{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,24]],"date-time":"2025-11-24T21:44:43Z","timestamp":1764020683068,"version":"3.37.3"},"reference-count":48,"publisher":"Springer Science and Business Media LLC","issue":"5","license":[{"start":{"date-parts":[[2023,7,17]],"date-time":"2023-07-17T00:00:00Z","timestamp":1689552000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2023,7,17]],"date-time":"2023-07-17T00:00:00Z","timestamp":1689552000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100007950","name":"Tanta University","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100007950","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Mobile Netw Appl"],"published-print":{"date-parts":[[2023,10]]},"abstract":"Abstract<\/jats:title>Malicious software (malware) can steal passwords, leak details, and generally cause havoc with users\u2019 accounts. Most of the current malware detection techniques are designed to detect malware at the code level of the software, where it is actually infected and causes damage. Additionally, current malware detection techniques at the design level are done manually or semi-automatically. This research aims to enhance these methods to detect malware at the design level automatically with a big dataset. The proposed method presents an automatic system for detecting SMS (Short Message Service) malware at the design which is called APKOWL. It is based on reverse engineering of the mobile application and then automatically builds OWL (web ontology Language) ontology. The proposed system is implemented in python and Prot\u00e9g\u00e9, and its performance has been tested and evaluated on samples of android mobile applications including 3,904 malware and 3,200 benign samples. The experimental results successfully verify the effectiveness of the proposed method because it has good performance in detecting SMS malware at the software design level. The proposed method obtained an accuracy of 97%, precision of 97.5%, and recall of 99%, outperforming the compared model in all performance metrics.<\/jats:p>","DOI":"10.1007\/s11036-023-02159-x","type":"journal-article","created":{"date-parts":[[2023,7,17]],"date-time":"2023-07-17T11:02:12Z","timestamp":1689591732000},"page":"1901-1912","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["APKOWL: An Automatic Approach to Enhance the Malware Detection"],"prefix":"10.1007","volume":"28","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3496-0697","authenticated-orcid":false,"given":"Doaa","family":"Aboshady","sequence":"first","affiliation":[]},{"given":"Naglaa E.","family":"Ghannam","sequence":"additional","affiliation":[]},{"given":"Eman K.","family":"Elsayed","sequence":"additional","affiliation":[]},{"given":"L. S.","family":"Diab","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,7,17]]},"reference":[{"issue":"4","key":"2159_CR1","doi-asserted-by":"publisher","first-page":"7495","DOI":"10.48084\/etasr.4296","volume":"11","author":"A Al-Marghilani","year":"2021","unstructured":"Al-Marghilani A (2021) Comprehensive Analysis of IoT Malware Evasion techniques. Eng Technol Appl Sci Res 11(4):7495\u20137500","journal-title":"Eng Technol Appl Sci Res"},{"issue":"2","key":"2159_CR2","doi-asserted-by":"publisher","first-page":"1241","DOI":"10.1007\/s11280-019-00755-0","volume":"23","author":"H Darabian","year":"2020","unstructured":"Darabian H, Dehghantanha A, Hashemi S, Taheri M, Azmoodeh A, Homayoun S, \u2026, Parizi RM (2020) A multiview learning method for malware threat hunting: Windows, IoT and android as case studies. World Wide Web 23(2):1241\u20131260","journal-title":"World Wide Web"},{"issue":"5","key":"2159_CR3","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3403943","volume":"19","author":"SP Kadiyal a","year":"2020","unstructured":"Kadiyal a SP, Jadhav P, Lam SK, Srikanthan T (2020) Hardware performance counter-based fine-grained malware detection. ACM Trans Embedded