{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,15]],"date-time":"2026-01-15T15:47:28Z","timestamp":1768492048378,"version":"3.49.0"},"reference-count":59,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2022,12,24]],"date-time":"2022-12-24T00:00:00Z","timestamp":1671840000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2022,12,24]],"date-time":"2022-12-24T00:00:00Z","timestamp":1671840000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100001866","name":"Fonds National de la Recherche Luxembourg","doi-asserted-by":"publisher","award":["CHARACTERIZE C17\/IS\/11693861"],"award-info":[{"award-number":["CHARACTERIZE C17\/IS\/11693861"]}],"id":[{"id":"10.13039\/501100001866","id-type":"DOI","asserted-by":"publisher"}]},{"name":"European Union\u2019s Horizon 2020 research and innovation program SPARTA project","award":["830892"],"award-info":[{"award-number":["830892"]}]},{"name":"Universit\u00e9 du Luxembourg HitDroid project"},{"name":"Luxembourg Ministry of Foreign and European Affairs"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Empir Software Eng"],"published-print":{"date-parts":[[2023,3]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Research on Android malware detection based on Machine learning has been prolific in recent years. In this paper, we show, through a large-scale evaluation of four state-of-the-art approaches that their achieved performance fluctuates when applied to different datasets. Combining existing approaches appears as an appealing method to stabilise performance. We therefore proceed to empirically investigate the effect of such combinations on the overall detection performance. In our study, we evaluated 22 methods to combine feature sets or predictions from the state-of-the-art approaches. Our results showed that no method has significantly enhanced the detection performance reported by the state-of-the-art malware detectors. Nevertheless, the performance achieved is on par with the best individual classifiers for all settings. Overall, we conduct extensive experiments on the opportunity to combine state-of-the-art detectors. Our main conclusion is that combining state-of-the-art malware detectors leads to a stabilisation of the detection performance, and a research agenda on how they should be combined effectively is required to boost malware detection. All artefacts of our large-scale study (i.e., the dataset of <jats:inline-formula><jats:alternatives><jats:tex-math>$\\sim $<\/jats:tex-math><mml:math xmlns:mml=\"http:\/\/www.w3.org\/1998\/Math\/MathML\">\n                  <mml:mo>\u223c<\/mml:mo>\n                <\/mml:math><\/jats:alternatives><\/jats:inline-formula>0.5 million apks and all extracted features) are made available for replicability.<\/jats:p>","DOI":"10.1007\/s10664-022-10249-9","type":"journal-article","created":{"date-parts":[[2022,12,24]],"date-time":"2022-12-24T07:02:36Z","timestamp":1671865356000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Assessing the opportunity of combining state-of-the-art Android malware detectors"],"prefix":"10.1007","volume":"28","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1437-667X","authenticated-orcid":false,"given":"Nadia","family":"Daoudi","sequence":"first","affiliation":[]},{"given":"Kevin","family":"Allix","sequence":"additional","affiliation":[]},{"given":"Tegawend\u00e9 F.","family":"Bissyand\u00e9","sequence":"additional","affiliation":[]},{"given":"Jacques","family":"Klein","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,12,24]]},"reference":[{"issue":"1","key":"10249_CR1","doi-asserted-by":"publisher","first-page":"9","DOI":"10.1007\/s11416-014-0226-7","volume":"11","author":"VM