{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,4]],"date-time":"2025-12-04T10:09:30Z","timestamp":1764842970810,"version":"3.37.3"},"reference-count":52,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Soft Comput"],"published-print":{"date-parts":[[2025,1]]},"DOI":"10.1007\/s00500-025-10489-z","type":"journal-article","created":{"date-parts":[[2025,2,10]],"date-time":"2025-02-10T02:54:01Z","timestamp":1739156041000},"page":"593-611","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Robust security risk estimation for android apps using nearest neighbor approach and hamming distance"],"prefix":"10.1007","volume":"29","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9417-9018","authenticated-orcid":false,"given":"Mahmood","family":"Deypir","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1797-6910","authenticated-orcid":false,"given":"Toktam","family":"Zoughi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,2,10]]},"reference":[{"key":"10489_CR1","doi-asserted-by":"crossref","unstructured":"Aafer Y, Du W, and Yin H (2013) DroidAPIMiner: mining API-level features for robust malware detection in android. In: Security and Privacy in Communication Networks, pp 86\u2013103","DOI":"10.1007\/978-3-319-04283-1_6"},{"key":"10489_CR2","doi-asserted-by":"crossref","unstructured":"Alshehri A, Marcinek P, Alzahrani A, Alshahrani H & Fu H (2019) Puredroid: Permission usage and risk estimation for android applications. In: Proceedings of the 2019 3rd international conference on information system and data mining (pp 179\u2013184)","DOI":"10.1145\/3325917.3325941"},{"issue":"6","key":"10489_CR3","doi-asserted-by":"publisher","first-page":"942","DOI":"10.3390\/electronics9060942","volume":"9","author":"F Alswaina","year":"2020","unstructured":"Alswaina F, Elleithy K (2020) Android malware family classification and analysis: current status and future directions. Electronics 9(6):942","journal-title":"Electronics"},{"key":"10489_CR4","first-page":"23","volume":"14","author":"D Arp","year":"2014","unstructured":"Arp D, Spreitzenbarth M, Hubner M, Gascon H, Rieck K, Siemens CERT (2014) Drebin: effective and explainable detection of android malware in your pocket. In Ndss 14:23\u201326","journal-title":"In Ndss"},{"key":"10489_CR5","doi-asserted-by":"crossref","unstructured":"Au KWY, Zhou YF, Huang Z, Lie D (2012) Pscout: analyzing the android permission specification. In: Proceedings of the 2012 ACM conference on Computer and communications security, pp 217\u2013228","DOI":"10.1145\/2382196.2382222"},{"key":"10489_CR6","doi-asserted-by":"crossref","unstructured":"Baldini G and Geneiatakis D (2019) A performance evaluation on distance measures in KNN for mobile malware detection. In: 2019 6th international conference on control, decision and information technologies (CoDIT), pp 193\u2013198, IEEE","DOI":"10.1109\/CoDIT.2019.8820510"},{"key":"10489_CR7","doi-asserted-by":"crossref","unstructured":"Barrera D, Kayacik HG, van Oorschot PC and Somayaji A (2010) A methodology for empirical analysis of permission-based security models and its application to android. In: Proceedings of the 17th ACM conference on Computer and communications security, pp 73\u201384","DOI":"10.1145\/1866307.1866317"},{"key":"10489_CR8","doi-asserted-by":"crossref","unstructured":"Borah P, Bhattacharyya DK and Kalita JK (2020) Malware dataset generation and evaluation. In: 2020 IEEE 4th Conference on Information & Communication Technology (CICT), pp 1\u20136, IEEE, 2020","DOI":"10.1109\/CICT51604.2020.9312053"},{"key":"10489_CR9","doi-asserted-by":"crossref","unstructured":"Burguera I, Zurutuza U and Nadjm-Tehrani S (2011) Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, pp 