{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,6]],"date-time":"2026-04-06T10:25:13Z","timestamp":1775471113878,"version":"3.50.1"},"reference-count":38,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2020,1,13]],"date-time":"2020-01-13T00:00:00Z","timestamp":1578873600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,1,13]],"date-time":"2020-01-13T00:00:00Z","timestamp":1578873600000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cluster Comput"],"published-print":{"date-parts":[[2020,12]]},"DOI":"10.1007\/s10586-019-03045-6","type":"journal-article","created":{"date-parts":[[2020,1,13]],"date-time":"2020-01-13T20:02:33Z","timestamp":1578945753000},"page":"2789-2808","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":43,"title":["SysDroid: a dynamic ML-based android malware analyzer using system call traces"],"prefix":"10.1007","volume":"23","author":[{"given":"A.","family":"Ananya","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"A.","family":"Aswathy","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"T. R.","family":"Amal","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"P. G.","family":"Swathy","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"P.","family":"Vinod","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3284-5086","authenticated-orcid":false,"given":"Shojafar","family":"Mohammad","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,1,13]]},"reference":[{"key":"3045_CR1","doi-asserted-by":"crossref","unstructured":"Aafer, Y., Du, W., Yin, H.: Droidapiminer: mining api-level features for robust malware detection in android. In: International Conference on Security and Privacy in Communication Systems, pp. 86\u2013103. Springer, Berlin (2013)","DOI":"10.1007\/978-3-319-04283-1_6"},{"issue":"1","key":"3045_CR2","doi-asserted-by":"publisher","first-page":"9","DOI":"10.1007\/s11416-014-0226-7","volume":"11","author":"VM Afonso","year":"2015","unstructured":"Afonso, V.M., de Amorim, M.F., Gr\u00e9gio, A.R.A., Junquera, G.B., de Geus, P.L.: Identifying android malware using dynamically obtained features. J. Comput. Virol. Hacking Tech. 11(1), 9\u201317 (2015)","journal-title":"J. Comput. Virol. Hacking Tech."},{"key":"3045_CR3","first-page":"23","volume":"14","author":"D Arp","year":"2014","unstructured":"Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K., Siemens, C.: Drebin: effective and explainable detection of android malware in your pocket. Ndss 14, 23\u201326 (2014)","journal-title":"Ndss"},{"key":"3045_CR4","doi-asserted-by":"publisher","first-page":"4321","DOI":"10.1109\/ACCESS.2018.2792941","volume":"6","author":"S Arshad","year":"2018","unstructured":"Arshad, S., Shah, M.A., Wahid, A., Mehmood, A., Song, H., Yu, H.: Samadroid: a novel 3-level hybrid malware detection model for android operating system. IEEE Access 6, 4321\u20134339 (2018)","journal-title":"IEEE Access"},{"key":"3045_CR5","first-page":"46","volume":"42","author":"S Bhandari","year":"2018","unstructured":"Bhandari, S., Panihar, R., Naval, S., Laxmi, V., Zemmari, A., Gaur, M.S.: Sword: semantic aware android malware detector. J. Inf. Secur. Appl. 42, 46\u201356 (2018)","journal-title":"J. Inf. Secur. Appl."},{"key":"3045_CR6","doi-asserted-by":"crossref","unstructured":"Biggio, B., Corona, I., Maiorca, D., Nelson, B., \u0160rndi\u0107, N., Laskov, P., Giacinto, G., Roli, F.: Evasion attacks against machine learning at test time. In: Joint European Conference on Machine Learning and Knowledge Discovery in Databases, pp. 387\u2013402. Springer, Berlin (2013)","DOI":"10.1007\/978-3-642-40994-3_25"},{"issue":"1","key":"3045_CR7","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1023\/A:1010933404324","volume":"45","author":"L Breiman","year":"2001","unstructured":"Breiman, L.: Random forests. Mach. Learn. 