{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,26]],"date-time":"2026-02-26T15:26:26Z","timestamp":1772119586142,"version":"3.50.1"},"reference-count":60,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2024,11,12]],"date-time":"2024-11-12T00:00:00Z","timestamp":1731369600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2024,11,12]],"date-time":"2024-11-12T00:00:00Z","timestamp":1731369600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/100010061","name":"University of Waikato","doi-asserted-by":"crossref","id":[{"id":"10.13039\/100010061","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Discrete Event Dyn Syst"],"published-print":{"date-parts":[[2024,12]]},"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>\n                    This paper proposes a finite-state machine based approach to recognise crypto ransomware based on their behaviour. Malicious and benign Android applications are executed to capture the system calls they generate, which are then filtered and tokenised and converted to finite-state machines. The finite-state machines are simplified using\n                    <jats:italic>supervisor reduction<\/jats:italic>\n                    , which generalises the behavioural patterns and produces compact classification models. The classification models can be implemented in a lightweight monitoring system to detect malicious behaviour of running applications quickly. An extensive set of cross validation experiments is carried out to demonstrate the viability of the approach, which show that ransomware can be classified accurately with an F1\u00a0score of up to\u00a093.8%.\n                  <\/jats:p>","DOI":"10.1007\/s10626-024-00406-1","type":"journal-article","created":{"date-parts":[[2024,11,12]],"date-time":"2024-11-12T02:10:48Z","timestamp":1731377448000},"page":"539-571","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Automatic detection of Android crypto ransomware using supervisor reduction"],"prefix":"10.1007","volume":"34","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2149-2641","authenticated-orcid":false,"given":"Christopher Jun Wen","family":"Chew","sequence":"first","affiliation":[]},{"given":"Robi","family":"Malik","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4955-3058","authenticated-orcid":false,"given":"Vimal","family":"Kumar","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1366-9411","authenticated-orcid":false,"given":"Panos","family":"Patros","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,11,12]]},"reference":[{"key":"406_CR1","doi-asserted-by":"publisher","unstructured":"Aafer Y, Du W, Yin H (2013) DroidAPIMiner: mining API-level features for robust malware detection in Android. In: Zia T, Zomaya A, Varadharajan V et\u00a0al (eds) Security and privacy in communication networks, LNICST, vol 127. Springer International Publishing, pp 86\u2013103. https:\/\/doi.org\/10.1007\/978-3-319-04283-1_6","DOI":"10.1007\/978-3-319-04283-1_6"},{"key":"406_CR2","doi-asserted-by":"publisher","unstructured":"\u00c5kesson K, Fabian M, Flordal H et\u00a0al (2006) Supremica\u2014an integrated environment for verification, synthesis and simulation of discrete event systems. In: 8th International workshop on discrete event systems. IEEE, pp 384\u2013385. https:\/\/doi.org\/10.1109\/WODES.2006.382401","DOI":"10.1109\/WODES.2006.382401"},{"key":"406_CR3","doi-asserted-by":"publisher","first-page":"230","DOI":"10.1016\/j.cose.2016.11.011","volume":"65","author":"S Alam","year":"2017","unstructured":"Alam S, Qu Z, Riley R et al (2017) DroidNative: automating and optimizing detection of Android native code malware variants. Computers & Security 65:230\u2013246. https:\/\/doi.org\/10.1016\/j.cose.2016.11.011","journal-title":"Computers & Security"},{"key":"406_CR4","doi-asserted-by":"publisher","first-page":"144","DOI":"10.1016\/j.cose.2018.01.001","volume":"74","author":"BAS