15\u201326","DOI":"10.1145\/2046614.2046619"},{"key":"10489_CR10","doi-asserted-by":"publisher","first-page":"191","DOI":"10.1016\/j.neucom.2022.04.030","volume":"493","author":"Y Cai","year":"2022","unstructured":"Cai Y, Huang JZ, Yin J (2022) A new method to build the adaptive k-nearest neighbors similarity graph matrix for spectral clustering. Neurocomputing 493:191\u2013203","journal-title":"Neurocomputing"},{"key":"10489_CR11","doi-asserted-by":"crossref","unstructured":"Chakradeo S, Reaves B, Traynor P, Enck W (2013) Mast: triage for market-scale mobile malware analysis. In: Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks, pp 13\u201324","DOI":"10.1145\/2462096.2462100"},{"key":"10489_CR12","doi-asserted-by":"crossref","unstructured":"Chen Y, Li Y, Tseng A and Lin T (2018) Deep learning for malicious flow detection. IEEE Access p 7","DOI":"10.1109\/PIMRC.2017.8292316"},{"key":"10489_CR13","doi-asserted-by":"crossref","unstructured":"Christodorescu M, Jha S, Kruegel C (2008) Mining specifications of malicious behavior. In: Proceedings of the 1st India software engineering conference, ACM, pp 5\u201314","DOI":"10.1145\/1342211.1342215"},{"issue":"1","key":"10489_CR14","first-page":"73","volume":"5","author":"M Deypir","year":"2017","unstructured":"Deypir M (2017) Estimating security risks of android apps using information gain. Electron Cyber Defense 5(1):73\u201383 (in Persian)","journal-title":"Electron Cyber Defense"},{"issue":"16","key":"10489_CR15","doi-asserted-by":"publisher","first-page":"7303","DOI":"10.1007\/s00500-018-3377-5","volume":"23","author":"M Deypir","year":"2019","unstructured":"Deypir M (2019) Entropy-based security risk measurement for Android mobile applications. Soft Comput 23(16):7303\u20137319","journal-title":"Soft Comput"},{"key":"10489_CR16","first-page":"20","volume":"40","author":"M Deypir","year":"2018","unstructured":"Deypir M, Horri A (2018) Instance based security risk value estimation for Android applications. J Inf Secur Appl 40:20\u201330","journal-title":"J Inf Secur Appl"},{"key":"10489_CR17","first-page":"2","volume":"2","author":"W Enck","year":"2011","unstructured":"Enck W, Octeau D, McDaniel P, Chaudhuri S (2011) A study of android application security. USENIX Secur Sympos 2:2","journal-title":"USENIX Secur Sympos"},{"key":"10489_CR18","doi-asserted-by":"crossref","unstructured":"Enck W, Ongtang M and McDaniel P (2009) On lightweight mobile phone application certification. In: Proceedings of the 16th ACM conference on Computer and communications security, pp 235\u2013245","DOI":"10.1145\/1653662.1653691"},{"issue":"3","key":"10489_CR19","doi-asserted-by":"publisher","first-page":"252","DOI":"10.1109\/TDSC.2013.58","volume":"11","author":"CS Gates","year":"2013","unstructured":"Gates CS, Chen J, Li N, Proctor RW (2013) Effective risk communication for android apps. IEEE Trans Dependable Secure Comput 11(3):252\u2013265","journal-title":"IEEE Trans Dependable Secure Comput"},{"issue":"3","key":"10489_CR20","doi-asserted-by":"publisher","first-page":"238","DOI":"10.1109\/TDSC.2014.2302293","volume":"11","author":"CS Gates","year":"2014","unstructured":"Gates CS, Li N, Peng H, Sarma B, Qi Y, Potharaju R, Molloy I (2014) Generating summary risk scores for mobile applications. Dependable Secure Comput IEEE Trans 11(3):238\u2013251","journal-title":"Dependable Secure Comput IEEE Trans"},{"key":"10489_CR21","doi-asserted-by":"crossref","unstructured":"Gavrilu C, Drago, Mihai, Anton D and Ciortuz L (2009) Malware detection using machine learning. Computer Science and Information Technology 2009. IMCSIT\u201909. Int. Multiconference, pp 735\u2013741","DOI":"10.1109\/IMCSIT.2009.5352759"},{"key":"10489_CR22","doi-asserted-by":"publisher","first-page":"192","DOI":"10.1016\/j.cose.2014.10.005","volume":"49","author":"D