Afonso","year":"2015","unstructured":"Afonso VM, de Amorim MF, Gr\u00e9gio ARA, Junquera GB, de Geus PL (2015) Identifying android malware using dynamically obtained features. J Comput Virology Hacking Tech 11(1):9\u201317","journal-title":"J Comput Virology Hacking Tech"},{"key":"10249_CR2","doi-asserted-by":"publisher","unstructured":"Alam MS, Vuong ST (2013) Random forest classification for detecting android malware. In: 2013 IEEE International conference on green computing and communications and IEEE internet of things and IEEE cyber, physical and social computing, pp 663\u2013669. https:\/\/doi.org\/10.1109\/GreenCom-iThings-CPSCom.2013.122","DOI":"10.1109\/GreenCom-iThings-CPSCom.2013.122"},{"issue":"1","key":"10249_CR3","doi-asserted-by":"publisher","first-page":"183","DOI":"10.1007\/s10664-014-9352-6","volume":"21","author":"K Allix","year":"2016","unstructured":"Allix K, Bissyand\u00e9 TF, J\u00e9rome Q, Klein J, State R, Le Traon Y (2016a) Empirical assessment of machine learning-based malware detectors for android. Empirical Softw Eng 21(1):183\u2013211. https:\/\/doi.org\/10.1007\/s10664-014-9352-6","journal-title":"Empirical Softw Eng"},{"key":"10249_CR4","doi-asserted-by":"publisher","unstructured":"Allix K, Bissyand\u00e9 TF, Klein J, Le Traon Y (2016b) Androzoo: collecting millions of android apps for the research community. In: Proceedings of the 13th international conference on mining software repositories, ACM, New York, MSR \u201916, pp 468\u2013471. https:\/\/doi.org\/10.1145\/2901739.2903508","DOI":"10.1145\/2901739.2903508"},{"key":"10249_CR5","doi-asserted-by":"publisher","unstructured":"Allix K, Bissyand\u00e9 TF, Klein J, LeTraon Y (2015) Are your training datasets yet relevant? In: Piessens F, Caballero J, Bielova N (eds) Engineering secure software and systems, springer international publishing, Cham, pp 51\u201367. https:\/\/doi.org\/10.1007\/978-3-319-15618-7_5","DOI":"10.1007\/978-3-319-15618-7_5"},{"issue":"1","key":"10249_CR6","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s10844-020-00598-6","volume":"55","author":"A Appice","year":"2020","unstructured":"Appice A, Andresini G, Malerba D (2020) Clustering-aided multi-view classification: a case study on android malware detection. J Intell Inf Syst 55(1):1\u201326","journal-title":"J Intell Inf Syst"},{"key":"10249_CR7","unstructured":"Arp D, Quiring E, Pendlebury F, Warnecke A, Pierazzi F, Wressnegger C, Cavallaro L, Rieck K (2020) Dos and don\u2019ts of machine learning in computer security. arXiv:201009470"},{"key":"10249_CR8","doi-asserted-by":"crossref","unstructured":"Arp D, Spreitzenbarth M, H\u00fcbner M, Gascon H, Rieck K (2014) Drebin: efficient and explainable detection of android malware in your pocket. In: Proceedings of the ISOC network and distributed system security symposium (NDSS), San Diego, CA","DOI":"10.14722\/ndss.2014.23247"},{"issue":"2","key":"10249_CR9","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1007\/BF00058655","volume":"24","author":"L Breiman","year":"1996","unstructured":"Breiman L (1996) Bagging predictors. Mach Learn 24(2):123\u2013140","journal-title":"Mach Learn"},{"issue":"1","key":"10249_CR10","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1023\/A:1010933404324","volume":"45","author":"L Breiman","year":"2001","unstructured":"Breiman L (2001) Random forests. Mach Learn 45(1):5\u201332","journal-title":"Mach Learn"},{"key":"10249_CR11","first-page":"15","volume":"312","author":"G