Al-rimy","year":"2018","unstructured":"Al-rimy BAS, Maarof MA, Shaid SZM (2018) Ransomware threat success factors, taxonomy, and countermeasures: a survey and research directions. Computers & Security 74:144\u2013166. https:\/\/doi.org\/10.1016\/j.cose.2018.01.001","journal-title":"Computers & Security"},{"key":"406_CR5","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102670","volume":"116","author":"E Amer","year":"2022","unstructured":"Amer E, El-Sappagh S (2022) Robust deep learning early alarm prediction model based on the behavioural smell for android malware. Computers & Security 116:102670. https:\/\/doi.org\/10.1016\/j.cose.2022.102670","journal-title":"Computers & Security"},{"key":"406_CR6","first-page":"1","volume":"2017","author":"HS Anderson","year":"2017","unstructured":"Anderson HS, Kharkar A, Filar B et al (2017) Evading machine learning malware detection. Black Hat 2017:1\u20136","journal-title":"Black Hat"},{"key":"406_CR7","doi-asserted-by":"publisher","unstructured":"Andronio N, Zanero S, Maggi F (2015) HelDroid: dissecting and detecting mobile ransomware. In: Bos H, Monrose F, Blanc G (eds) RAID 2015: research in attacks, intrusions, and defenses, LNCS, vol 9404. Springer International Publishing, pp 382\u2013404. https:\/\/doi.org\/10.1007\/978-3-319-26362-5_18","DOI":"10.1007\/978-3-319-26362-5_18"},{"key":"406_CR8","unstructured":"APKPure (n.d.) APKPure. https:\/\/apkpure.com\/"},{"issue":"2","key":"406_CR9","first-page":"48","volume":"6","author":"S Aurangzeb","year":"2017","unstructured":"Aurangzeb S, Aleem M, Iqbal MA et al (2017) Ransomware: a survey and trends. J Inf Assurance Secur 6(2):48\u201358","journal-title":"J Inf Assurance Secur"},{"key":"406_CR10","doi-asserted-by":"publisher","unstructured":"Bakour K, \u00dcnver HM, Ghanem R (2018) The Android malware static analysis: techniques, limitations, and open challenges. In: 2018 3rd International conference on computer science and engineering (UBMK). IEEE Computer Society, pp 586\u2013593. https:\/\/doi.org\/10.1109\/UBMK.2018.8566573","DOI":"10.1109\/UBMK.2018.8566573"},{"key":"406_CR11","doi-asserted-by":"publisher","unstructured":"Beaucamps P, Gnaedig I, Marion JY (2010) Behavior abstraction in malware analysis. In: International conference on runtime verification, LNCS, vol 6418. Springer International Publishing, pp 168\u2013182. https:\/\/doi.org\/10.1007\/978-3-642-16612-9_14","DOI":"10.1007\/978-3-642-16612-9_14"},{"key":"406_CR12","doi-asserted-by":"publisher","first-page":"46","DOI":"10.1016\/j.jisa.2018.07.003","volume":"42","author":"S Bhandari","year":"2018","unstructured":"Bhandari S, Panihar R, Naval S et al (2018) SWORD: semantic aWare andrOid malwaRe Detector. J Inf Secur Appl 42:46\u201356. https:\/\/doi.org\/10.1016\/j.jisa.2018.07.003","journal-title":"J Inf Secur Appl"},{"key":"406_CR13","doi-asserted-by":"publisher","first-page":"57","DOI":"10.1016\/j.engappai.2016.12.008","volume":"60","author":"SM Bidoki","year":"2017","unstructured":"Bidoki SM, Jalili S, Tajoddin A (2017) PbMMD: a novel policy based multi-process malware detection. Eng Appl Artif Intell 60:57\u201370. https:\/\/doi.org\/10.1016\/j.engappai.2016.12.008","journal-title":"Eng Appl Artif Intell"},{"key":"406_CR14","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-319-20496-3","volume-title":"Supervisor localization: a top-down approach to distributed control of discrete-event systems, LNCS,","author":"K Cai","year":"2016","unstructured":"Cai K, Wonham WM (2016) Supervisor localization: a top-down approach to distributed control of discrete-event systems, LNCS, vol 459. Springer"},{"key":"406_CR15","doi-asserted-by":"publisher","unstructured":"Chen J, Wang C, Zhao Z et al (2018) Uncovering the face of Android ransomware: characterization and