[]},{"given":"Xinming","family":"Ou","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,10,12]]},"reference":[{"key":"9_CR1","doi-asserted-by":"crossref","unstructured":"Allix, K., Bissyand\u00e9, T.F., Klein, J., Le Traon, Y.: Androzoo: collecting millions of android apps for the research community. In: Proceedings of the 13th International Conference on Mining Software Repositories, pp. 468\u2013471. ACM (2016)","DOI":"10.1145\/2901739.2903508"},{"key":"9_CR2","first-page":"8","volume":"9","author":"U Bayer","year":"2009","unstructured":"Bayer, U., Comparetti, P.M., Hlauschek, C., Kruegel, C., Kirda, E.: Scalable, behavior-based malware clustering. NDSS 9, 8\u201311 (2009)","journal-title":"NDSS"},{"key":"9_CR3","unstructured":"Broder, A.Z.: On the resemblance and containment of documents. In: Compression and Complexity of Sequences 1997, Proceedings, pp. 21\u201329. IEEE (1997)"},{"key":"9_CR4","doi-asserted-by":"crossref","unstructured":"Chen, K., Liu, P., Zhang, Y.: Achieving accuracy and scalability simultaneously in detecting application clones on android markets. In: Proceedings of the 36th International Conference on Software Engineering, pp. 175\u2013186. ACM (2014)","DOI":"10.1145\/2568225.2568286"},{"key":"9_CR5","unstructured":"Chen, K., Wang, P., Lee, Y., Wang, X., Zhang, N., Huang, H., Zou, W., Liu, P.: Finding unknown malice in 10 seconds: mass vetting for new threats at the Google-play scale. In: USENIX Security Symposium, vol. 15 (2015)"},{"key":"9_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"37","DOI":"10.1007\/978-3-642-33167-1_3","volume-title":"Computer Security \u2013 ESORICS 2012","author":"J Crussell","year":"2012","unstructured":"Crussell, J., Gibler, C., Chen, H.: Attack of the clones: detecting cloned applications on android markets. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 37\u201354. Springer, Heidelberg (2012). doi: 10.1007\/978-3-642-33167-1_3"},{"key":"9_CR7","unstructured":"Dexdump (2015). http:\/\/developer.android.com\/tools\/help\/index.html"},{"key":"9_CR8","doi-asserted-by":"crossref","unstructured":"Egele, M., Brumley, D., Fratantonio, Y., Kruegel, C.: An empirical study of cryptographic misuse in android applications. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 73\u201384. ACM (2013)","DOI":"10.1145\/2508859.2516693"},{"key":"9_CR9","unstructured":"Fowler, G., Noll, L.C., Vo, K.P.: Fnv hash (2015). http:\/\/www.isthe.com\/chongo\/tech\/comp\/fnv\/"},{"key":"9_CR10","doi-asserted-by":"crossref","unstructured":"Grace, M., Zhou, Y., Zhang, Q., Zou, S., Jiang, X.: Riskranker: scalable and accurate zero-day android malware detection. In: Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services, pp. 281\u2013294. ACM (2012)","DOI":"10.1145\/2307636.2307663"},{"key":"9_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1007\/978-3-642-37300-8_4","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"S Hanna","year":"2013","unstructured":"Hanna, S., Huang, L., Wu, E., Li, S., Chen, C., Song, D.: Juxtapp: a scalable system for detecting code reuse among android applications. In: Flegel, U., Markatos, E., Robertson, W. (eds.) DIMVA 2012. LNCS, vol. 7591, pp. 62\u201381. Springer, Heidelberg (2013). doi: 10.1007\/978-3-642-37300-8_4"},{"key":"9_CR12","doi-asserted-by":"crossref","unstructured":"Hu, X., Shin, K.G.: DUET: integration of dynamic and static analyses for malware clustering with cluster ensembles. In: Annual Computer Security Applications Conference (2013)","DOI":"10.1145\/2523649.2523677"},{"key":"9_CR13","unstructured":"Hu, X., Shin, K.G., Bhatkar, S., Griffin, K.: Mutantx-s: scalable malware clustering based on static features. In: USENIX Annual Technical Conference, pp. 187\u2013198 (2013)"},{"key":"9_CR14","doi-asserted-by":"crossref","unstructured":"Jang, J., Brumley, D., Venkataraman, S.: Bitshred: feature hashing malware for scalable triage and semantic analysis. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 309\u2013320. ACM (2011)","DOI":"10.1145\/2046707.2046742"},{"key":"9_CR15","doi-asserted-by":"crossref","unstructured":"Kang, M.G., Poosankam, P., Yin, H.: Renovo: a hidden code extractor for packed executables. In: Proceedings of the 2007 ACM Workshop on Recurring Malcode, pp. 46\u201353. ACM (2007)","DOI":"10.1145\/1314389.1314399"},{"issue":"6","key":"9_CR16","doi-asserted-by":"crossref","first-page":"633","DOI":"10.1016\/0167-8655(96)00028-1","volume":"17","author":"J Kim","year":"1996","unstructured":"Kim, J., Krishnapuram, R., Dav\u00e9, R.: Application of the least trimmed squares technique to prototype-based clustering. Pattern Recognit. Lett. 17(6), 633\u2013641 (1996)","journal-title":"Pattern Recognit. Lett."},{"key":"9_CR17","unstructured":"Korczynski, D.: ClusTheDroid: clustering android malware. Master\u2019s thesis, Royal Holloway University of London (2015)"},{"key":"9_CR18","doi-asserted-by":"crossref","DOI":"10.1017\/CBO9781139924801","volume-title":"Mining of Massive Datasets","author":"J Leskovec","year":"2014","unstructured":"Leskovec, J., Rajaraman, A., Ullman, J.D.: Mining of Massive Datasets. Cambridge University Press, Cambridge (2014)"},{"key":"9_CR19","unstructured":"Li, Y., Sundaramurthy, S.C., Bardas, A.G., Ou, X., Caragea, D., Hu, X., Jang, J.: Experimental study of fuzzy hashing in malware clustering analysis. In: Proceedings of the 8th USENIX Conference on Cyber Security Experimentation and Test, p. 8. USENIX Association (2015)"},{"key":"9_CR20","doi-asserted-by":"crossref","unstructured":"Martignoni, L., Christodorescu, M., Jha, S.: Omniunpack: fast, generic, and safe unpacking of malware. In: Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007), pp. 431\u2013441. IEEE (2007)","DOI":"10.1109\/ACSAC.2007.15"},{"key":"9_CR21","doi-asserted-by":"crossref","unstructured":"Meng, G., Xue, Y., Xu, Z., Liu, Y., Zhang, J., Narayanan, A.: Semantic modelling of android malware for effective malware comprehension, detection, and classification. In: Proceedings of the 25th International Symposium on Software Testing and Analysis, pp. 306\u2013317. ACM (2016)","DOI":"10.1145\/2931037.2931043"},{"issue":"4","key":"9_CR22","doi-asserted-by":"crossref","first-page":"639","DOI":"10.3233\/JCS-2010-0410","volume":"19","author":"K Rieck","year":"2011","unstructured":"Rieck, K., Trinius, P., Willems, C., Holz, T.: Automatic analysis of malware behavior using machine learning. J. Comput. Secur. 19(4), 639\u2013668 (2011)","journal-title":"J. Comput. Secur."},{"key":"9_CR23","unstructured":"Roberts, J.: VirusShare.com (2015). http:\/\/virusshare.com\/"},{"key":"9_CR24","doi-asserted-by":"crossref","unstructured":"Royal, P., Halpin, M., Dagon, D., Edmonds, R., Lee, W.: Polyunpack: automating the hidden-code extraction of unpack-executing malware. In: Proceedings of the 22nd Annual Computer Security Applications Conference, pp. 289\u2013300. IEEE Computer Society (2006)","DOI":"10.1109\/ACSAC.2006.38"},{"key":"9_CR25","doi-asserted-by":"crossref","unstructured":"Samra, A.A.A., Yim, K., Ghanem, O.A.: Analysis of clustering technique in android malware detection. In: 2013 Seventh