Comput Syst (TECS) 19(5):1\u201317","journal-title":"ACM Trans Embedded Comput Syst (TECS)"},{"key":"2159_CR4","doi-asserted-by":"publisher","first-page":"101775","DOI":"10.1016\/j.cose.2020.101775","volume":"93","author":"S Sebastio","year":"2020","unstructured":"Sebastio S, Baranov E, Biondi F, Decourbe O, Given-Wilson T, Legay A, \u2026, Quilbeuf J (2020) Optimizing symbolic execution for malware behavior classification. Computers & Security 93:101775","journal-title":"Computers & Security"},{"key":"2159_CR5","doi-asserted-by":"publisher","first-page":"155","DOI":"10.1007\/978-3-319-55595-9_8","volume-title":"Green IT Engineering: components, networks and Systems implementation","author":"DA Maevsky","year":"2017","unstructured":"Maevsky DA, Maevskaya EJ, Stetsuyk ED, Shapa LN (2017) Malicious software effect on the mobile devices power consumption. Green IT Engineering: components, networks and Systems implementation. Springer, Cham, pp 155\u2013171"},{"issue":"11","key":"2159_CR6","first-page":"e1978","volume":"30","author":"F Mercaldo","year":"2018","unstructured":"Mercaldo F, Di Sorbo A, Visaggio CA, Cimitile A, Martinelli F (2018) An exploratory study on the evolution of Android malware quality. J Software: Evol Process 30(11):e1978","journal-title":"J Software: Evol Process"},{"issue":"5","key":"2159_CR7","doi-asserted-by":"publisher","first-page":"839","DOI":"10.3390\/sym14050839","volume":"14","author":"D Aboshady","year":"2022","unstructured":"Aboshady D, Ghannam N, Elsayed E, Diab L (2022) The Malware Detection Approach in the design of Mobile Applications. Symmetry 14(5):839","journal-title":"Symmetry"},{"key":"2159_CR8","doi-asserted-by":"crossref","unstructured":"Wang, S., Celebi, M. E., Zhang, Y. D., Yu, X., Lu, S., Yao, X., \u2026 Tyukin, I. (2021).Advances in data preprocessing for biomedical data fusion: An overview of the methods,challenges, and prospects. Information Fusion, 76, 376\u2013421","DOI":"10.1016\/j.inffus.2021.07.001"},{"key":"2159_CR9","doi-asserted-by":"publisher","first-page":"149","DOI":"10.1016\/j.inffus.2020.07.006","volume":"64","author":"YD Zhang","year":"2020","unstructured":"Zhang YD, Dong Z, Wang SH, Yu X, Yao X, Zhou Q\u2026, Gorriz JM (2020) Advances in multimodal data fusion in neuroimaging: overview, challenges, and novel orientation. Inform Fusion 64:149\u2013187","journal-title":"Inform Fusion"},{"issue":"1","key":"2159_CR10","doi-asserted-by":"publisher","first-page":"41","DOI":"10.26599\/TST.2020.9010040","volume":"27","author":"S Tang","year":"2021","unstructured":"Tang S, Huang S, Zheng C, Liu E, Zong C, Ding Y (2021) A novel cross-project software defect prediction algorithm based on transfer learning. Tsinghua Sci Technol 27(1):41\u201357","journal-title":"Tsinghua Sci Technol"},{"issue":"1","key":"2159_CR11","doi-asserted-by":"publisher","first-page":"32","DOI":"10.26599\/BDMA.2021.9020016","volume":"5","author":"AK Sandhu","year":"2021","unstructured":"Sandhu AK (2021) Big data with cloud computing: discussions and challenges. Big Data Mining and Analytics 5(1):32\u201340","journal-title":"Big Data Mining and Analytics"},{"issue":"6","key":"2159_CR12","doi-asserted-by":"publisher","first-page":"918","DOI":"10.26599\/TST.2021.9010029","volume":"26","author":"D Wei","year":"2021","unstructured":"Wei D, Ning H, Shi F, Wan Y, Xu J, Yang S, Zhu L (2021) Dataflow management in the internet of things: sensing, control, and security. Tsinghua Sci Technol 26(6):918\u2013930","journal-title":"Tsinghua Sci Technol"},{"issue":"1","key":"2159_CR13","doi-asserted-by":"publisher","first-page":"1","DOI":"10.26599\/BDMA.2020.9020028","volume":"5","author":"F Li","year":"2021","unstructured":"Li F, Yu X, Ge R, Wang Y, Cui Y, Zhou H (2021) BCSE: Blockchain-based trusted service evaluation model over big data. Big Data Mining and Analytics 5(1):1\u201314","journal-title":"Big Data Mining and Analytics"},{"key":"2159_CR14","first-page":"102828","volume":"59","author":"A