Geneiatakis","year":"2015","unstructured":"Geneiatakis D, Fovino IN, Kounelis I, Stirparo P (2015) A permission verification approach for android mobile applications. Comput Secur 49:192\u2013205","journal-title":"Comput Secur"},{"key":"10489_CR23","doi-asserted-by":"crossref","unstructured":"Gunalakshmii S and Ezhumalai P (2014) Mobile keylogger detection using machine learning technique. In: Proceedings of IEEE International Conference on Computer Communication and System. ICCCS14, no. November 2011, pp 051\u2013056","DOI":"10.1109\/ICCCS.2014.7068167"},{"key":"10489_CR24","doi-asserted-by":"crossref","unstructured":"Hatcher WG, Maloney D and Yu W (2016) Machine learning-based mobile threat monitoring and detection. In: 2016 IEEE\/ACIS 14th International Conference of Software Engineering Research of Management Appllication. SERA 2016, pp 67\u201373","DOI":"10.1109\/SERA.2016.7516130"},{"key":"10489_CR25","doi-asserted-by":"publisher","first-page":"100","DOI":"10.1016\/j.iotcps.2023.03.001","volume":"3","author":"R Islam","year":"2023","unstructured":"Islam R, Sayed MI, Saha S, Hossain MJ, Masud MA (2023) Android malware classification using optimum feature selection and ensemble machine learning. Internet Things Cyber-Phys Syst 3:100\u2013111","journal-title":"Internet Things Cyber-Phys Syst"},{"key":"10489_CR26","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2022.117833","volume":"206","author":"AT Kabakus","year":"2022","unstructured":"Kabakus AT (2022) DroidMalwareDetector: a novel Android malware detection framework based on convolutional neural network. Expert Syst Appl 206:117833","journal-title":"Expert Syst Appl"},{"issue":"1","key":"10489_CR27","doi-asserted-by":"publisher","first-page":"653","DOI":"10.1109\/JSYST.2019.2906120","volume":"14","author":"H Li","year":"2019","unstructured":"Li H, Zhou S, Yuan W, Li J, Leung H (2019) Adversarial-example attacks toward android malware detection system. IEEE Syst J 14(1):653\u2013656","journal-title":"IEEE Syst J"},{"key":"10489_CR28","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1016\/j.neucom.2022.08.029","volume":"508","author":"L Li","year":"2022","unstructured":"Li L, Chen X, Song C (2022) A robust clustering method with noise identification based on directed K-nearest neighbor graph. Neurocomputing 508:19\u201335","journal-title":"Neurocomputing"},{"key":"10489_CR29","doi-asserted-by":"crossref","unstructured":"Li H, Zhou S, Yuan W, Luo X, Gao C and Chen S (2021) Robust android malware detection against adversarial example attacks. In: Proceedings of the Web Conference, pp 3603\u20133612","DOI":"10.1145\/3442381.3450044"},{"key":"10489_CR30","doi-asserted-by":"crossref","unstructured":"Merlo A & Georgiu GC (2017) Riskindroid: Machine learning-based risk analysis on android. In: ICT Systems Security and Privacy Protection: 32nd IFIP TC 11 International Conference, SEC 2017, Rome, Italy, May 29\u201331, 2017, Proceedings 32 (pp 538\u2013552). Springer International Publishing","DOI":"10.1007\/978-3-319-58469-0_36"},{"key":"10489_CR31","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102833","volume":"121","author":"A Muzaffar","year":"2022","unstructured":"Muzaffar A, Hassen HR, Lones MA, Zantout H (2022) An in-depth review of machine learning based android malware detection. Comput Secur 121:102833","journal-title":"Comput Secur"},{"key":"10489_CR32","doi-asserted-by":"crossref","unstructured":"Peng H, Gates C, Sarma B, Li N, Qi Y, Potharaju R, and Molloy I (2012) Using probabilistic generative models for ranking risks of android apps. In: Proceedings of the 2012 ACM conference on Computer and communications security, ACM, pp 241\u2013252","DOI":"10.1145\/2382196.2382224"},{"key":"10489_CR33","doi-asserted-by":"crossref","unstructured":"Rahali A, Lashkari