{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,3]],"date-time":"2026-03-03T21:37:09Z","timestamp":1772573829352,"version":"3.50.1"},"reference-count":43,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2020,9,4]],"date-time":"2020-09-04T00:00:00Z","timestamp":1599177600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,9,4]],"date-time":"2020-09-04T00:00:00Z","timestamp":1599177600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"funder":[{"DOI":"10.13039\/100010662","name":"H2020 Excellent Science","doi-asserted-by":"publisher","award":["700294"],"award-info":[{"award-number":["700294"]}],"id":[{"id":"10.13039\/100010662","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100010662","name":"H2020 Excellent Science","doi-asserted-by":"publisher","award":["830892"],"award-info":[{"award-number":["830892"]}],"id":[{"id":"10.13039\/100010662","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Soft Comput"],"published-print":{"date-parts":[[2021,2]]},"DOI":"10.1007\/s00500-020-05299-4","type":"journal-article","created":{"date-parts":[[2020,9,4]],"date-time":"2020-09-04T05:02:32Z","timestamp":1599195752000},"page":"2295-2314","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Ask a(n)droid to tell you the odds: probabilistic security-by-contract for mobile devices"],"prefix":"10.1007","volume":"25","author":[{"given":"Alessandro","family":"Aldini","sequence":"first","affiliation":[]},{"given":"Antonio","family":"La Marra","sequence":"additional","affiliation":[]},{"given":"Fabio","family":"Martinelli","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8149-9322","authenticated-orcid":false,"given":"Andrea","family":"Saracino","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,9,4]]},"reference":[{"issue":"11","key":"5299_CR1","doi-asserted-by":"publisher","first-page":"1503","DOI":"10.1016\/j.ress.2006.10.003","volume":"92","author":"A Aldini","year":"2007","unstructured":"Aldini A, Bernardo M (2007) A formal approach to the integrated analysis of security and QoS. Reliab. Eng. Syst. Saf. 92(11):1503\u20131520","journal-title":"Reliab. Eng. Syst. Saf."},{"issue":"11","key":"5299_CR2","doi-asserted-by":"publisher","first-page":"2818","DOI":"10.1002\/cpe.3447","volume":"27","author":"A Aldini","year":"2015","unstructured":"Aldini A, Martinelli F, Saracino A, Sgandurra D (2015) Detection of repackaged mobile applications through a collaborative approach. Concurr. Comput.: Pract. Exp. 27(11):2818\u20132838","journal-title":"Concurr. Comput.: Pract. Exp."},{"issue":"1","key":"5299_CR3","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1108\/ICS-05-2016-0037","volume":"25","author":"A Aldini","year":"2017","unstructured":"Aldini A, Seigneur JM, Lafuente C, Titi X, Guislain J (2017) Design and validation of a trust-based opportunity-enabled risk management system. Inf. Comput. Secur. 25(1):2\u201325. https:\/\/doi.org\/10.1108\/ICS-05-2016-0037","journal-title":"Inf. Comput. Secur."},{"key":"5299_CR4","doi-asserted-by":"crossref","unstructured":"Aldini A, Bravetti M, Di Pierro A, Gorrieri R, Hankin C, Wiklicky H (2004) Two formal approaches for approximating noninterference properties. In: Foundations of security analysis and design II, LNCS, Springer, Berlin, vol 2946, pp 1\u201343","DOI":"10.1007\/978-3-540-24631-2_1"},{"key":"5299_CR5","doi-asserted-by":"crossref","unstructured":"Aldini A, Di Pierro A (2004) A quantitative approach to noninterference for probabilistic systems. In: Proceedings of formal methods for security and time, ENTCS. vol 99, pp 155\u2013182","DOI":"10.1016\/j.entcs.2004.02.007"},{"key":"5299_CR6","doi-asserted-by":"crossref","unstructured":"Aldini A, Martinelli F, Saracino A, Sgandurra D (2013) A collaborative framework for generating probabilistic contracts. In: Proceedings of the 2013 IEEE international conference on collaboration technologies and systems, pp 139\u2013143. 