Abusitta","year":"2021","unstructured":"Abusitta A, Li MQ, Fung BC (2021) Malware classification and composition analysis: a survey of recent developments. J Inform Secur Appl 59:102828","journal-title":"J Inform Secur Appl"},{"key":"2159_CR15","doi-asserted-by":"publisher","first-page":"90102","DOI":"10.1109\/ACCESS.2021.3090998","volume":"9","author":"J Singh","year":"2021","unstructured":"Singh J, Thakur D, Gera T, Shah B, Abuhmed T, Ali F (2021) Classification and analysis of android malware images using feature fusion technique. IEEE Access 9:90102\u201390117","journal-title":"IEEE Access"},{"issue":"4","key":"2159_CR16","doi-asserted-by":"publisher","first-page":"333","DOI":"10.1007\/s11416-021-00387-x","volume":"17","author":"V Reddy","year":"2021","unstructured":"Reddy V, Kolli N, Balakrishnan N (2021) Malware detection and classification using community detection and social network analysis. J Comput Virol Hacking Techniques 17(4):333\u2013346","journal-title":"J Comput Virol Hacking Techniques"},{"key":"2159_CR17","doi-asserted-by":"crossref","unstructured":"da Costa, F. H., Medeiros, I., Menezes, T., da Silva, J. V., da Silva, I. L., Bonif\u00e1cio,R., \u2026 Ribeiro, M. (2022). Exploring the use of static and dynamic analysis to improve the performance of the mining sandbox approach for android malware identification.Journal of Systems and Software, 183, 111092","DOI":"10.1016\/j.jss.2021.111092"},{"key":"2159_CR18","doi-asserted-by":"crossref","unstructured":"Chanajitt R, Pfahringer B, Gomes HM (2021), October Combining Static and Dynamic Analysis to Improve Machine Learning-based Malware Classification. In 2021 IEEE 8th International Conference on Data Science and Advanced Analytics (DSAA) (pp.\u00a01\u201310). IEEE","DOI":"10.1109\/DSAA53316.2021.9564144"},{"issue":"2","key":"2159_CR19","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1007\/s11265-020-01588-1","volume":"93","author":"X Huang","year":"2021","unstructured":"Huang X, Ma L, Yang W, Zhong Y (2021) A method for windows malware detection based on deep learning. J Signal Process Syst 93(2):265\u2013273","journal-title":"J Signal Process Syst"},{"key":"2159_CR20","doi-asserted-by":"crossref","unstructured":"Wyrwinski P, Dutkiewicz J, Jedrzejek C (2020), October Ensemble malware classification using neural networks. In International conference on multimedia communications, services and security (pp.\u00a0125\u2013138). Springer, Cham","DOI":"10.1007\/978-3-030-59000-0_10"},{"key":"2159_CR21","doi-asserted-by":"crossref","unstructured":"Azeez NA, Odufuwa OE, Misra S, Oluranti J, Dama\u0161evi\u010dius R (2021, February) Windows PE malware detection using ensemble learning. Informatics, vol 8. MDPI, p 10. 1","DOI":"10.3390\/informatics8010010"},{"issue":"3","key":"2159_CR22","doi-asserted-by":"publisher","first-page":"229","DOI":"10.1007\/s11416-020-00354-y","volume":"16","author":"M Jain","year":"2020","unstructured":"Jain M, Andreopoulos W, Stamp M (2020) Convolutional neural networks and extreme learning machines for malware classification. J Comput Virol Hacking Techniques 16(3):229\u2013244","journal-title":"J Comput Virol Hacking Techniques"},{"issue":"5","key":"2159_CR23","doi-asserted-by":"publisher","first-page":"721","DOI":"10.3390\/electronics9050721","volume":"9","author":"BN Narayanan","year":"2020","unstructured":"Narayanan BN, Davuluru VSP (2020) Ensemble malware classification system using deep neural networks. Electronics 9(5):721","journal-title":"Electronics"},{"issue":"2\u20133","key":"2159_CR24","first-page":"299","volume":"15","author":"J Akram","year":"2021","unstructured":"Akram J, Mumtaz M, Jabeen G, Luo P (2021) DroidMD: an efficient and scalable android malware detection approach at source code level. Int J Inf Comput Secur 15(2\u20133):299\u2013321","journal-title":"Int J Inf Comput