{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,13]],"date-time":"2025-09-13T16:40:48Z","timestamp":1757781648298,"version":"3.40.3"},"publisher-location":"Cham","reference-count":42,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319668079"},{"type":"electronic","value":"9783319668086"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-66808-6_10","type":"book-chapter","created":{"date-parts":[[2017,8,23]],"date-time":"2017-08-23T12:43:55Z","timestamp":1503492235000},"page":"137-154","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":11,"title":["IntelliAV: Toward the Feasibility of Building Intelligent Anti-malware on Android Devices"],"prefix":"10.1007","author":[{"given":"Mansour","family":"Ahmadi","sequence":"first","affiliation":[]},{"given":"Angelo","family":"Sotgiu","sequence":"additional","affiliation":[]},{"given":"Giorgio","family":"Giacinto","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,8,24]]},"reference":[{"key":"10_CR1","series-title":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","doi-asserted-by":"publisher","first-page":"86","DOI":"10.1007\/978-3-319-04283-1_6","volume-title":"Security and Privacy in Communication Networks","author":"Y Aafer","year":"2013","unstructured":"Aafer, Y., Du, W., Yin, H.: DroidAPIMiner: mining API-level features for robust malware detection in android. In: Zia, T., Zomaya, A., Varadharajan, V., Mao, M. (eds.) SecureComm 2013. LNICSSITE, vol. 127, pp. 86\u2013103. Springer, Cham (2013). doi:10.1007\/978-3-319-04283-1_6"},{"key":"10_CR2","unstructured":"Abadi, M., Barham, P., Chen, J., Chen, Z., Davis, A., Dean, J., Devin, M., Ghemawat, S., Irving, G., Isard, M., Kudlur, M., Levenberg, J., Monga, R., Moore, S., Murray, D.G., Steiner, B., Tucker, P., Vasudevan, V., Warden, P., Wicke, M., Yu, Y., Zheng, X.: Tensorflow: a system for large-scale machine learning. In: OSDI, pp. 265\u2013283. USENIX Association (2016)"},{"key":"10_CR3","doi-asserted-by":"crossref","unstructured":"Ahmadi, M., Biggio, B., Arzt, S., Ariu, D., Giacinto, G.: Detecting misuse of google cloud messaging in android badware. In: SPSM, pp. 103\u2013112 (2016)","DOI":"10.1145\/2994459.2994469"},{"key":"10_CR4","doi-asserted-by":"crossref","unstructured":"Ahmadi, M., Ulyanov, D., Semenov, S., Trofimov, M., Giacinto, G.: Novel feature extraction, selection and fusion for effective malware family classification. In: CODASPY, pp. 183\u2013194 (2016)","DOI":"10.1145\/2857705.2857713"},{"key":"10_CR5","doi-asserted-by":"crossref","unstructured":"Amos, B., Turner, H., White, J.: Applying machine learning classifiers to dynamic android malware detection at scale. In: 2013 9th International Wireless Communications and Mobile Computing Conference (IWCMC), pp. 1666\u20131671, July 2013","DOI":"10.1109\/IWCMC.2013.6583806"},{"key":"10_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"382","DOI":"10.1007\/978-3-319-26362-5_18","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"N Andronio","year":"2015","unstructured":"Andronio, N., Zanero, S., Maggi, F.: HelDroid: dissecting and detecting mobile ransomware. In: Bos, H., Monrose, F., Blanc, G. (eds.) RAID 2015. LNCS, vol. 9404, pp. 382\u2013404. Springer, Cham (2015). doi:10.1007\/978-3-319-26362-5_18"},{"key":"10_CR7","doi-asserted-by":"crossref","unstructured":"Aresu, M., Ariu, D., Ahmadi, M., Maiorca, D., Giacinto, G.: Clustering android malware families by http traffic. In: MALWARE, pp. 128\u2013135 (2015)","DOI":"10.1109\/MALWARE.2015.7413693"},{"key":"10_CR8","doi-asserted-by":"crossref","unstructured":"Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K.: Drebin: effective and explainable detection of android malware in your pocket. In: NDSS (2014)","DOI":"10.14722\/ndss.2014.23247"},{"key":"10_CR9","doi-asserted-by":"crossref","unstructured":"Arzt, S., Rasthofer, S., Fritz, C., Bodden, E., Bartel, A., Klein, J., Le Traon, Y., Octeau, D., McDaniel, P.: Flowdroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. In: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2014, NY, USA, pp. 259\u2013269. ACM, New York (2014)","DOI":"10.1145\/2594291.2594299"},{"key":"10_CR10","unstructured":"AV-TEST: Security report 2015\/16 (2017). https:\/\/goo.gl\/FepOGQ"},{"key":"10_CR11","doi-asserted-by":"crossref","unstructured":"Avdiienko, V., Kuznetsov, K., Gorla, A., Zeller, A., Arzt, S., Rasthofer, S., Bodden, E.: Mining apps for abnormal usage of sensitive data. In: ICSE, pp. 