{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,18]],"date-time":"2025-10-18T10:47:56Z","timestamp":1760784476030,"version":"3.41.0"},"publisher-location":"Cham","reference-count":35,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319788128"},{"type":"electronic","value":"9783319788135"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-78813-5_26","type":"book-chapter","created":{"date-parts":[[2018,4,10]],"date-time":"2018-04-10T10:03:21Z","timestamp":1523354601000},"page":"510-529","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Defining and Detecting Environment Discrimination in Android Apps"],"prefix":"10.1007","author":[{"given":"Yunfeng","family":"Hong","sequence":"first","affiliation":[]},{"given":"Yongjian","family":"Hu","sequence":"additional","affiliation":[]},{"given":"Chun-Ming","family":"Lai","sequence":"additional","affiliation":[]},{"given":"S.","family":"Felix Wu","sequence":"additional","affiliation":[]},{"given":"Iulian","family":"Neamtiu","sequence":"additional","affiliation":[]},{"given":"Patrick","family":"McDaniel","sequence":"additional","affiliation":[]},{"given":"Paul","family":"Yu","sequence":"additional","affiliation":[]},{"given":"Hasan","family":"Cam","sequence":"additional","affiliation":[]},{"given":"Gail-Joon","family":"Ahn","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,4,11]]},"reference":[{"key":"26_CR1","unstructured":"Chaffey, D.: Mobile marketing statistics compilation. http:\/\/www.smartinsights.com\/mobile-marketing\/mobile-marketing-analytics\/mobile-marketing-statistics\/ . Accessed 5 June 2017"},{"key":"26_CR2","unstructured":"Christian, L.: 8,400 new android malware samples every day. https:\/\/www.gdatasoftware.com\/blog\/2017\/04\/29712-8-400-new-android-malware-samples-every-day\/ . Accessed 25 May 2017"},{"key":"26_CR3","doi-asserted-by":"crossref","unstructured":"Vidas, T., Christin, N.: Evading android runtime analysis via sandbox detection. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, pp. 447\u2013458. ACM (2014)","DOI":"10.1145\/2590296.2590325"},{"key":"26_CR4","unstructured":"Shimpi, A.L., Klug, B.: They\u2019re (almost) all dirty: the state of cheating in android benchmarks. http:\/\/www.anandtech.com\/show\/7384\/state-of-cheating-in-android-benchmarks\/ . Accessed 19 May 2017"},{"key":"26_CR5","unstructured":"Hruska, J.: Samsung goes legit, stops cheating on benchmarks with latest android update. http:\/\/www.extremetech.com\/computing\/177841-samsungs-latest-android-update-no-longer-cheats-on-benchmarks\/ . Accessed 11 June 2017"},{"key":"26_CR6","unstructured":"Mack, E.: HTC admits boosting one M8 benchmarks; makes it a feature. http:\/\/www.cnet.com\/news\/is-the-htc-one-m8-that-good-benchmark-cheating-alleged-again\/ . Accessed 10 June 2017"},{"key":"26_CR7","unstructured":"Hotten, R.: Volkswagen: the scandal explained. http:\/\/www.bbc.com\/news\/business-34324772\/ . Accessed 4 Jun 2017"},{"key":"26_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1007\/3-540-08934-9_80","volume-title":"Information Systems Methodology","author":"W Bartussek","year":"1978","unstructured":"Bartussek, W., Parnas, D.L.: Using assertions about traces to write abstract specifications for software modules. In: Bracchi, G., Lockemann, P.C. (eds.) ECI 1978. LNCS, vol. 65, pp. 211\u2013236. Springer, Heidelberg (1978). https:\/\/doi.org\/10.1007\/3-540-08934-9_80"},{"issue":"1","key":"26_CR9","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1007\/BF00260922","volume":"10","author":"JV Guttag","year":"1978","unstructured":"Guttag, J.V., Horning, J.J.: The algebraic specification of abstract data types. Acta Inform. 10(1), 27\u201352 (1978)","journal-title":"Acta Inform."