Secur"},{"key":"2159_CR25","doi-asserted-by":"publisher","first-page":"141","DOI":"10.1016\/j.future.2021.11.005","volume":"129","author":"J Tang","year":"2022","unstructured":"Tang J, Li R, Jiang Y, Gu X, Li Y (2022) Android malware obfuscation variants detection method based on multi-granularity opcode features. Future Generation Computer Systems 129:141\u2013151","journal-title":"Future Generation Computer Systems"},{"issue":"8","key":"2159_CR26","doi-asserted-by":"publisher","first-page":"3987","DOI":"10.1007\/s00500-021-06492-9","volume":"26","author":"M Kumar","year":"2022","unstructured":"Kumar M (2022) Scalable malware detection system using big data and distributed machine learning approach. Soft Comput 26(8):3987\u20134003","journal-title":"Soft Comput"},{"key":"2159_CR27","doi-asserted-by":"crossref","unstructured":"Aurangzeb S, Anwar H, Naeem MA, Aleem M (2022) BigRC-EML: big-data baseds structurethe malware\u2019 ransomware classification using ensemble machine learning. Cluster Comput, 1\u201318","DOI":"10.1007\/s10586-022-03569-4"},{"key":"2159_CR28","doi-asserted-by":"publisher","first-page":"106729","DOI":"10.1016\/j.compeleceng.2020.106729","volume":"86","author":"D Gupta","year":"2020","unstructured":"Gupta D, Rani R (2020) Improving malware detection using big data and ensemble learning. Comput Electr Eng 86:106729","journal-title":"Comput Electr Eng"},{"key":"2159_CR29","doi-asserted-by":"publisher","first-page":"102622","DOI":"10.1016\/j.cose.2022.102622","volume":"115","author":"P Yadav","year":"2022","unstructured":"Yadav P, Menon N, Ravi V, Vishvanathan S, Pham TD (2022) EfficientNet convolutional neural networks-based Android malware detection. Computers & Security 115:102622","journal-title":"Computers & Security"},{"key":"2159_CR30","doi-asserted-by":"publisher","first-page":"959","DOI":"10.1016\/j.procs.2021.03.118","volume":"184","author":"M Kinkead","year":"2021","unstructured":"Kinkead M, Millar S, McLaughlin N, O\u2019Kane P (2021) Towards explainable CNNs for android malware detection. Procedia Comput Sci 184:959\u2013965","journal-title":"Procedia Comput Sci"},{"key":"2159_CR31","doi-asserted-by":"crossref","unstructured":"Mat SRT, Razak A, Kahar MF, Arif MNM, J. M., Firdaus A (2021) A bayesian probability model for android malware detection. ICT Express.","DOI":"10.1016\/j.icte.2021.09.003"},{"key":"2159_CR32","doi-asserted-by":"publisher","first-page":"107069","DOI":"10.1016\/j.asoc.2020.107069","volume":"102","author":"N Zhang","year":"2021","unstructured":"Zhang N, Tan YA, Yang C, Li Y (2021) Deep learning feature exploration for android malware detection. Appl Soft Comput 102:107069","journal-title":"Appl Soft Comput"},{"key":"2159_CR33","first-page":"102751","volume":"58","author":"JN OS","year":"2021","unstructured":"OS JN (2021) Detection of malicious android applications using ontology-based intelligent model in mobile cloud environment. J Inform Secur Appl 58:102751","journal-title":"J Inform Secur Appl"},{"key":"2159_CR34","doi-asserted-by":"publisher","first-page":"633","DOI":"10.1016\/j.ins.2020.08.095","volume":"546","author":"W Han","year":"2021","unstructured":"Han W, Xue J, Wang Y, Zhang F, Gao X (2021) APTMalInsight: identify and cognize APT malware based on system call information and ontology knowledge framework. Inf Sci 546:633\u2013664","journal-title":"Inf Sci"},{"key":"2159_CR35","doi-asserted-by":"crossref","unstructured":"Chowdhury IR, Bhowmik D (2022), July Capturing Malware Behaviour with Ontology-based Knowledge Graphs. In IEEE Conference on Dependable and Secure Computing (IEEE DSC 2022). IEEE","DOI":"10.1109\/DSC54232.2022.9888860"},{"key":"2159_CR36","doi-asserted-by":"crossref","unstructured":"Jiao J, Liu Q, Chen X, Cao H (2018) Behavior Intention Derivation of Android Malware Using Ontology Inference. Journal of Electrical and Computer Engineering, 2018","DOI":"10.1155\/2018\/9250297"},{"issue":"4","key":"2159_CR37","doi-asserted-by":"publisher","first-page":"2995","DOI":"10.1007\/s11277-020-07243-z","volume":"117","author":"KN