Brown","year":"2010","unstructured":"Brown G (2010) Ensemble learning. Encyclopedia Mach Learn 312:15\u201319","journal-title":"Encyclopedia Mach Learn"},{"key":"10249_CR12","doi-asserted-by":"publisher","unstructured":"Caruana R, Niculescu-Mizil A, Crew G, Ksikes A (2004) Ensemble selection from libraries of models. In: Proceedings of the twenty-first international conference on machine learning, association for computing machinery, New York, ICML \u201904, p 18. https:\/\/doi.org\/10.1145\/1015330.1015432","DOI":"10.1145\/1015330.1015432"},{"key":"10249_CR13","doi-asserted-by":"crossref","unstructured":"Christianah A, Gyunka B, Oluwatobi A (2020) Optimizing android malware detection via ensemble learning. https:\/\/www.learntechlib.org\/p\/217826","DOI":"10.3991\/ijim.v14i09.11548"},{"key":"10249_CR14","unstructured":"DATA G (2020) G DATA mobile malware report. https:\/\/www.gdatasoftware.com\/news\/1970\/01\/-36401-g-data-mobile-malware-report-harmful-android-apps-every-eight-seconds. Accessed 10 June 2021"},{"key":"10249_CR15","doi-asserted-by":"crossref","unstructured":"Daoudi N, Allix K, Bissyand\u00e9 TF, Klein J (2021a) A deep dive inside drebin: an explorative analysis beyond android malware detection scores. ACM Trans Privacy Secur (TOPS) Appear","DOI":"10.1145\/3503463"},{"issue":"4","key":"10249_CR16","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s10664-021-09955-7","volume":"26","author":"N Daoudi","year":"2021","unstructured":"Daoudi N, Allix K, Bissyand\u00e9 TF, Klein J (2021b) Lessons learnt on reproducibility in machine learning based android malware detection. Empirical Softw Eng 26(4):1\u201353. https:\/\/doi.org\/10.1007\/s10664-021-09955-7","journal-title":"Empirical Softw Eng"},{"key":"10249_CR17","doi-asserted-by":"publisher","unstructured":"Daoudi N, Samhi J, Kabore AK, Allix K, Bissyand\u00e9 TF, Klein J (2021c) Dexray: a simple, yet effective deep learning approach to android malware detection based on image representation of bytecode. In: Wang G, Ciptadi A, Ahmadzadeh A (eds) Deployable machine learning for security defense, springer international publishing, Cham, pp 81\u2013106. https:\/\/doi.org\/10.1007\/978-3-030-87839-9_4","DOI":"10.1007\/978-3-030-87839-9_4"},{"key":"10249_CR18","first-page":"1","volume":"7","author":"J Dem\u0161ar","year":"2006","unstructured":"Dem\u0161ar J (2006) Statistical comparisons of classifiers over multiple data sets. J Mach Learn Res 7:1\u201330","journal-title":"J Mach Learn Res"},{"key":"10249_CR19","doi-asserted-by":"publisher","unstructured":"Dhalaria M, Gandotra E (2020) Android malware detection using chi-square feature selection and ensemble learning method. In: 2020 Sixth international conference on parallel, distributed and grid computing (PDGC), pp 36\u201341. https:\/\/doi.org\/10.1109\/PDGC50313.2020.9315818","DOI":"10.1109\/PDGC50313.2020.9315818"},{"key":"10249_CR20","doi-asserted-by":"crossref","unstructured":"Ding Y, Zhang X, Hu J, Xu W (2020) Android malware detection method based on bytecode image. J Ambient Intell Humanized Comput:1\u201310","DOI":"10.1007\/s12652-020-02196-4"},{"issue":"2","key":"10249_CR21","doi-asserted-by":"publisher","first-page":"241","DOI":"10.1007\/s11704-019-8208-z","volume":"14","author":"X Dong","year":"2020","unstructured":"Dong X, Yu Z, Cao W, Shi Y, Ma Q (2020) A survey on ensemble learning. Frontiers Comput Sci 14(2):241\u2013258","journal-title":"Frontiers Comput Sci"},{"key":"10249_CR22","doi-asserted-by":"publisher","unstructured":"Fereidooni H, Conti M, Yao D, Sperduti A (2016) Anastasia: android malware detection using static