426\u2013436 (2015)","DOI":"10.1109\/ICSE.2015.61"},{"key":"10_CR12","doi-asserted-by":"crossref","unstructured":"Biggio, B., Corona, I., Maiorca, D., Nelson, B., \u0160rndi\u0107, N., Laskov, P., Giacinto, G., Roli, F.: Evasion attacks against machine learning at test time, pp. 387\u2013402 (2013)","DOI":"10.1007\/978-3-642-40994-3_25"},{"key":"10_CR13","series-title":"Information Science and Statistics","volume-title":"Pattern Recognition and Machine Learning","author":"C Bishop","year":"2006","unstructured":"Bishop, C.: Pattern Recognition and Machine Learning. Information Science and Statistics, 1st edn. Springer, New York (2006)","edition":"1"},{"issue":"1","key":"10_CR14","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1023\/A:1010933404324","volume":"45","author":"L Breiman","year":"2001","unstructured":"Breiman, L.: Random forests. Mach. Learn. 45(1), 5\u201332 (2001)","journal-title":"Mach. Learn."},{"key":"10_CR15","doi-asserted-by":"crossref","unstructured":"Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM 2011, NY, USA, pp. 15\u201326. ACM, New York (2011)","DOI":"10.1145\/2046614.2046619"},{"key":"10_CR16","unstructured":"Colthurst, T., Sculley, D., Hendry, G., Nado, Z.: Tensorforest: scalable random forests on tensorflow. In: Machine Learning Systems Workshop at NIPS (2016)"},{"key":"10_CR17","doi-asserted-by":"crossref","unstructured":"Dash, S.K., Suarez-Tangil, G., Khan, S., Tam, K., Ahmadi, M., Kinder, J., Cavallaro, L.: Droidscribe: classifying android malware based on runtime behavior. In: 2016 IEEE Security and Privacy Workshops (SPW), pp. 252\u2013261, May 2016","DOI":"10.1109\/SPW.2016.25"},{"key":"10_CR18","unstructured":"eweek: symantec adds deep learning to anti-malware tools to detect zero-days, January 2016. http:\/\/www.eweek.com\/security\/symantec-adds-deep-learning-to-anti-malware-tools-to-detect"},{"issue":"1","key":"10_CR19","first-page":"3133","volume":"15","author":"M Fern\u00e1ndez-Delgado","year":"2014","unstructured":"Fern\u00e1ndez-Delgado, M., Cernadas, E., Barro, S., Amorim, D.: Do we need hundreds of classifiers to solve real world classification problems? J. Mach. Learn. Res. 15(1), 3133\u20133181 (2014)","journal-title":"J. Mach. Learn. Res."},{"key":"10_CR20","unstructured":"Fortinet: Android locker malware uses google cloud messaging service, January 2017. https:\/\/blog.fortinet.com\/2017\/01\/16\/android-locker-malware-uses-google-cloud-messaging-service"},{"key":"10_CR21","unstructured":"Fortinet: deep analysis of android rootnik malware using advanced anti-debug and anti-hook, January 2017. https:\/\/goo.gl\/dq5w8R"},{"key":"10_CR22","unstructured":"Fortinet: teardown of a recent variant of android\/ztorg (part 1), March 2017. https:\/\/blog.fortinet.com\/2017\/03\/15\/teardown-of-a-recent-variant-of-android-ztorg-part-1"},{"key":"10_CR23","unstructured":"Fortinet: teardown of android\/ztorg (part 2), March 2017. http:\/\/blog.fortinet.com\/2017\/03\/08\/teardown-of-android-ztorg-part-2"},{"key":"10_CR24","unstructured":"Google: An investigation of chrysaor malware on android, April 2017. https:\/\/android-developers.googleblog.com\/2017\/04\/an-investigation-of-chrysaor-malware-on.html"},{"key":"10_CR25","unstructured":"IDC: smartphone OS market share, q2 2016 (2016). http:\/\/www.idc.com\/promo\/smartphone-market-share\/os"},{"issue":"2","key":"10_CR26","doi-asserted-by":"publisher","first-page":"92","DOI":"10.1109\/MPRV.2017.26","volume":"16","author":"N Islam","year":"2017","unstructured":"Islam, N., Das, S., Chen, Y.: On-device mobile phone security exploits machine learning. IEEE Pervasive Comput. 16(2), 92\u201396 (2017)","journal-title":"IEEE Pervasive Comput."},{"key":"10_CR27","unstructured":"Lookout: pegasus for android, April 2017. https:\/\/info.lookout.com\/rs\/051-ESQ-475\/images\/lookout-pegasus-android-technical-analysis.pdf"},{"key":"10_CR28","doi-asserted-by":"crossref","unstructured":"Maiorca, D., Mercaldo, F., Giacinto, G., Visaggio, A., Martinelli, F.: R-packdroid: API package-based characterization and detection of mobile ransomware. In: ACM Symposium on Applied Computing (2017)","DOI":"10.1145\/3019612.3019793"},{"key":"10_CR29","doi-asserted-by":"crossref","unstructured":"Mariconti, E., Onwuzurike, L., Andriotis, P., De Cristofaro, E., Ross, G., Stringhini, G.: MaMaDroid: detecting android malware by building markov chains of behavioral models. In: ISOC Network and Distributed