45(1), 5\u201332 (2001)","journal-title":"Mach. Learn."},{"key":"3045_CR8","doi-asserted-by":"crossref","unstructured":"Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 15\u201326. ACM (2011)","DOI":"10.1145\/2046614.2046619"},{"key":"3045_CR9","unstructured":"Cyber security facts and statistics for 2019. https:\/\/us.norton.com\/internetsecurity-emerging-threats-10-facts-\/about-todays-cybersecurity-landscape-that\/-you-should-know.html (2019). Accessed 10 Aug 2019"},{"key":"3045_CR10","doi-asserted-by":"crossref","unstructured":"Cao, Y., Yang, J.: Towards making systems forget with machine unlearning. In: 2015 IEEE Symposium on Security and Privacy, pp. 463\u2013480. IEEE (2015)","DOI":"10.1109\/SP.2015.35"},{"key":"3045_CR11","doi-asserted-by":"crossref","unstructured":"Chen, L., Hou, S., Ye, Y., Chen, L.: An adversarial machine learning model against android malware evasion attacks. In: Asia-Pacific Web (APWeb) and Web-Age Information Management (WAIM) Joint Conference on Web and Big Data, pp. 43\u201355. Springer, Berlin (2017)","DOI":"10.1007\/978-3-319-69781-9_5"},{"key":"3045_CR12","doi-asserted-by":"publisher","first-page":"326","DOI":"10.1016\/j.cose.2017.11.007","volume":"73","author":"S Chen","year":"2018","unstructured":"Chen, S., Xue, M., Fan, L., Hao, S., Xu, L., Zhu, H., Li, B.: Automated poisoning attacks and defenses in malware detection systems: an adversarial machine learning approach. Comput. Secur. 73, 326\u2013344 (2018)","journal-title":"Comput. Secur."},{"key":"3045_CR13","doi-asserted-by":"crossref","unstructured":"Chen, T., Guestrin, C.: Xgboost: a scalable tree boosting system. In: Proceedings of the 22nd ACM SIQKDD International Conference on Knowledge Discovery and Data Mining, pp. 785\u2013794. ACM (2016)","DOI":"10.1145\/2939672.2939785"},{"key":"3045_CR14","doi-asserted-by":"crossref","unstructured":"Grosse, K., Papernot, N., Manoharan, P., Backes, M., McDaniel, P.: Adversarial examples for malware detection. In: European Symposium on Research in Computer Security, pp. 62\u201379. Springer, Berlin (2017)","DOI":"10.1007\/978-3-319-66399-9_4"},{"key":"3045_CR15","doi-asserted-by":"publisher","first-page":"208","DOI":"10.1016\/j.cose.2019.02.007","volume":"83","author":"W Han","year":"2019","unstructured":"Han, W., Xue, J., Wang, Y., Huang, L., Kong, Z., Mao, L.: Maldae: detecting and explaining malware based on correlation and fusion of static and dynamic characteristics. Comput. Secur. 83, 208\u2013233 (2019)","journal-title":"Comput. Secur."},{"key":"3045_CR16","doi-asserted-by":"publisher","DOI":"10.1002\/9781118548387","volume-title":"Applied Logistic Regression","author":"DW Hosmer Jr","year":"2013","unstructured":"Hosmer Jr., D.W., Lemeshow, S., Sturdivant, R.X.: Applied Logistic Regression, vol. 398. Wiley, New York (2013)"},{"key":"3045_CR17","doi-asserted-by":"crossref","unstructured":"Hou, S., Saas, A., Chen, L., Ye, Y.: Deep4maldroid: a deep learning framework for android malware detection based on linux kernel system call graphs. In: 2016 IEEE\/WIC\/ACM International Conference on Web Intelligence Workshops (WIW), pp. 104\u2013111. IEEE (2016)","DOI":"10.1109\/WIW.2016.040"},{"key":"3045_CR18","doi-asserted-by":"crossref","unstructured":"Hou, S., Saas, A., Ye, Y., Chen, L.: Droiddelver: an android malware detection system using deep belief network based on API call blocks. In: International Conference on Web-Age Information Management, pp. 