analysis of applications. In: 2016 8th IFIP international conference on new technologies, mobility and security (NTMS), pp 1\u20135. https:\/\/doi.org\/10.1109\/NTMS.2016.7792435","DOI":"10.1109\/NTMS.2016.7792435"},{"issue":"1","key":"10249_CR23","doi-asserted-by":"publisher","first-page":"119","DOI":"10.1006\/jcss.1997.1504","volume":"55","author":"Y Freund","year":"1997","unstructured":"Freund Y, Schapire RE (1997) A decision-theoretic generalization of on-line learning and an application to boosting. J Comput Syst Sci 55(1):119\u2013139. https:\/\/doi.org\/10.1006\/jcss.1997.1504, https:\/\/www.sciencedirect.com\/science\/article\/pii\/S002200009791504X","journal-title":"J Comput Syst Sci"},{"issue":"200","key":"10249_CR24","doi-asserted-by":"publisher","first-page":"675","DOI":"10.1080\/01621459.1937.10503522","volume":"32","author":"M Friedman","year":"1937","unstructured":"Friedman M (1937) The use of ranks to avoid the assumption of normality implicit in the analysis of variance. J Amer Stat Assoc 32(200):675\u2013701. https:\/\/doi.org\/10.1080\/01621459.1937.10503522","journal-title":"J Amer Stat Assoc"},{"key":"10249_CR25","doi-asserted-by":"crossref","unstructured":"Friedman JH (2001) Greedy function approximation: a gradient boosting machine. Annals Stat:1189\u20131232","DOI":"10.1214\/aos\/1013203451"},{"key":"10249_CR26","doi-asserted-by":"publisher","unstructured":"Garcia J, Hammad M, Malek S (2018) Lightweight, obfuscation-resilient detection and family identification of android malware. ACM Trans Softw Eng Methodol, vol 26(3). https:\/\/doi.org\/10.1145\/3162625","DOI":"10.1145\/3162625"},{"key":"10249_CR27","doi-asserted-by":"publisher","unstructured":"Huang TH, Kao H (2018) R2-d2: color-inspired convolutional neural network (cnn)-based android malware detections. In: 2018 IEEE international conference on big data (big data), pp 2633\u20132642. https:\/\/doi.org\/10.1109\/BigData.2018.8622324","DOI":"10.1109\/BigData.2018.8622324"},{"key":"10249_CR28","doi-asserted-by":"publisher","unstructured":"Hurier M, Allix K, Bissyand\u00e9 TF, Klein J, Le Traon Y (2016) On the lack of consensus in anti-virus decisions: metrics and insights on building ground truths of android malware. In: Proceedings of the 13th international conference on detection of intrusions and malware, and vulnerability assessment - vol 9721, Springer-Verlag, Berlin, Heidelberg, DIMVA 2016, pp 142\u2013162. https:\/\/doi.org\/10.1007\/978-3-319-40667-1_8","DOI":"10.1007\/978-3-319-40667-1_8"},{"key":"10249_CR29","doi-asserted-by":"publisher","unstructured":"Idrees F, Rajarajan M, Conti M, Chen TM, Rahulamathavan Y (2017) Pindroid: a novel android malware detection system using ensemble learning methods, vol 68, pp 36\u201346. https:\/\/doi.org\/10.1016\/j.cose.2017.03.011, https:\/\/www.sciencedirect.com\/science\/article\/pii\/S0167404817300640","DOI":"10.1016\/j.cose.2017.03.011"},{"key":"10249_CR30","unstructured":"Kaspersky (2021) Kaspersky security network. https:\/\/securelist.com\/it-threat-evolution-q1-2021-mobile-statistics\/102547\/. Accessed 10 June 2021"},{"key":"10249_CR31","doi-asserted-by":"crossref","unstructured":"Mariconti E, Onwuzurike L, Andriotis P, De Cristofaro E, Ross G, Stringhini G (2017) Mamadroid: detecting android malware by building markov chains of behavioral models. In: ISOC network and distributed systems security symposiym (NDSS), San Diego, CA","DOI":"10.14722\/ndss.2017.23353"},{"key":"10249_CR32","doi-asserted-by":"crossref","unstructured":"Miller B, Kantchelian A, Tschantz MC, Afroz S, Bachwani R, Faizullabhoy