real-time detection. IEEE Trans Inf Forensics Secur 13(5):1286\u20131300. https:\/\/doi.org\/10.1109\/TIFS.2017.2787905","DOI":"10.1109\/TIFS.2017.2787905"},{"key":"406_CR16","unstructured":"Chew CJW (2023) Behaviour-based classification of encryption-type ransomware using system calls. PhD thesis, University of Waikato. https:\/\/hdl.handle.net\/10289\/15958"},{"key":"406_CR17","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-024-00819-x","author":"CJW Chew","year":"2024","unstructured":"Chew CJW, Kumar V, Patros P et al (2024) Real-time system call-based ransomware detection. Int J Inf Secur. https:\/\/doi.org\/10.1007\/s10207-024-00819-x","journal-title":"Int J Inf Secur"},{"key":"406_CR18","doi-asserted-by":"publisher","unstructured":"Du S, Zhu P, Hua J et al (2021) An empirical analysis of hazardous uses of Android shared storage. IEEE Trans Dependable Secure Comput 18(1):340\u2013355. https:\/\/doi.org\/10.1109\/TDSC.2018.2889486","DOI":"10.1109\/TDSC.2018.2889486"},{"key":"406_CR19","doi-asserted-by":"publisher","unstructured":"Enck W, Gilbert P, Han S et\u00a0al (2014) TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans Comput Syst 32(2). https:\/\/doi.org\/10.1145\/2619091","DOI":"10.1145\/2619091"},{"key":"406_CR20","doi-asserted-by":"publisher","first-page":"48867","DOI":"10.1109\/ACCESS.2019.2908033","volume":"7","author":"Z Fang","year":"2019","unstructured":"Fang Z, Wang J, Li B et al (2019) Evading anti-malware engines with deep reinforcement learning. IEEE Access 7:48867\u201348879. https:\/\/doi.org\/10.1109\/ACCESS.2019.2908033","journal-title":"IEEE Access"},{"key":"406_CR21","doi-asserted-by":"publisher","unstructured":"Ferrante A, Malek M, Martinelli F et\u00a0al (2018) Extinguishing ransomware \u2013 a hybrid approach to Android ransomware detection. In: Imine A, Fernandez JM, Marion JY et\u00a0al (eds) Foundations and practice of security. Springer International Publishing, Cham, pp 242\u2013258. https:\/\/doi.org\/10.1007\/978-3-319-75650-9_16","DOI":"10.1007\/978-3-319-75650-9_16"},{"key":"406_CR22","doi-asserted-by":"publisher","unstructured":"Gharib A, Ghorbani A (2017) DNA-Droid: a real-time Android ransomware detection framework. In: Yan Z, Molva R, Mazurczyk W et\u00a0al (eds) Network and system security, LNCS, vol 10394. Springer International Publishing, pp 184\u2013198. https:\/\/doi.org\/10.1007\/978-3-319-64701-2_14","DOI":"10.1007\/978-3-319-64701-2_14"},{"key":"406_CR23","doi-asserted-by":"publisher","unstructured":"Gonzalez D, Hayajneh T (2017) Detection and prevention of crypto-ansomware. In: 2017 IEEE 8th Annual ubiquitous computing, electronics and mobile communication conference (UEMCON). IEEE Computer Society, pp 472\u2013478. https:\/\/doi.org\/10.1109\/UEMCON.2017.8249052","DOI":"10.1109\/UEMCON.2017.8249052"},{"key":"406_CR24","unstructured":"Google (2020a) Android Debug Bridge (adb). https:\/\/developer.android.com\/studio\/command-line\/adb"},{"key":"406_CR25","unstructured":"Google (2020b) UI\/Application Exerciser Monkey. https:\/\/developer.android.com\/studio\/test\/monkey"},{"key":"406_CR26","unstructured":"Google (2021) Meet Android Studio. https:\/\/developer.android.com\/studio\/intro"},{"key":"406_CR27","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2022.117200","volume":"206","author":"A Guerra-Manzanares","year":"2022","unstructured":"Guerra-Manzanares A, Luckner M, Bahsi H (2022) Android malware concept drift using system calls: detection, characterization and challenges. Expert Syst Appl 206:117200. https:\/\/doi.org\/10.1016\/j.eswa.2022.117200","journal-title":"Expert Syst Appl"},{"key":"406_CR28","volume-title":"Communicating Sequential Processes","author":"CAR Hoare","year":"1985","unstructured":"Hoare CAR (1985) Communicating Sequential Processes. Prentice-Hall"},{"key":"406_CR29","volume-title":"Introduction