978-1-4763-6404-1\/13","DOI":"10.1109\/CTS.2013.6567219"},{"key":"5299_CR7","doi-asserted-by":"publisher","unstructured":"Backes M, Bugiel S, Derr E, Gerling S, Hammer C (2016) R-droid: leveraging android app analysis with static slice optimization. In: Proceedings of the 11th ACM on Asia conference on computer and communications security, ASIA CCS\u201916, pp 129\u2013140. ACM, New York, NY, USA. https:\/\/doi.org\/10.1145\/2897845.2897927","DOI":"10.1145\/2897845.2897927"},{"key":"5299_CR8","volume-title":"Principles of model checking","author":"C Baier","year":"2008","unstructured":"Baier C, Katoen JP (2008) Principles of model checking. MIT Press, Cambridge"},{"key":"5299_CR9","volume-title":"Handbook of process algebra","author":"J Bergstra","year":"2001","unstructured":"Bergstra J, Ponse A, Smolka S (2001) Handbook of process algebra. Elsevier, Amsterdam"},{"key":"5299_CR10","doi-asserted-by":"crossref","unstructured":"Bielova N, Massacci F (2011) Predictability of enforcement. In: Proceedings of the international symposium on engineering secure software and systems, ESSoS\u201911, LNCS, Springer, Berlin. vol 6542, pp 73\u201386","DOI":"10.1007\/978-3-642-19125-1_6"},{"key":"5299_CR11","unstructured":"BusinessOfApps: App statistic report. Tech. rep. (2016). Available at: http:\/\/www.businessofapps.com\/data\/app-statistics\/"},{"issue":"4","key":"5299_CR12","first-page":"300","volume":"1","author":"SH Cha","year":"2007","unstructured":"Cha SH (2007) Comprehensive survey on distance\/similarity measures between probability density functions. Int. J. Math. Models Methods Appl. Sci. 1(4):300\u2013307","journal-title":"Int. J. Math. Models Methods Appl. Sci."},{"key":"5299_CR13","doi-asserted-by":"crossref","unstructured":"Chen T, Forejt V, Kwiatkowska M, Parker D, Simaitis A (2013) PRISM-games: a model checker for stochastic multi-player games. In: Proceedings of the 19th international conference on tools and algorithms for the construction and analysis of systems (TACAS\u201913), LNCS. Springer, Berlin, vol 7795, pp 185\u2013191","DOI":"10.1007\/978-3-642-36742-7_13"},{"key":"5299_CR14","doi-asserted-by":"crossref","unstructured":"Costa G, Dragoni N, Lazouski A, Martinelli F, Massacci F, Matteucci I (2010) Extending Security-by-Contract with quantitative trust on mobile devices. In: Proceeding of the 4th international conference on complex, intelligent and software intensive systems, pp 872\u2013877. IEEE CS","DOI":"10.1109\/CISIS.2010.33"},{"key":"5299_CR15","doi-asserted-by":"crossref","unstructured":"Delahaye B, Caillaud B, Legay A (2010) Probabilistic contracts: a compositional reasoning methodology for the design of stochastic systems. In: Procs. of 10th Int. Conf. on Application of Concurrency to System Design, ACSD\u201910, pp. 223\u2013232. IEEE","DOI":"10.1109\/ACSD.2010.13"},{"key":"5299_CR16","doi-asserted-by":"publisher","first-page":"323","DOI":"10.1016\/j.tcs.2003.09.013","volume":"318","author":"J Desharnais","year":"2004","unstructured":"Desharnais J, Gupta V, Jagadeesan R, Panangaden P (2004) Metrics for labelled Markov processes. Theoret Comput Sci 318:323\u2013354","journal-title":"Theoret Comput Sci"},{"key":"5299_CR17","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2016.05.035","author":"G Dini","year":"2016","unstructured":"Dini G, Martinelli F, Matteucci I, Petrocchi M, Saracino A, Sgandurra D (2016) Risk analysis of android applications: a user-centric solution. Future Gener Comput Syst. https:\/\/doi.org\/10.1016\/j.future.2016.05.035","journal-title":"Future Gener Comput Syst"},{"key":"5299_CR18","doi-asserted-by":"crossref","unstructured":"Dini G, Martinelli F, Matteucci I, Petrocchi M, Saracino A, Sgandurra D (2012a) A multi-criteria-based evaluation of Android applications. In: Proceedings of the 4th international conference on trusted systems (INTRUST\u201912), LNCS. Springer, Berlin, pp. 67\u201382","DOI":"10.1007\/978-3-642-35371-0_7"},{"key":"5299_CR19","doi-asserted-by":"crossref","unstructured":"Dini G, Martinelli F, Saracino A, Sgandurra D (2012b) Madam: A multi-level anomaly detector for android malware. In: Kotenko I, Skormin V (eds.) Computer Network Security, LNCS, Springer, Berlin. vol 7531, pp 240\u2013253","DOI":"10.1007\/978-3-642-33704-8_21"},{"key":"5299_CR20","first-page":"429","volume-title":"At your service\u2014service-oriented computing from an EU Perspective","author":"N Dragoni","year":"2008","unstructured":"Dragoni N, Martinelli F, Massacci F, Mori P, Schaefer C, Walter T, Vetillard E (2008) Security-by-contract (SxC) for software and services of mobile systems. In: Di Nitto E, Sassen AM, Traverso P, Zwegers A (eds) At your