R, Huang L, Shankar V, Wu T, Yiu G, Joseph AD, Tygar JD (2016) Reviewer integration and performance measurement for malware detection. In: Caballero J, Zurutuza U, Rodr\u00edguez RJ (eds) Detection of intrusions and malware, and vulnerability assessment. Springer international publishing, Cham, pp 122\u2013141","DOI":"10.1007\/978-3-319-40667-1_7"},{"key":"10249_CR33","doi-asserted-by":"publisher","first-page":"266","DOI":"10.1016\/j.compeleceng.2017.02.013","volume":"61","author":"N Milosevic","year":"2017","unstructured":"Milosevic N, Dehghantanha A, Choo KKR (2017) Machine learning aided android malware classification. Comput Electr Eng 61:266\u2013274. https:\/\/doi.org\/10.1016\/j.compeleceng.2017.02.013, https:\/\/www.sciencedirect.com\/science\/article\/pii\/S0045790617303087","journal-title":"Comput Electr Eng"},{"key":"10249_CR34","unstructured":"Nemenyi PB (1963) Distribution-free multiple comparisons. Princeton University"},{"issue":"2","key":"10249_CR35","doi-asserted-by":"publisher","first-page":"14:1","DOI":"10.1145\/3313391","volume":"22","author":"L Onwuzurike","year":"2019","unstructured":"Onwuzurike L, Mariconti E, Andriotis P, Cristofaro ED, Ross G, Stringhini G (2019) Mamadroid: detecting android malware by building markov chains of behavioral models (extended version). ACM Trans Priv Secur 22(2):14:1\u201314:34. https:\/\/doi.org\/10.1145\/3313391","journal-title":"ACM Trans Priv Secur"},{"key":"10249_CR36","doi-asserted-by":"publisher","first-page":"689","DOI":"10.1016\/j.cose.2017.07.013","volume":"70","author":"P Palumbo","year":"2017","unstructured":"Palumbo P, Sayfullina L, Komashinskiy D, Eirola E, Karhunen J (2017) A pragmatic android malware detection procedure. Comput Secur 70:689\u2013701. https:\/\/doi.org\/10.1016\/j.cose.2017.07.013, https:\/\/www.sciencedirect.com\/science\/article\/pii\/S0167404817301542","journal-title":"Comput Secur"},{"issue":"3","key":"10249_CR37","doi-asserted-by":"publisher","first-page":"187","DOI":"10.4103\/0974-7788.72494","volume":"1","author":"S Parab","year":"2010","unstructured":"Parab S, Bhalerao S (2010) Choosing statistical test. Int J Ayurveda Res 1(3):187","journal-title":"Int J Ayurveda Res"},{"key":"10249_CR38","unstructured":"Pendlebury F, Pierazzi F, Jordaney R, Kinder J, Cavallaro L (2019) TESSERACT: eliminating experimental bias in malware classification across space and time. In: 28th USENIX security symposium (USENIX security 19), USENIX association, Santa Clara, CA, pp 729\u2013746. https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/pendlebury"},{"issue":"1","key":"10249_CR39","doi-asserted-by":"publisher","first-page":"3","DOI":"10.5937\/sejodr3-1264","volume":"3","author":"G Perinetti","year":"2016","unstructured":"Perinetti G (2016) Statips part i: choosing statistical test when dealing with differences. South European J Orthodontics Dentofacial Res 3(1):3\u20134","journal-title":"South European J Orthodontics Dentofacial Res"},{"key":"10249_CR40","doi-asserted-by":"publisher","unstructured":"Rossow C, Dietrich CJ, Grier C, Kreibich C, Paxson V, Pohlmann N, Bos H, Steen VM (2012) Prudent practices for designing malware experiments: status quo and outlook. In: 2012 IEEE symposium on security and privacy, pp 65\u201379. https:\/\/doi.org\/10.1109\/SP.2012.14","DOI":"10.1109\/SP.2012.14"},{"issue":"4","key":"10249_CR41","doi-asserted-by":"publisher","first-page":"e1249","DOI":"10.1002\/widm.1249","volume":"8","author":"O Sagi","year":"2018","unstructured":"Sagi O, Rokach L (2018) Ensemble learning: a survey. Wiley Interdisciplinary Rev Data