{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,16]],"date-time":"2026-02-16T19:17:33Z","timestamp":1771269453387,"version":"3.50.1"},"reference-count":33,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2018,8,11]],"date-time":"2018-08-11T00:00:00Z","timestamp":1533945600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61402210"],"award-info":[{"award-number":["61402210"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["60973137"],"award-info":[{"award-number":["60973137"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Google Research Awards"},{"name":"Google Faculty Awards"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Multimed Tools Appl"],"published-print":{"date-parts":[[2019,2]]},"DOI":"10.1007\/s11042-018-6498-z","type":"journal-article","created":{"date-parts":[[2018,8,11]],"date-time":"2018-08-11T15:45:09Z","timestamp":1534002309000},"page":"3529-3552","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":45,"title":["A novel approach for mobile malware classification and detection in Android systems"],"prefix":"10.1007","volume":"78","author":[{"given":"Qingguo","family":"Zhou","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Fang","family":"Feng","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zebang","family":"Shen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rui","family":"Zhou","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Meng-Yen","family":"Hsieh","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1381-4364","authenticated-orcid":false,"given":"Kuan-Ching","family":"Li","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,8,11]]},"reference":[{"key":"6498_CR1","unstructured":"360 home (2017) Android malware special report in 2016. Available online: \n                    http:\/\/www.360zhijia.com\/360anquanke\/178579.html\n                    \n                  . Last accessed on 8 Feb 2018"},{"key":"6498_CR2","doi-asserted-by":"crossref","unstructured":"Alzaylaee MK, Yerima SY, Sezer S (2017) EMULATOR vs REAL PHONE: Android Malware Detection Using Machine Learning. ACM on International Workshop on Security and Privacy Analytics, ACM, p 65\u201372","DOI":"10.1145\/3041008.3041010"},{"key":"6498_CR3","doi-asserted-by":"crossref","unstructured":"Barrera D, Oorschot PCV, Somayaji A (2010) A methodology for empirical analysis of permission-based security models and its application to Android. In: CCS 2010: Proceedings of the 17th ACM Conference on Computer and Communications Security 3:73\u201384","DOI":"10.1145\/1866307.1866317"},{"key":"6498_CR4","doi-asserted-by":"crossref","unstructured":"Chan PPF, Hui LCK, Yiu SM (2012) DroidChecker: analyzing android applications for capability leak. ACM, p 125\u2013136","DOI":"10.1145\/2185448.2185466"},{"key":"6498_CR5","doi-asserted-by":"crossref","unstructured":"Chen H, Zhao H, Shen J, Zhou R, Zhou Q (2015) Supervised machine learning model for high dimensional gene data in colon cancer detection. IEEE International Congress on Big Data. IEEE, p 134\u2013141","DOI":"10.1109\/BigDataCongress.2015.28"},{"key":"6498_CR6","unstructured":"Chin E, Felt AP, Greenwood K, Wagner D (2011) Analyzing inter-application communication in Android. International Conference on Mobile Systems, Applications, and Services. ACM, vol. 269, p 239\u2013252"},{"issue":"2","key":"6498_CR7","doi-asserted-by":"publisher","first-page":"289","DOI":"10.1109\/TIFS.2015.2491300","volume":"11","author":"S Das","year":"2017","unstructured":"Das S, Liu Y, Zhang W, Chandramohan M (2017) Semantics-based online malware detection: towards efficient real-time protection against malware. IEEE Trans Inf Forensics Secur 11(2):289\u2013302","journal-title":"IEEE Trans Inf Forensics Secur"},{"key":"6498_CR8","doi-asserted-by":"publisher","first-page":"255","DOI":"10.1016\/j.cose.2014.11.001","volume":"49","author":"KO Elish","year":"2015","unstructured":"Elish KO, Shu X, Yao D, Ryder BG, Jiang X (2015) Profiling user-trigger dependence for android malware detection. Comput Secur 49:255\u2013273","journal-title":"Comput Secur"},{"key":"6498_CR9","doi-asserted-by":"crossref","unstructured":"Enck W, Ongtang M, McDaniel P (2009) On lightweight mobile phone application certification. In: CCS 09: Proceedings of the 16th ACM conference on Computer and communications security, p 235\u2013245","DOI":"10.1145\/1653662.1653691"},{"issue":"3","key":"6498_CR10","doi-asserted-by":"publisher","first-page":"154","DOI":"10.1016\/j.jvlc.2012.02.002","volume":"23","author":"M Eskandari","year":"2012","unstructured":"Eskandari M, Hashemi S (2012) A graph mining approach for detecting unknown malwares. J Vis Lang Comput 23(3):154\u2013162","journal-title":"J Vis Lang Comput"},{"key":"6498_CR11","first-page":"22","volume":"103","author":"T Fei","year":"2016","unstructured":"Fei