service\u2014service-oriented computing from an EU Perspective. MIT Press, Cambridge, pp 429\u2013456"},{"key":"5299_CR21","unstructured":"Easwaran A, Kannan S, Lee I (2005) Optimal control of software ensuring safety and functionality. Tech. Rep. MS-CIS-05-20, University of Pennsylvania"},{"issue":"3","key":"5299_CR22","doi-asserted-by":"publisher","first-page":"99","DOI":"10.1145\/2494522","volume":"57","author":"W Enck","year":"2014","unstructured":"Enck W, Gilbert P, Chun BG, Cox LP, Jung J, McDaniel P, Sheth AN (2014) TaintDroid: an information flow tracking system for real-time privacy monitoring on smartphones. Commun ACM 57(3):99\u2013106. https:\/\/doi.org\/10.1145\/2494522","journal-title":"Commun ACM"},{"key":"5299_CR23","doi-asserted-by":"crossref","unstructured":"Felt AP, Ha E, Egelman S, Haney A, Chin E, Wagner D (2012) Android permissions: user attention, comprehension, and behavior. In: Symposium on usable privacy and security, SOUPS \u201912, Washington, DC, USA - July 11\u201313, 2012, p 3","DOI":"10.1145\/2335356.2335360"},{"key":"5299_CR24","unstructured":"Funk C, Garnaeva M (2013) Kaspersky security bullettin 2013. Tech. rep. http:\/\/media.kaspersky.com\/pdf\/KSB_2013_EN.pdf"},{"key":"5299_CR25","doi-asserted-by":"publisher","unstructured":"Gascon H, Yamaguchi F, Arp D, Rieck K (2013) Structural detection of Android malware using embedded call graphs. In: Proceedings of the 2013 ACM workshop on artificial intelligence and security, AISec\u201913, pp 45\u201354. ACM. https:\/\/doi.org\/10.1145\/2517312.2517315","DOI":"10.1145\/2517312.2517315"},{"key":"5299_CR26","volume-title":"Introduction to probability","author":"C Grinstead","year":"2012","unstructured":"Grinstead C, Snell J (2012) Introduction to probability. American Mathematical Society, Providence"},{"key":"5299_CR27","doi-asserted-by":"crossref","unstructured":"Hoang X, Hu J (2004) An efficient hidden Markov model training scheme for anomaly intrusion detection of server applications based on system calls. In: Proceedings of 12th IEEE international conference on networks, ICON\u201904, vol 2, pp 470\u2013474. IEEE","DOI":"10.1109\/ICON.2004.1409210"},{"issue":"5","key":"5299_CR28","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1109\/52.605929","volume":"14","author":"A Kosoresow","year":"1997","unstructured":"Kosoresow A, Hofmeyer S (1997) Intrusion detection via system call traces. Software 14(5):35\u201342","journal-title":"Software"},{"key":"5299_CR29","doi-asserted-by":"crossref","unstructured":"Kwiatkowska M, Norman G, Parker D (2011) PRISM 4.0: verification of probabilistic real-time systems. In: Gopalakrishnan G, Qadeer S (eds.) Proceedings of the 23rd international conference on computer aided verification (CAV\u201911), LNCS, vol 6806, pp 585\u2013591. Springer, Berlin","DOI":"10.1007\/978-3-642-22110-1_47"},{"key":"5299_CR30","volume-title":"An introduction to mathematical statistics and its applications","author":"R Larsen","year":"2011","unstructured":"Larsen R, Marx M (2011) An introduction to mathematical statistics and its applications. Pearson, London"},{"issue":"4","key":"5299_CR31","doi-asserted-by":"publisher","first-page":"381","DOI":"10.1109\/TDSC.2008.69","volume":"7","author":"F Maggi","year":"2010","unstructured":"Maggi F, Matteucci M, Zanero S (2010) Detecting intrusions through system call sequence and argument analysis. IEEE Trans Dependable Secur Comput 7(4):381\u2013395","journal-title":"IEEE Trans Dependable Secur Comput"},{"key":"5299_CR32","doi-asserted-by":"publisher","unstructured":"Marra AL, Martinelli F, Saracino A, Aldini A (2016) On probabilistic application compliance. In: 2016 IEEE Conference Trustcom\/BigDataSE\/ISPA, Tianjin, China, pp 1848\u20131855. https:\/\/doi.org\/10.1109\/TrustCom.2016.0283","DOI":"10.1109\/TrustCom.2016.0283"},{"key":"5299_CR33","doi-asserted-by":"crossref","unstructured":"Martinelli F, Matteucci I (2007) Through modeling to synthesis of security automata. In: ENTCS 179","DOI":"10.1016\/j.entcs.2006.08.029"},{"key":"5299_CR34","doi-asserted-by":"publisher","unstructured":"Martinelli F, Mercaldo F, Saracino A, Visaggio CA (2016) I find your behavior disturbing: Static and dynamic app behavioral analysis for detection of android malware. In: 2016 14th Annual conference