International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp. 729\u2013733. IEEE (2013)","DOI":"10.1109\/IMIS.2013.111"},{"key":"9_CR26","series-title":"Advances in Intelligent and Soft Computing","doi-asserted-by":"crossref","first-page":"415","DOI":"10.1007\/978-3-642-19934-9_53","volume-title":"International Symposium on Distributed Computing and Artificial Intelligence","author":"I Santos","year":"2011","unstructured":"Santos, I., Nieves, J., Bringas, P.G.: Semi-supervised learning for unknown malware detection. In: Abraham, A., Corchado, M., Gonz\u00e1lez, S.R., De Paz Santana, J.F. (eds.) International Symposium on Distributed Computing and Artificial Intelligence. Advances in Intelligent and Soft Computing, vol. 91, pp. 415\u2013422. Springer, Heidelberg (2011)"},{"key":"9_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"230","DOI":"10.1007\/978-3-319-45719-2_11","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"M Sebasti\u00e1n","year":"2016","unstructured":"Sebasti\u00e1n, M., Rivera, R., Kotzias, P., Caballero, J.: AVclass: a tool for massive malware labeling. In: Monrose, F., Dacier, M., Blanc, G., Garcia-Alfaro, J. (eds.) RAID 2016. LNCS, vol. 9854, pp. 230\u2013253. Springer, Cham (2016). doi: 10.1007\/978-3-319-45719-2_11"},{"key":"9_CR28","unstructured":"Snell, B.: Mobile threat report, what\u2019s on the horizon for 2016 (2016). http:\/\/www.mcafee.com\/us\/resources\/reports\/rp-mobile-threat-report-2016.pdf"},{"key":"9_CR29","unstructured":"Virustotal (2017). https:\/\/www.virustotal.com"},{"key":"9_CR30","doi-asserted-by":"crossref","unstructured":"Ye, Y., Li, T., Chen, Y., Jiang, Q.: Automatic malware categorization using cluster ensemble. In: ACM SIGKDD International Conference on Knowledge Discovery and Data mining (2010)","DOI":"10.1145\/1835804.1835820"},{"key":"9_CR31","doi-asserted-by":"crossref","unstructured":"Zhang, F., Huang, H., Zhu, S., Wu, D., Liu, P.: Viewdroid: towards obfuscation-resilient mobile application repackaging detection. In: Proceedings of the 2014 ACM Conference on Security and Privacy in Wireless & Mobile Networks, pp. 25\u201336. ACM (2014)","DOI":"10.1145\/2627393.2627395"},{"key":"9_CR32","doi-asserted-by":"crossref","unstructured":"Zheng, M., Sun, M., Lui, J.: DroidAnalytics: a signature based analytic system to collect, extract, analyze and associate Android malware. In: 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 163\u2013171. IEEE (2013)","DOI":"10.1109\/TrustCom.2013.25"},{"key":"9_CR33","doi-asserted-by":"crossref","unstructured":"Zhou, W., Zhou, Y., Jiang, X., Ning, P.: Detecting repackaged smartphone applications in third-party Android marketplaces. In: Proceedings of the Second ACM Conference on Data and Application Security and Privacy, pp. 317\u2013326. ACM (2012)","DOI":"10.1145\/2133601.2133640"},{"key":"9_CR34","doi-asserted-by":"crossref","unstructured":"Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: 2012 IEEE Symposium on Security and Privacy (SP), pp. 95\u2013109. IEEE (2012)","DOI":"10.1109\/SP.2012.16"}],"container-title":["Lecture Notes in Computer Science","Research in Attacks, Intrusions, and Defenses"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-66332-6_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,4]],"date-time":"2019-10-04T09:18:10Z","timestamp":1570180690000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-66332-6_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319663319","9783319663326"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-66332-6_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]}}}