Mining Knowl Discover 8(4):e1249","journal-title":"Wiley Interdisciplinary Rev Data Mining Knowl Discover"},{"key":"10249_CR42","doi-asserted-by":"publisher","unstructured":"Salem A, Banescu S, Pretschner A (2021) Maat: automatically analyzing virustotal for accurate labeling and effective malware detection. ACM Trans Priv Secur, vol 24(4). https:\/\/doi.org\/10.1145\/3465361","DOI":"10.1145\/3465361"},{"key":"10249_CR43","doi-asserted-by":"crossref","unstructured":"Sebasti\u00e1n M, Rivera R, Kotzias P, Caballero J (2016) Avclass: a tool for massive malware labeling. In: International symposium on research in attacks, intrusions, and defenses, Springer, pp 230-253","DOI":"10.1007\/978-3-319-45719-2_11"},{"issue":"4","key":"10249_CR44","doi-asserted-by":"publisher","first-page":"221","DOI":"10.1002\/pri.66","volume":"1","author":"MR Sheldon","year":"1996","unstructured":"Sheldon MR, Fillyaw MJ, Thompson WD (1996) The use and interpretation of the friedman test in the analysis of ordinal-scale data in repeated measures designs. Physiother Res Int 1(4):221\u2013228","journal-title":"Physiother Res Int"},{"key":"10249_CR45","doi-asserted-by":"crossref","unstructured":"Sun T, Daoudi N, Allix K, Bissyand\u00e9 TF (2021) Android malware detection: looking beyond dalvik bytecode. In: Proceedings of the 36th IEEE\/ACM international conference on automated software engineering workshops, ASE \u201921","DOI":"10.1109\/ASEW52652.2021.00019"},{"key":"10249_CR46","doi-asserted-by":"publisher","unstructured":"Wang J, Jing Q, Gao J, Qiu X (2020) Sedroid: a robust android malware detector using selective ensemble learning. In: 2020 IEEE wireless communications and networking conference (WCNC), pp 1\u20135. https:\/\/doi.org\/10.1109\/WCNC45663.2020.9120537","DOI":"10.1109\/WCNC45663.2020.9120537"},{"key":"10249_CR47","doi-asserted-by":"crossref","unstructured":"Wang X, Zhang D, Su X, Li W (2017) Mlifdect: android malware detection based on parallel machine learning and information fusion. Secur Commun Netw, vol 2017","DOI":"10.1155\/2017\/6451260"},{"issue":"2","key":"10249_CR48","doi-asserted-by":"publisher","first-page":"241","DOI":"10.1016\/S0893-6080(05)80023-1","volume":"5","author":"DH Wolpert","year":"1992","unstructured":"Wolpert DH (1992) Stacked generalization. Neural Netw 5(2):241\u2013259","journal-title":"Neural Netw"},{"key":"10249_CR49","doi-asserted-by":"crossref","unstructured":"Wu Y, Li X, Zou D, Yang W, Zhang X, Jin H (2019) Malscan: fast market-wide mobile malware scanning by social-network centrality analysis. In: 2019 34th IEEE\/ACM international conference on automated software engineering (ASE), pp 139\u2013150","DOI":"10.1109\/ASE.2019.00023"},{"key":"10249_CR50","doi-asserted-by":"publisher","unstructured":"Wu D, Mao C, Wei T, Lee H, Wu K (2012) Droidmat: android malware detection through manifest and api calls tracing. In: 2012 Seventh asia joint conference on information security, pp 62\u201369. https:\/\/doi.org\/10.1109\/AsiaJCIS.2012.18","DOI":"10.1109\/AsiaJCIS.2012.18"},{"key":"10249_CR51","doi-asserted-by":"crossref","unstructured":"Xu J, Li Y, Deng RH (2021) Differential training: a generic framework to reduce label noises for android malware detection. In: Proceeding of network and distributed system security symposium (NDSS)","DOI":"10.14722\/ndss.2021.24126"},{"key":"10249_CR52","doi-asserted-by":"publisher","unstructured":"Yerima SY, Sezer S, Muttik I (2014) Android malware detection using parallel machine learning classifiers. In: 2014 Eighth international conference on next generation mobile apps, services