on privacy, security and trust (PST), pp 129\u2013136. https:\/\/doi.org\/10.1109\/PST.2016.7906947","DOI":"10.1109\/PST.2016.7906947"},{"key":"5299_CR35","doi-asserted-by":"crossref","unstructured":"Martinelli F, Morisset C (2012) Quantitative access control with partially-observable Markov decision processes. In: Proceedings of 2nd ACM conference on data and application security and privacy, CODASPY\u201912, pp 169\u2013180. ACM, Cambridge","DOI":"10.1145\/2133601.2133623"},{"key":"5299_CR36","unstructured":"Ponemon Institute: The state of mobile application insecurity. Tech. rep. (2015)"},{"key":"5299_CR37","volume-title":"Artificial intelligence: a modern approach","author":"S Russell","year":"2010","unstructured":"Russell S, Norvig P (2010) Artificial intelligence: a modern approach. Prentice Hall, Cambridge"},{"key":"5299_CR38","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2016.2536605","author":"A Saracino","year":"2016","unstructured":"Saracino A, Sgandurra D, Dini G, Martinelli F (2016) MADAM: effective and efficient behavior-based android malware detection and prevention. IEEE Trans Depend Secure Comput. https:\/\/doi.org\/10.1109\/TDSC.2016.2536605","journal-title":"IEEE Trans Depend Secure Comput"},{"key":"5299_CR39","doi-asserted-by":"publisher","unstructured":"Saracino A, Martinelli F, Alboreto G, Dini G (2016) Data-sluice: fine-grained traffic control for Android application. In: IEEE symposium on computers and communication, ISCC\u201916, pp 702\u2013709. https:\/\/doi.org\/10.1109\/ISCC.2016.7543819","DOI":"10.1109\/ISCC.2016.7543819"},{"issue":"6","key":"5299_CR40","doi-asserted-by":"publisher","first-page":"24","DOI":"10.1109\/MC.2014.169","volume":"47","author":"G Suarez-Tangil","year":"2014","unstructured":"Suarez-Tangil G, Tapiador J, Lombardi F, Di Pietro R (2014) Thwarting obfuscated malware via differential fault analysis. Computer 47(6):24\u201331. https:\/\/doi.org\/10.1109\/MC.2014.169","journal-title":"Computer"},{"key":"5299_CR41","doi-asserted-by":"publisher","unstructured":"Wang R, Azab AM, Enck W, Li N, Ning P, Chen X, Shen W, Cheng Y (2017) SPOKE: scalable knowledge collection and attack surface analysis of access control policy for security enhanced Android. In: Proceedings of the 2017 ACM on Asia conference on computer and communications security, ASIA CCS \u201917, pp 612\u2013624. ACM, New York, NY, USA. https:\/\/doi.org\/10.1145\/3052973.3052991","DOI":"10.1145\/3052973.3052991"},{"key":"5299_CR42","unstructured":"Xposedbridge development tutorial (2012). https:\/\/github.com\/rovo89\/XposedBridge\/wiki\/Development-tutorial"},{"key":"5299_CR43","doi-asserted-by":"publisher","unstructured":"Zhang M, Duan Y, Yin H, Zhao Z (2014) Semantics-aware Android malware classification using weighted contextual API dependency graphs. In: Proceedingss of the 2014 ACM SIGSAC conference on computer and communications security, CCS\u201914, pp 1105\u20131116. ACM. https:\/\/doi.org\/10.1145\/2660267.2660359","DOI":"10.1145\/2660267.2660359"}],"container-title":["Soft Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s00500-020-05299-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s00500-020-05299-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s00500-020-05299-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,8,13]],"date-time":"2024-08-13T05:00:23Z","timestamp":1723525223000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s00500-020-05299-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,9,4]]},"references-count":43,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2021,2]]}},"alternative-id":["5299"],"URL":"https:\/\/doi.org\/10.1007\/s00500-020-05299-4","relation":{},"ISSN":["1432-7643","1433-7479"],"issn-type":[{"value":"1432-7643","type":"print"},{"value":"1433-7479","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,9,4]]},"assertion":[{"value":"4 September 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Compliance with ethical standards"}},{"value":"The authors declare that they have no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"This article does not contain any studies with human participants or animals performed by any of the authors.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Human participants or animals"}}]}}