AH, Kaur G, Taheri L, Gagnon F and Massicotte F (2020) Didroid: Android malware classification and characterization using deep image learning. In: 2020 The 10th international conference on communication and network security, pp 70\u201382","DOI":"10.1145\/3442520.3442522"},{"issue":"1","key":"10489_CR34","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1007\/s11416-023-00495-w","volume":"20","author":"HH Rahima Manzil","year":"2023","unstructured":"Rahima Manzil HH, Naik SM (2023) Android ransomware detection using a novel hamming distance based feature selection\u201d. J Comput Virol Hacking Tech 20(1):71\u201393","journal-title":"J Comput Virol Hacking Tech"},{"key":"10489_CR35","doi-asserted-by":"crossref","unstructured":"Rieck K, Holz T, Willems C, D\u00fcssel P and Laskov P (2008) Learning and classification of malware behavior. In: Detection of Intrusions and Malware, and Vulnerability Assessment, pp 108\u2013125","DOI":"10.1007\/978-3-540-70542-0_6"},{"key":"10489_CR36","doi-asserted-by":"crossref","unstructured":"Sahs J and Khan L (2012) A machine learning approach to android malware detection. In: 2012 European Intelligence and Security Informatics Conference pp 141\u2013147","DOI":"10.1109\/EISIC.2012.34"},{"key":"10489_CR37","doi-asserted-by":"crossref","unstructured":"Sarma BP, Li N, Gates C, Potharaju R, Nita-Rotaru C and Molloy I (2012) Android permissions: a perspective combining risks and benefits. In: Proceedings of the 17th ACM symposium on Access Control Models and Technologies, pp 13\u201322","DOI":"10.1145\/2295136.2295141"},{"key":"10489_CR38","doi-asserted-by":"crossref","unstructured":"Schmidt AD, Bye R, Schmidt HG, Clausen J, Kiraz O, Y\u00fcksel K, and Albayrak S (2009) Static analysis of executables for collaborative malware detection on android. In: Communications, 2009. ICC'09. IEEE International Conference on, pp 1\u20135","DOI":"10.1109\/ICC.2009.5199486"},{"key":"10489_CR39","doi-asserted-by":"crossref","unstructured":"Schultz MG, Eskin E, Zadok E and Stolfo SJ (2001) Data mining methods for detection of new malicious executables. In: Proceeding of 2001 IEEE Symposium Security Privacy p 38","DOI":"10.1109\/SECPRI.2001.924286"},{"key":"10489_CR40","doi-asserted-by":"crossref","unstructured":"Shabtai A and Elovici Y (2010) Applying behavioral detection on android-based devices. In: Mobile wireless middleware, operating systems, and applications, pp 235\u2013249","DOI":"10.1007\/978-3-642-17758-3_17"},{"key":"10489_CR41","doi-asserted-by":"crossref","unstructured":"Son HX, Carminati B, Ferrari E (2021) A risk assessment mechanism for android apps. In: 2021 IEEE International Conference on Smart Internet of Things (SmartIoT), pp 237\u2013244, IEEE","DOI":"10.1109\/SmartIoT52359.2021.00044"},{"key":"10489_CR42","doi-asserted-by":"crossref","unstructured":"Son HX, Carminati B, Ferrari E (2022) A risk estimation mechanism for android apps based on hybrid analysis. Data Science and Engineering, pp 1\u201311","DOI":"10.1007\/s41019-022-00189-1"},{"key":"10489_CR43","doi-asserted-by":"publisher","first-page":"230","DOI":"10.1016\/j.future.2019.11.034","volume":"105","author":"R Taheri","year":"2020","unstructured":"Taheri R, Ghahramani M, Javidan R, Shojafar M, Pooranian Z, Conti M (2020) Similarity-based Android malware detection using Hamming distance of static binary features. Futur Gener Comput Syst 105:230\u2013247","journal-title":"Futur Gener Comput Syst"},{"key":"10489_CR44","doi-asserted-by":"crossref","unstructured":"Wen L and Yu H (2017) An Android malware detection system based on machine learning, vol. 20136, pp 20136","DOI":"10.1063\/1.4992953"},{"key":"10489_CR45","doi-asserted-by":"publisher","DOI":"10.1155\/2021\/8896013","author":"Q Wu","year":"2021","unstructured":"Wu Q, Zhu