},{"issue":"3","key":"26_CR10","doi-asserted-by":"publisher","first-page":"600","DOI":"10.1145\/828.829","volume":"31","author":"J McLean","year":"1984","unstructured":"McLean, J.: A formal method for the abstract specification of software. J. ACM (JACM) 31(3), 600\u2013627 (1984)","journal-title":"J. ACM (JACM)"},{"issue":"7","key":"26_CR11","doi-asserted-by":"publisher","first-page":"385","DOI":"10.1145\/360248.360252","volume":"19","author":"JC James","year":"1976","unstructured":"James, J.C.: Symbolic execution and program testing. Commun. ACM 19(7), 385\u2013394 (1976)","journal-title":"Commun. ACM"},{"key":"26_CR12","doi-asserted-by":"crossref","unstructured":"Clarke, L.A.: A program testing system. In: Proceedings of the 1976 Annual Conference, pp. 488\u2013491. ACM (1976)","DOI":"10.1145\/800191.805647"},{"key":"26_CR13","unstructured":"Yan, L.K., Yin, H.: Droidscope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis. In: USENIX Security Symposium, pp. 569\u2013584 (2012)"},{"issue":"2","key":"26_CR14","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1145\/2619091","volume":"32","author":"W Enck","year":"2014","unstructured":"Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B.G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. (TOCS) 32(2), 5 (2014)","journal-title":"ACM Trans. Comput. Syst. (TOCS)"},{"key":"26_CR15","doi-asserted-by":"crossref","unstructured":"Sarwar, G., Mehani, O., Boreli, R., Kaafar, M.A.: On the effectiveness of dynamic taint analysis for protecting against private information leaks on android-based devices. In: SECRYPT, pp. 461\u2013468 (2013)","DOI":"10.5220\/0004535104610468"},{"key":"26_CR16","doi-asserted-by":"crossref","unstructured":"Slowinska, A., Bos, H.: Pointless tainting? Evaluating the practicality of pointer tainting. In: Proceedings of the 4th ACM European Conference on Computer Systems, pp. 61\u201374. ACM (2009)","DOI":"10.1145\/1519065.1519073"},{"key":"26_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1007\/978-3-540-70542-0_8","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"L Cavallaro","year":"2008","unstructured":"Cavallaro, L., Saxena, P., Sekar, R.: On the limits of information flow techniques for malware analysis and containment. In: Zamboni, D. (ed.) DIMVA 2008. LNCS, vol. 5137, pp. 143\u2013163. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-70542-0_8"},{"key":"26_CR18","doi-asserted-by":"crossref","unstructured":"Lindorfer, M., Neugschwandtner, M., Weichselbaum, L., Fratantonio, Y., Van Der Veen, V., Platzer, C.: ANDRUBIS -1,000,000 apps later: a view on current android malware behaviors. In: Proceedings of the the 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS) (2014)","DOI":"10.1109\/BADGERS.2014.7"},{"key":"26_CR19","unstructured":"Lantz, P., Desnos, A., Yang, K.: Droidbox: Android application sandbox (2012)"},{"key":"26_CR20","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1109\/MSP.2007.45","volume":"2","author":"C Willems","year":"2007","unstructured":"Willems, C., Holz, T., Freiling, F.: Toward automated dynamic malware analysis using CWSandbox. IEEE Secur. Priv. 2, 32\u201339 (2007)","journal-title":"IEEE Secur. Priv."},{"key":"26_CR21","unstructured":"Bayer, U., Kruegel, C., Kirda, E.: TTAnalyze: a tool for analyzing malware. (na, 2006)"},{"key":"26_CR22","unstructured":"Norman safeground antivirus software. http:\/\/www.norman.com\/ . Accessed 8 June 2017"},{"key":"26_CR23","doi-asserted-by":"crossref","unstructured":"Dinaburg, A., Royal, P., Sharif, M., Lee, W.: Ether: malware analysis via hardware virtualization extensions. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 51\u201362. ACM (2008)","DOI":"10.1145\/1455770.1455779"},{"key":"26_CR24","doi-asserted-by":"crossref","unstructured":"Rastogi, V., Chen, Y., Enck, W.: Appsplayground: automatic security analysis of smartphone applications. In: Proceedings of the Third ACM Conference on Data and Application Security and Privacy, pp. 209\u2013220. ACM (2013)","DOI":"10.1145\/2435349.2435379"},{"key":"26_CR25","doi-asserted-by":"crossref","unstructured":"Fattori, A., Paleari, R., Martignoni, L., Monga, M.: Dynamic and transparent analysis of commodity production systems. In: Proceedings of the IEEE\/ACM International Conference on Automated Software Engineering, pp. 417\u2013426. ACM (2010)","DOI":"10.1145\/1858996.1859085"},{"key":"26_CR26","unstructured":"Hruska J.: Android and security. http:\/\/googlemobile.blogspot.it\/2012\/02\/android-and-security.html\/ . Accessed 11 May 2017"},{"key":"26_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"198","DOI":"10.1007\/978-3-540-74320-0_11","volume-title":"Recent Advances in Intrusion Detection","author":"X Jiang","year":"2007","unstructured":"Jiang, X., Wang, X.: \u201cOut-of-the-Box\u201d monitoring of VM-based high-interaction honeypots. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol. 4637, pp. 198\u2013218. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-74320-0_11"},{"key":"26_CR28","unstructured":"Bellard, F.: QEMU, a fast and portable dynamic translator. In: USENIX Annual Technical Conference, FREENIX Track, p. 41 (2005)"},{"key":"26_CR29","doi-asserted-by":"crossref","unstructured":"Fogla, P., Lee, W.: Evading network anomaly detection systems: formal reasoning and practical techniques. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 59\u201368. ACM (2006)","DOI":"10.1145\/1180405.1180414"},{"issue":"3","key":"26_CR30","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1007\/s11416-008-0096-y","volume":"6","author":"B Lau","year":"2010","unstructured":"Lau, B., Svajcer, V.: Measuring virtual machine detection in malware using DSD tracer. J. Comput. Virol. 6(3), 181\u2013195 (2010)","journal-title":"J. Comput. Virol."},{"key":"26_CR31","doi-asserted-by":"crossref","unstructured":"Paleari, R., Martignoni, L., Roglia, G.F., Bruschi, D.: A fistful of red-pills: how to automatically generate procedures to detect CPU emulators. In: Proceedings of the USENIX Workshop on Offensive Technologies (WOOT), vol. 41, p. 86 (2009)","DOI":"10.1145\/1572272.1572303"},{"key":"26_CR32","doi-asserted-by":"crossref","unstructured":"Petsas, T., Voyatzis, G., Athanasopoulos, E., Polychronakis, M., Ioannidis, S.: Rage against the virtual machine: hindering dynamic analysis of Android malware. In: Proceedings of the Seventh European Workshop on System Security, p. 5. ACM (2014)","DOI":"10.1145\/2592791.2592796"},{"key":"26_CR33","doi-asserted-by":"crossref","unstructured":"Jing, Y., Zhao, Z., Ahn, G.J., Hu, H.: Morpheus: automatically generating heuristics to detect Android emulators. In: Proceedings of the 30th Annual Computer Security Applications Conference, pp. 216\u2013225. ACM (2014)","DOI":"10.1145\/2664243.2664250"},{"key":"26_CR34","unstructured":"Kirat, D., Vigna, G., Kruegel, C.: Barecloud: bare-metal analysis-based evasive malware detection. In: 23rd USENIX Security Symposium (USENIX Security 2014), pp. 287\u2013301 (2014)"},{"key":"26_CR35","unstructured":"Balzarotti, D., Cova, M., Karlberger, C., Kirda, E., Kruegel, C.M., Vigna, G.: Efficient detection of split personalities in malware. In: NDSS (2010)"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-78813-5_26","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,3]],"date-time":"2025-07-03T15:11:09Z","timestamp":1751555469000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-78813-5_26"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319788128","9783319788135"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-78813-5_26","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2018]]}}}