54\u201366. Springer, Berlin (2016)","DOI":"10.1007\/978-3-319-47121-1_5"},{"key":"3045_CR19","doi-asserted-by":"crossref","unstructured":"Hou, S., Ye, Y., Song, Y., Abdulhayoglu, M.: Hindroid: an intelligent android malware detection system based on structured heterogeneous information network. In: Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1507\u20131515. ACM (2017)","DOI":"10.1145\/3097983.3098026"},{"issue":"11","key":"3045_CR20","doi-asserted-by":"publisher","first-page":"958","DOI":"10.1139\/y00-063","volume":"78","author":"H Ishibashi","year":"2000","unstructured":"Ishibashi, H., Hihara, S., Iriki, A.: Acquisition and development of monkey tool-use: behavioral and kinematic analyses. Can. J. Physiol. Pharmacol. 78(11), 958\u2013966 (2000)","journal-title":"Can. J. Physiol. Pharmacol."},{"key":"3045_CR21","doi-asserted-by":"crossref","unstructured":"Largeron, C., Moulin, C., G\u00e9ry, M.: Entropy based feature selection for text categorization. In: Proceedings of the 2011 ACM Symposium on Applied Computing, pp. 924\u2013928. ACM (2011)","DOI":"10.1145\/1982185.1982389"},{"key":"3045_CR22","unstructured":"Mobile malware evolution 2019. https:\/\/securelist.com\/mobile-malware-evolution-2018\/89689\/ (2019). Accessed 10 Aug 2019"},{"key":"3045_CR23","unstructured":"Michael, S., Florian, E., Thomas, S., Felix, C.F., Hoffmann, J.: Mobilesandbox: looking deeper into android applications. In: Proceedings of the 28th International ACM Symposium on Applied Computing (SAC) (2013)"},{"key":"3045_CR24","unstructured":"Naway, A., Li, Y.: A review on the use of deep learning in android malware detection. arXiv preprint arXiv:1812.10360 (2018)"},{"key":"3045_CR25","doi-asserted-by":"crossref","unstructured":"Roundy, K.A., Miller, B.P.: Hybrid analysis and control of malware. In: International Workshop on Recent Advances in Intrusion Detection, pp. 317\u2013338. Springer, Berlin (2010)","DOI":"10.1007\/978-3-642-15512-3_17"},{"issue":"3","key":"3045_CR26","doi-asserted-by":"publisher","first-page":"660","DOI":"10.1109\/21.97458","volume":"21","author":"SR Safavian","year":"1991","unstructured":"Safavian, S.R., Landgrebe, D.: A survey of decision tree classifier methodology. IEEE Trans. Syst. Man Cybern. 21(3), 660\u2013674 (1991)","journal-title":"IEEE Trans. Syst. Man Cybern."},{"issue":"9","key":"3045_CR27","first-page":"317","volume":"2","author":"I Santos","year":"2009","unstructured":"Santos, I., Penya, Y.K., Devesa, J., Bringas, P.G.: N-grams-based file signatures for malware detection. ICEIS 2(9), 317\u2013320 (2009)","journal-title":"ICEIS"},{"issue":"1","key":"3045_CR28","first-page":"1929","volume":"15","author":"N Srivastava","year":"2014","unstructured":"Srivastava, N., Hinton, G., Krizhevsky, A., Sutskever, I., Salakhutdinov, R.: Dropout: a simple way to prevent neural networks from overfitting. J. Mach. Learn. Res. 15(1), 1929\u20131958 (2014)","journal-title":"J. Mach. Learn. Res."},{"key":"3045_CR29","unstructured":"Suciu, O., Marginean, R., Kaya, Y., Daume\u00a0III, H., Dumitras, T.: When does machine learning FAIL? Generalized transferability for evasion and poisoning attacks. In: 27th USENIX Security Symposium (USENIX Security 18), pp. 1299\u20131316 (2018)"},{"key":"3045_CR30","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1016\/j.jpdc.2016.10.012","volume":"103","author":"F Tong","year":"2017","unstructured":"Tong, F., Yan, Z.: A hybrid approach of mobile malware detection in android. J. Parallel Distrib. Comput. 103, 22\u201331 (2017)","journal-title":"J. Parallel Distrib. Comput."