Systems Security Symposiym (NDSS), San Diego, CA (2017)","DOI":"10.14722\/ndss.2017.23353"},{"key":"10_CR30","unstructured":"McAfee: mobile threat report (2016). https:\/\/www.mcafee.com\/us\/resources\/reports\/rp-mobile-threat-report-2016.pdf"},{"key":"10_CR31","unstructured":"Check point: charger malware calls and raises the risk on google play. http:\/\/blog.checkpoint.com\/2017\/01\/24\/charger-malware\/"},{"key":"10_CR32","unstructured":"Check point: preinstalled malware targeting mobile users. http:\/\/blog.checkpoint.com\/2017\/03\/10\/preinstalled-malware-targeting-mobile-users\/"},{"key":"10_CR33","unstructured":"Check point: whale of a tale: hummingbad returns. http:\/\/blog.checkpoint.com\/2017\/01\/23\/hummingbad-returns\/"},{"key":"10_CR34","unstructured":"Sadeghi, A., Bagheri, H., Garcia, J., Malek, S.: A taxonomy and qualitative comparison of program analysis techniques for security assessment of android software. IEEE Trans. Softw. Eng. PP(99), 1 (2016)"},{"key":"10_CR35","unstructured":"f secure: mobile threat report q1 2014 (2014). https:\/\/www.f-secure.com\/documents\/996508\/1030743\/Mobile_Threat_Report_Q1_2014.pdf"},{"key":"10_CR36","doi-asserted-by":"crossref","unstructured":"Suarez-Tangil, G., Dash, S.K., Ahmadi, M., Kinder, J., Giacinto, G., Cavallaro, L.: Droidsieve: fast and accurate classification of obfuscated android malware. In: Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy (CODASPY 2017), pp. 309\u2013320 (2017)","DOI":"10.1145\/3029806.3029825"},{"key":"10_CR37","doi-asserted-by":"crossref","unstructured":"Taylor, V.F., Martinovic, I.: Securank: starving permission-hungry apps using contextual permission analysis. In: Proceedings of the 6th Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM 2016), NY, USA, pp. 43\u201352. ACM, New York (2016)","DOI":"10.1145\/2994459.2994474"},{"key":"10_CR38","unstructured":"Trustlook: trustlook AI, March 2017. https:\/\/www.trustlook.com\/"},{"key":"10_CR39","unstructured":"VirusTotal: virustotal blog, March 2017. http:\/\/blog.virustotal.com\/2017_03_01_archive.html"},{"key":"10_CR40","doi-asserted-by":"crossref","unstructured":"Xia, M., Gong, L., Lyu, Y., Qi, Z., Liu, X.: Effective real-time android application auditing. In: IEEE Symposium on Security and Privacy, pp. 899\u2013914. IEEE Computer Society (2015)","DOI":"10.1109\/SP.2015.60"},{"key":"10_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"163","DOI":"10.1007\/978-3-319-11203-9_10","volume-title":"Computer Security - ESORICS 2014","author":"C Yang","year":"2014","unstructured":"Yang, C., Xu, Z., Gu, G., Yegneswaran, V., Porras, P.: DroidMiner: automated mining and characterization of fine-grained malicious behaviors in android applications. In: Kuty\u0142owski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8712, pp. 163\u2013182. Springer, Cham (2014). doi:10.1007\/978-3-319-11203-9_10"},{"key":"10_CR42","doi-asserted-by":"crossref","unstructured":"Zhang, M., Duan, Y., Yin, H., Zhao, Z.: Semantics-aware android malware classification using weighted contextual API dependency graphs. In: CCS, New York, NY, USA, pp. 1105\u20131116 (2014)","DOI":"10.1145\/2660267.2660359"}],"container-title":["Lecture Notes in Computer Science","Machine Learning and Knowledge Extraction"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-66808-6_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,13]],"date-time":"2024-03-13T16:08:03Z","timestamp":1710346083000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-66808-6_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319668079","9783319668086"],"references-count":42,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-66808-6_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"24 August 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CD-MAKE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Cross-Domain Conference for Machine Learning and Knowledge Extraction","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Reggio","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Italy","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2017","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 August 2017","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1 September 2017","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"cd-make2017","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/cd-make.net\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}