Durai","year":"2021","unstructured":"Durai KN, Subha R, Haldorai A (2021) A novel method to detect and prevent SQLIA using ontology to cloud web security. Wireless Pers Commun 117(4):2995\u20133014","journal-title":"Wireless Pers Commun"},{"key":"2159_CR38","doi-asserted-by":"publisher","first-page":"101574","DOI":"10.1016\/j.cose.2019.101574","volume":"87","author":"Y Ding","year":"2019","unstructured":"Ding Y, Wu R, Zhang X (2019) Ontology-based knowledge representation for malware individuals and families. Computers & Security 87:101574","journal-title":"Computers & Security"},{"key":"2159_CR39","doi-asserted-by":"crossref","unstructured":"Hsien-De Huang T, Kao HY (2018), December R2-d2: Color-inspired convolutional neural network (cnn)-based android malware detections. In 2018 IEEE international conference on big data (big data) (pp.\u00a02633\u20132642). IEEE","DOI":"10.1109\/BigData.2018.8622324"},{"key":"2159_CR40","doi-asserted-by":"crossref","unstructured":"Arp D, Spreitzenbarth M, Hubner M, Gascon H, Rieck K, Siemens CERT (2014), February Drebin: Effective and explainable detection of android malware in your pocket. In Ndss (Vol.\u00a014, pp.\u00a023\u201326)","DOI":"10.14722\/ndss.2014.23247"},{"key":"2159_CR41","doi-asserted-by":"crossref","unstructured":"Zhou Y, Jiang X (2012), May Dissecting android malware: Characterization and evolution. In 2012 IEEE symposium on security and privacy (pp.\u00a095\u2013109). IEEE","DOI":"10.1109\/SP.2012.16"},{"key":"2159_CR42","doi-asserted-by":"crossref","unstructured":"Arzt, S., Rasthofer, S., Fritz, C., Bodden, E., Bartel, A., Klein, J., \u2026 McDaniel,P. (2014). Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. Acm Sigplan Notices, 49(6), 259\u2013269","DOI":"10.1145\/2666356.2594299"},{"key":"2159_CR43","unstructured":"Malware L (2019) Malicious code samples available from: http:\/\/malware.lu (Accessed 20 May 2019)"},{"key":"2159_CR44","unstructured":"Bernhard Mueller. [n.d.]. b-mueller\/apkx: one-step APK decompilation with multiple backends. https:\/\/github.com\/b-mueller\/apkx"},{"key":"2159_CR45","unstructured":"https:\/\/github.com\/srdc\/ontmalizer"},{"key":"2159_CR46","unstructured":"https:\/\/github.com\/rhizomik\/redefer-xsd2owl"},{"key":"2159_CR47","doi-asserted-by":"crossref","unstructured":"Mahdavifar S, Kadir AFA, Fatemi R, Alhadidi D, Ghorbani AADynamic Android Malware Category Classification using Semi-Supervised Deep Learning. In Proceedings of the 18th IEEE International Conference on Dependable, Autonomic, and, Computing S (DASC), Calgary, AB, Canada, 17\u201324 August 2020; Available online: https:\/\/www.unb.ca\/cic\/datasets\/maldroid-2020.html (accessed on 10 March 2021)","DOI":"10.1109\/DASC-PICom-CBDCom-CyberSciTech49142.2020.00094"},{"key":"2159_CR48","unstructured":"Colab. https:\/\/colab.research.google.com\/"}],"container-title":["Mobile Networks and Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11036-023-02159-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11036-023-02159-x\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11036-023-02159-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,2]],"date-time":"2024-09-02T11:15:44Z","timestamp":1725275744000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11036-023-02159-x"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,7,17]]},"references-count":48,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2023,10]]}},"alternative-id":["2159"],"URL":"https:\/\/doi.org\/10.1007\/s11036-023-02159-x","relation":{},"ISSN":["1383-469X","1572-8153"],"issn-type":[{"type":"print","value":"1383-469X"},{"type":"electronic","value":"1572-8153"}],"subject":[],"published":{"date-parts":[[2023,7,17]]},"assertion":[{"value":"29 June 2023","order":1,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"17 July 2023","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}