to automata theory, languages, and computation","author":"JE Hopcroft","year":"2001","unstructured":"Hopcroft JE, Motwani R, Ullman JD (2001) Introduction to automata theory, languages, and computation, 2nd edn. Addison-Wesley, Boston","edition":"2"},{"key":"406_CR30","doi-asserted-by":"publisher","unstructured":"Hou S, Saas A, Chen L et\u00a0al (2016) Deep4MalDroid: a deep learning framework for Android malware detection based on Linux kernel system call graphs. In: 2016 IEEE\/WIC\/ACM international conference on Web Intelligence Workshops (WIW), pp 104\u2013111. https:\/\/doi.org\/10.1109\/WIW.2016.040","DOI":"10.1109\/WIW.2016.040"},{"issue":"2","key":"406_CR31","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1186\/s40163-019-0097-9","volume":"8","author":"G Hull","year":"2019","unstructured":"Hull G, John H, Arief B (2019) Ransomware deployment methods and analysis: views from a predictive model and human responses. Crime Sci 8(2):22. https:\/\/doi.org\/10.1186\/s40163-019-0097-9","journal-title":"Crime Sci"},{"issue":"1","key":"406_CR32","doi-asserted-by":"publisher","first-page":"105","DOI":"10.1016\/j.eij.2020.05.003","volume":"22","author":"M Humayun","year":"2021","unstructured":"Humayun M, Jhanjhi N, Alsayat A et al (2021) Internet of things and ransomware: evolution, mitigation and prevention. Egyptian Informatics J 22(1):105\u2013117. https:\/\/doi.org\/10.1016\/j.eij.2020.05.003","journal-title":"Egyptian Informatics J"},{"key":"406_CR33","doi-asserted-by":"publisher","unstructured":"Islam R, Altas I (2012) A comparative study of malware family classification. In: International conference on information and communications security, LNCS, vol 7618. Springer International Publishing, pp 488\u2013496. https:\/\/doi.org\/10.1007\/978-3-642-34129-8_48","DOI":"10.1007\/978-3-642-34129-8_48"},{"key":"406_CR34","doi-asserted-by":"publisher","unstructured":"Isohara T, Takemori K, Kubota A (2011) Kernel-based behavior analysis for Android malware detection. In: 2011 Seventh international conference on computational intelligence and security. IEEE Computer Society, pp 1011\u20131015. https:\/\/doi.org\/10.1109\/CIS.2011.226","DOI":"10.1109\/CIS.2011.226"},{"key":"406_CR35","unstructured":"Kharaz A, Arshad S, Mulliner C et\u00a0al (2016) UNVEIL: a large-scale, automated approach to detecting ransomware. In: 25th USENIX security symposium (USENIX Security 16). USENIX Association, pp 757\u2013772. https:\/\/www.usenix.org\/conference\/usenixsecurity16\/technical-sessions\/presentation\/kharaz"},{"key":"406_CR36","doi-asserted-by":"publisher","unstructured":"Ko JS, Jo JS, Kim DH et\u00a0al (2019) Real time Android ransomware detection by analyzed Android applications. In: 2019 International Conference on Electronics, Information, and Communication (ICEIC). IEEE Computer Society. https:\/\/doi.org\/10.23919\/ELINFOCOM.2019.8706349","DOI":"10.23919\/ELINFOCOM.2019.8706349"},{"key":"406_CR37","unstructured":"Kok S, Abdullah A, Jhanjhi N et\u00a0al (2019) Ransomware, threat and detection techniques: a review. Int J Comput Sci Netw Secur 19(2):136\u2013146. http:\/\/paper.ijcsns.org\/07_book\/201902\/20190217.pdf"},{"key":"406_CR38","unstructured":"Koodous (2022) Collective intelligence against Android malware. https:\/\/koodous.com\/"},{"key":"406_CR39","doi-asserted-by":"publisher","unstructured":"Kumar PR, Ramlie HREBH (2021) Anatomy of ransomware: attack stages, patterns and handling techniques. In: Suhaili WSH, Siau NZ, Omar S et\u00a0al (eds) Computational intelligence in information systems, AISC, vol 1321. Springer International Publishing, pp 205\u2013214. https:\/\/doi.org\/10.1007\/978-3-030-68133-3_20","DOI":"10.1007\/978-3-030-68133-3_20"},{"issue":"1","key":"406_CR40","doi-asserted-by":"publisher","first-page":"38","DOI":"10.1049\/ise2.12004","volume":"15","author":"Y