},{"key":"3045_CR31","doi-asserted-by":"crossref","unstructured":"Virustotal. http:\/\/virustotal.com\/ (2019). Accessed 10 Aug 2019","DOI":"10.5962\/p.385260"},{"issue":"8","key":"3045_CR32","doi-asserted-by":"publisher","first-page":"3035","DOI":"10.1007\/s12652-018-0803-6","volume":"10","author":"W Wang","year":"2019","unstructured":"Wang, W., Zhao, M., Wang, J.: Effective android malware detection with a hybrid model based on deep autoencoder and convolutional neural network. J. Ambient Intell. Humaniz. Comput. 10(8), 3035\u20133043 (2019)","journal-title":"J. Ambient Intell. Humaniz. Comput."},{"key":"3045_CR33","unstructured":"Yang, Y., Shen, H.T., Ma, Z., Huang, Z., Zhou, X.: L2, 1-norm regularized discriminative feature selection for unsupervised. In: Twenty-Second International Joint Conference on Artificial Intelligence (2011)"},{"issue":"1","key":"3045_CR34","doi-asserted-by":"publisher","first-page":"114","DOI":"10.1109\/TST.2016.7399288","volume":"21","author":"Z Yuan","year":"2016","unstructured":"Yuan, Z., Lu, Y., Xue, Y.: Droiddetector: android malware characterization and detection using deep learning. Tsinghua Sci. Technol. 21(1), 114\u2013123 (2016)","journal-title":"Tsinghua Sci. Technol."},{"issue":"1","key":"3045_CR35","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1186\/s42400-018-0010-y","volume":"1","author":"J Zhang","year":"2018","unstructured":"Zhang, J., Zhang, K., Qin, Z., Yin, H., Wu, Q.: Sensitive system calls based packed malware variants detection using principal component initialized multilayers neural networks. Cybersecurity 1(1), 10 (2018)","journal-title":"Cybersecurity"},{"issue":"1","key":"3045_CR36","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1145\/1007730.1007741","volume":"6","author":"Z Zheng","year":"2004","unstructured":"Zheng, Z., Wu, X., Srihari, R.: Feature selection for text categorization on imbalanced data. ACM SIGKDD Explor. Newslett. 6(1), 80\u201389 (2004)","journal-title":"ACM SIGKDD Explor. Newslett."},{"key":"3045_CR37","doi-asserted-by":"crossref","unstructured":"Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: 2012 IEEE Symposium on Security and Privacy, pp. 95\u2013109. IEEE (2012)","DOI":"10.1109\/SP.2012.16"},{"key":"3045_CR38","unstructured":"9apps: Andriod app website. https:\/\/www.9apps.com\/ (2019). Accessed 10 Aug 2019"}],"container-title":["Cluster Computing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10586-019-03045-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10586-019-03045-6\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10586-019-03045-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,30]],"date-time":"2024-07-30T02:08:10Z","timestamp":1722305290000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10586-019-03045-6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,1,13]]},"references-count":38,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2020,12]]}},"alternative-id":["3045"],"URL":"https:\/\/doi.org\/10.1007\/s10586-019-03045-6","relation":{},"ISSN":["1386-7857","1573-7543"],"issn-type":[{"value":"1386-7857","type":"print"},{"value":"1573-7543","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,1,13]]},"assertion":[{"value":"10 August 2019","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"29 November 2019","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"31 December 2019","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"13 January 2020","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Compliance with ethical standards"}},{"value":"There is no conflict of interest for the paper.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflicts of interest"}}]}}