and technologies, pp 37\u201342. https:\/\/doi.org\/10.1109\/NGMAST.2014.23","DOI":"10.1109\/NGMAST.2014.23"},{"issue":"6","key":"10249_CR53","doi-asserted-by":"publisher","first-page":"313","DOI":"10.1049\/iet-ifs.2014.0099","volume":"9","author":"SY Yerima","year":"2015","unstructured":"Yerima SY, Sezer S, Muttik I (2015) High accuracy android malware detection using ensemble learning. IET Inf Secur 9(6):313\u2013320","journal-title":"IET Inf Secur"},{"key":"10249_CR54","doi-asserted-by":"publisher","unstructured":"Zhang X, Jin Z (2016) A new semantics-based android malware detection. In: 2016 2nd IEEE international conference on computer and communications (ICCC), pp 1412\u20131416. https:\/\/doi.org\/10.1109\/CompComm.2016.7924936","DOI":"10.1109\/CompComm.2016.7924936"},{"key":"10249_CR55","doi-asserted-by":"crossref","unstructured":"Zhang W, Ren H, Jiang Q, Zhang K (2015) Exploring feature extraction and elm in malware detection for android devices. In: Hu X, Xia Y, Zhang Y, Zhao D (eds) Advances in neural networks \u2013 ISNN 2015, Springer international publishing, Cham, pp 489-498","DOI":"10.1007\/978-3-319-25393-0_54"},{"key":"10249_CR56","doi-asserted-by":"publisher","unstructured":"Zhao Y, Li L, Wang H, Cai H, Bissyand\u00e9 TF, Klein J, Grundy J (2021) On the impact of sample duplication in machine-learning-based android malware detection. ACM Trans Softw Eng Methodol, vol 30(3). https:\/\/doi.org\/10.1145\/3446905","DOI":"10.1145\/3446905"},{"key":"10249_CR57","doi-asserted-by":"crossref","unstructured":"Zhao C, Wang C, Zheng W (2019) Android malware detection based on sensitive permissions and apis. In: International conference on security and privacy in new computing environments, Springer, pp 105\u2013113","DOI":"10.1007\/978-3-030-21373-2_10"},{"key":"10249_CR58","doi-asserted-by":"publisher","unstructured":"Zhao C, Zheng W, Gong L, Zhang M, Wang C (2018) Quick and accurate android malware detection based on sensitive apis. In: 2018 IEEE international conference on smart internet of things (SmartIoT), pp 143\u2013148. https:\/\/doi.org\/10.1109\/SmartIoT.2018.00034","DOI":"10.1109\/SmartIoT.2018.00034"},{"key":"10249_CR59","doi-asserted-by":"publisher","unstructured":"Zhu H, Li Y, Li R, Li J, You Z, Song H (2020) Sedmdroid: an enhanced stacking ensemble of deep learning framework for android malware detection. IEEE Trans Netw Sci Eng:1\u20131. https:\/\/doi.org\/10.1109\/TNSE.2020.2996379","DOI":"10.1109\/TNSE.2020.2996379"}],"container-title":["Empirical Software Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10664-022-10249-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10664-022-10249-9\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10664-022-10249-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,4,3]],"date-time":"2023-04-03T06:50:40Z","timestamp":1680504640000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10664-022-10249-9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,12,24]]},"references-count":59,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2023,3]]}},"alternative-id":["10249"],"URL":"https:\/\/doi.org\/10.1007\/s10664-022-10249-9","relation":{},"ISSN":["1382-3256","1573-7616"],"issn-type":[{"value":"1382-3256","type":"print"},{"value":"1573-7616","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,12,24]]},"assertion":[{"value":"9 October 2022","order":1,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"24 December 2022","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"<!--Emphasis Type='Bold' removed-->Conflict of Interests"}}],"article-number":"22"}}