Lemmou","year":"2021","unstructured":"Lemmou Y, Lanet JL, Souidi EM (2021) A behavioural in-depth analysis of ransomware infection. IET Inf Secur 15(1):38\u201358. https:\/\/doi.org\/10.1049\/ise2.12004","journal-title":"IET Inf Secur"},{"key":"406_CR41","unstructured":"Levin DV (2020) Strace. https:\/\/strace.io\/"},{"key":"406_CR42","doi-asserted-by":"publisher","first-page":"67","DOI":"10.1016\/j.infsof.2017.04.001","volume":"88","author":"L Li","year":"2017","unstructured":"Li L, Bissyand\u00e9 TF, Papadakis M et al (2017) Static analysis of android apps: a systematic literature review. Inf Softw Technol 88:67\u201395. https:\/\/doi.org\/10.1016\/j.infsof.2017.04.001","journal-title":"Inf Softw Technol"},{"key":"406_CR43","doi-asserted-by":"publisher","unstructured":"Maiorca D, Mercaldo F, Giacinto G et\u00a0al (2017) R-PackDroid: API package-based characterization and detection of mobile ransomware. In: SAC\u00a0\u201917: Proceedings of the symposium on applied computing. Association for Computing Machinery, pp 1718\u20131723. https:\/\/doi.org\/10.1145\/3019612.3019793","DOI":"10.1145\/3019612.3019793"},{"key":"406_CR44","doi-asserted-by":"publisher","unstructured":"Malik R (2020) Supervisor reduction by hiding events. IFAC PapersOnLine 53-6:1\u20136. https:\/\/doi.org\/10.1016\/j.ifacol.2023.01.001","DOI":"10.1016\/j.ifacol.2023.01.001"},{"key":"406_CR45","doi-asserted-by":"publisher","DOI":"10.1201\/9781420067194","volume-title":"Machine learning: an algorithmic perspective","author":"S Marsland","year":"2011","unstructured":"Marsland S (2011) Machine learning: an algorithmic perspective. Chapman and Hall\/CRC, New York, USA"},{"key":"406_CR46","doi-asserted-by":"publisher","unstructured":"Onwuzurike L, Mariconti E, Andriotis P et\u00a0al (2019) Mamadroid: detecting Android malware by building Markov chains of behavioral models (extended version). ACM Trans Priv Secur 22(2). https:\/\/doi.org\/10.1145\/3313391","DOI":"10.1145\/3313391"},{"key":"406_CR47","doi-asserted-by":"publisher","unstructured":"Paull MC, Unger SH (1959) Minimizing the number of states in incompletely specified sequential switching functions. IRE Trans Electronic Computers EC-8(3):356\u2013367. https:\/\/doi.org\/10.1109\/TEC.1959.5222697","DOI":"10.1109\/TEC.1959.5222697"},{"key":"406_CR48","unstructured":"Poireault K (2022) Global ransomware damages to exceed $30bn by 2023. Infosecurity Magazine. https:\/\/www.infosecurity-magazine.com\/news\/ransomware-exceed-30bn-dollars-2023\/"},{"issue":"1","key":"406_CR49","doi-asserted-by":"publisher","first-page":"81","DOI":"10.1109\/5.21072","volume":"77","author":"PJG Ramadge","year":"1989","unstructured":"Ramadge PJG, Wonham WM (1989) The control of discrete event systems. Proc IEEE 77(1):81\u201398. https:\/\/doi.org\/10.1109\/5.21072","journal-title":"Proc IEEE"},{"key":"406_CR50","doi-asserted-by":"publisher","unstructured":"Scalas M, Maiorca D, Mercaldo F et al (2019) On the effectiveness of system API-related information for Android ransomware detection. Computers & Security 86:168\u2013182. https:\/\/doi.org\/10.1016\/j.cose.2019.06.004","DOI":"10.1016\/j.cose.2019.06.004"},{"key":"406_CR51","doi-asserted-by":"publisher","unstructured":"Sekar R, Bendre M, Dhurjati D et\u00a0al (2000) A fast automaton-based method for detecting anomalous program behaviors. In: Proceedings 2001 IEEE symposium on security and privacy. S &P 2001. IEEE Computer Society, pp 144\u2013155. https:\/\/doi.org\/10.1109\/SECPRI.2001.924295","DOI":"10.1109\/SECPRI.2001.924295"},{"key":"406_CR52","doi-asserted-by":"publisher","unstructured":"Sharma S, Krishna CR, Kumar R (2021) RansomDroid: forensic analysis and detection of Android ransomware using unsupervised machine learning technique. Forensic Sci Int: Digital Investigation 