X, Liu B (2021) A survey of android malware static detection technology based on machine learning. Mob Inf Syst. https:\/\/doi.org\/10.1155\/2021\/8896013","journal-title":"Mob Inf Syst"},{"key":"10489_CR46","doi-asserted-by":"crossref","unstructured":"Yang M, Wen Q (2016) Detecting android malware with intensive feature engineering. In: 2016 7th IEEE International Conference on Software Engineering and Service Science (ICSESS), pp 157\u2013161. IEEE","DOI":"10.1109\/ICSESS.2016.7883038"},{"key":"10489_CR47","doi-asserted-by":"crossref","unstructured":"Yerima SY, Sezer S and Muttik I (2014) Android Malware detection using parallel machine learning classifiers. In: 2014 Eighth International Conference of Next Generation of Mobile Apps, Services Technology, no. Ngmast, pp 37\u201342","DOI":"10.1109\/NGMAST.2014.23"},{"issue":"2","key":"10489_CR48","doi-asserted-by":"publisher","first-page":"453","DOI":"10.1109\/TCYB.2017.2777960","volume":"49","author":"SY Yerima","year":"2018","unstructured":"Yerima SY, Sezer S (2018) Droidfusion: a novel multilevel classifier fusion approach for android malware detection. IEEE Trans Cybern 49(2):453\u2013466","journal-title":"IEEE Trans Cybern"},{"key":"10489_CR49","doi-asserted-by":"publisher","DOI":"10.1016\/j.asoc.2020.107069","volume":"102","author":"N Zhang","year":"2021","unstructured":"Zhang N, Tan YA, Yang C, Li Y (2021) Deep learning feature exploration for android malware detection. Appl Soft Comput 102:107069","journal-title":"Appl Soft Comput"},{"key":"10489_CR50","doi-asserted-by":"crossref","unstructured":"Zhang X, Mathur A, Zhao L, Rahmat S, Niyaz Q, Javaid A and Yang X (2022) An early detection of android malware using system calls based machine learning model. In: Proceedings of the 17th International Conference on Availability, Reliability and Security, pp 1\u20139","DOI":"10.1145\/3538969.3544413"},{"issue":"4","key":"10489_CR51","first-page":"50","volume":"25","author":"Y Zhou","year":"2012","unstructured":"Zhou Y, Wang Z, Zhou W, Jiang X (2012) Hey, you, get off of my market: detecting malicious apps in official and alternative android markets. In NDSS 25(4):50\u201352","journal-title":"In NDSS"},{"key":"10489_CR52","doi-asserted-by":"crossref","unstructured":"Zhou Y and Jiang X (2012) Dissecting android malware: characterization and evolution. In: Security and Privacy (SP), 2012 IEEE Symposium on May 2012, pp 95\u2013109","DOI":"10.1109\/SP.2012.16"}],"container-title":["Soft Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s00500-025-10489-z.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s00500-025-10489-z\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s00500-025-10489-z.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,2,18]],"date-time":"2025-02-18T07:04:03Z","timestamp":1739862243000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s00500-025-10489-z"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,1]]},"references-count":52,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2025,1]]}},"alternative-id":["10489"],"URL":"https:\/\/doi.org\/10.1007\/s00500-025-10489-z","relation":{},"ISSN":["1432-7643","1433-7479"],"issn-type":[{"type":"print","value":"1432-7643"},{"type":"electronic","value":"1433-7479"}],"subject":[],"published":{"date-parts":[[2025,1]]},"assertion":[{"value":"18 October 2024","order":1,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"10 February 2025","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no known competing financial interests or personal relationship that could have appeared to influence the work reported in this paper.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Confilcr of interest"}},{"value":"Not applicable.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethical approval"}}]}}