37:301168. https:\/\/doi.org\/10.1016\/j.fsidi.2021.301168","DOI":"10.1016\/j.fsidi.2021.301168"},{"key":"406_CR53","doi-asserted-by":"publisher","unstructured":"Shinde R, Van\u00a0der Veeken P, Van\u00a0Schooten S et\u00a0al (2016) Ransomware: studying transfer and mitigation. In: 2016 International conference on computing, analytics and security trends (CAST). IEEE Computer Society, pp 90\u201395. https:\/\/doi.org\/10.1109\/CAST.2016.7914946","DOI":"10.1109\/CAST.2016.7914946"},{"key":"406_CR54","doi-asserted-by":"crossref","unstructured":"Sood G (2017) virustotal: R Client for the virustotal API. Virus Total. https:\/\/cran.r-project.org\/package=virustotal, r package version 0.2.1","DOI":"10.32614\/CRAN.package.virustotal"},{"issue":"1","key":"406_CR55","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1023\/B:DISC.0000005009.40749.b6","volume":"14","author":"R Su","year":"2004","unstructured":"Su R, Wonham WM (2004) Supervisor reduction for discrete-event systems. Discrete Event Dyn Syst 14(1):31\u201353. https:\/\/doi.org\/10.1023\/B:DISC.0000005009.40749.b6","journal-title":"Discrete Event Dyn Syst"},{"key":"406_CR56","doi-asserted-by":"publisher","unstructured":"Tam K, Khan SJ, Fattori A et\u00a0al (2015) CopperDroid: automatic reconstruction of Android malware behaviors. In: NDSS symposium 2015. Internet Society. https:\/\/doi.org\/10.14722\/ndss.2015.23145","DOI":"10.14722\/ndss.2015.23145"},{"issue":"2","key":"406_CR57","doi-asserted-by":"publisher","first-page":"475","DOI":"10.1080\/00207178608933613","volume":"44","author":"AF Vaz","year":"1986","unstructured":"Vaz AF, Wonham WM (1986) On supervisor reduction in discrete-event systems. Int J Control 44(2):475\u2013491. https:\/\/doi.org\/10.1080\/00207178608933613","journal-title":"Int J Control"},{"key":"406_CR58","unstructured":"Wyke J, Ajjan A (2015) The current state of ransomware. A SophosLabs Technical Paper"},{"key":"406_CR59","unstructured":"Xu R, Sa\u00efdi H, Anderson R (2012) Aurasium: practical policy enforcement for Android applications. In: 21st USENIX security symposium (USENIX Security 12). USENIX Association, pp 539\u2013552"},{"key":"406_CR60","doi-asserted-by":"publisher","first-page":"638","DOI":"10.1016\/j.neucom.2017.07.030","volume":"272","author":"HJ Zhu","year":"2018","unstructured":"Zhu HJ, You ZH, Zhu ZX et al (2018) DroidDet: effective and robust detection of android malware using static analysis along with rotation forest model. Neurocomputing 272:638\u2013646. https:\/\/doi.org\/10.1016\/j.neucom.2017.07.030","journal-title":"Neurocomputing"}],"container-title":["Discrete Event Dynamic Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10626-024-00406-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10626-024-00406-1\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10626-024-00406-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,12,9]],"date-time":"2024-12-09T05:06:46Z","timestamp":1733720806000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10626-024-00406-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,11,12]]},"references-count":60,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2024,12]]}},"alternative-id":["406"],"URL":"https:\/\/doi.org\/10.1007\/s10626-024-00406-1","relation":{"has-version":[{"id-type":"doi","id":"10.21428\/cb6ab371.eaf5ca16","asserted-by":"object"}]},"ISSN":["0924-6703","1573-7594"],"issn-type":[{"value":"0924-6703","type":"print"},{"value":"1573-7594","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,11,12]]},"assertion":[{"value":"27 September 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"14 October 2024","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"12 November 2024","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors have no conflicts of interest to declare that are relevant to the content of this article.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}]}}