T, Zheng Y (2016) A hybrid approach of mobile malware detection in Android. J Parallel Distrib Comput 103:22\u201331","journal-title":"J Parallel Distrib Comput"},{"key":"6498_CR12","unstructured":"Felt AP, Greenwood K, Wagner D (2011) The effectiveness of application permissions. Usenix Conference on Web Application Development. vol. 364, p 7\u20137"},{"key":"6498_CR13","unstructured":"G DATA (2015) Mobile malware report, Available online: \n                    https:\/\/public.gdatasoftware.com\/Presse\/Publikationen\/Malware_Reports\/G_DATA_MoblieMWR_Q4_2015_EN.pdf\n                    \n                  . Accessed 10 July 2015"},{"key":"6498_CR14","unstructured":"Intrusion detection system (2017) Available online: \n                    http:\/\/baike.sogou.com\/v71531.htm\n                    \n                  . Accessed 17 Oct 2017"},{"key":"6498_CR15","unstructured":"Isohara T, Takemori K, Kubota A (2012) Kernel-based behavior analysis for android malware detection. Seventh International Conference on Computational Intelligence and Security. IEEE, vol. 46, p 1011\u20131015"},{"issue":"39","key":"6498_CR16","doi-asserted-by":"publisher","first-page":"340","DOI":"10.1016\/j.cose.2013.08.010","volume":"39","author":"YD Lin","year":"2013","unstructured":"Lin YD, Lai YC, Chen CH, Tsai HC (2013) Identifying android malicious repackaged applications by thread-grained system call sequences. Comput Secur 39(39):340\u2013350","journal-title":"Comput Secur"},{"key":"6498_CR17","doi-asserted-by":"crossref","unstructured":"Mahindru A, Singh P (2017) Dynamic permissions based android malware detection using machine learning techniques. Innovations in Software Engineering Conference. ACM, p 202\u2013210","DOI":"10.1145\/3021460.3021485"},{"key":"6498_CR18","doi-asserted-by":"crossref","unstructured":"Mylonas A, Gritzalis D (2012) Book review: practical malware analysis: the hands-on guide to dissecting malicious software. Elsevier Advanced Technology Publications","DOI":"10.1016\/j.cose.2012.05.004"},{"key":"6498_CR19","volume-title":"Pattern recognition and neural networks","author":"BD Ripley","year":"2008","unstructured":"Ripley BD (2008) Pattern recognition and neural networks, 1st edn. Cambridge University Press, Cambridge","edition":"1"},{"key":"6498_CR20","unstructured":"Sato R, Chiba D, Goto S (2013) Detecting android malware by analyzing manifest files. Asia Pacific Advanced Network. vol. 36, p 23"},{"issue":"1","key":"6498_CR21","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1007\/s10844-010-0148-x","volume":"38","author":"A Shabtai","year":"2012","unstructured":"Shabtai A (2012) \u201cAndromaly\u201d: a behavioral malware detection framework for android devices. J Intell Inf Syst 38(1):161\u2013190","journal-title":"J Intell Inf Syst"},{"key":"6498_CR22","unstructured":"Smartphone OS Market Share (2017) Available online: \n                    https:\/\/www.idc.com\/promo\/smartphone-market-share\/os\n                    \n                  . Accessed 17 Oct 2017"},{"key":"6498_CR23","doi-asserted-by":"crossref","unstructured":"Sohr K, Mustafa T, Nowak A (2011) Software security aspects of Java-based mobile phones. ACM Symposium on Applied Computing. DBLP, p 1494\u20131501","DOI":"10.1145\/1982185.1982506"},{"key":"6498_CR24","unstructured":"Statista (2017) Global mobile OS market share 2009\u20132017, by quarter. Available online: \n                    https:\/\/www.statista.com\/statistics\/266136\/global-market-share-held-by-smartphone-operating-systems\/\n                    \n                  . Accessed 8 Feb 2018"},{"key":"6498_CR25","doi-asserted-by":"crossref","unstructured":"Su X, Chuah M, Tan G (2012) Smartphone dual defense protection framework: detecting malicious applications in android markets. Eighth International Conference on Mobile Ad-Hoc and Sensor Networks. IEEE, p 153\u2013160","DOI":"10.1109\/MSN.2012.43"},{"issue":"2","key":"6498_CR26","doi-asserted-by":"publisher","first-page":"961","DOI":"10.1109\/SURV.2013.101613.00077","volume":"16","author":"G Suarez-Tangil","year":"2014","unstructured":"Suarez-Tangil G, Tapiador JE, Peris-Lopez P, Ribagorda A (2014) Evolution, detection and analysis of malware for smart devices. IEEE Commun Surv Tutorials 16(2):961\u2013987","journal-title":"IEEE Commun Surv Tutorials"},{"key":"6498_CR27","unstructured":"Wu DJ, Mao CH, Lee HM, Wu KP (2012) DroidMat: Android Malware Detection through Manifest and API Calls Tracing, Information Security. IEEE, p 62\u201369"},{"key":"6498_CR28","doi-asserted-by":"crossref","unstructured":"Yang W, Xiao X, Andow B, Li S, Xie T, Enck W (2015) AppContext: differentiating malicious and benign mobile app behaviors using context. Ieee\/acm, IEEE International Conference on Software Engineering, IEEE vol 1, p 303\u2013313","DOI":"10.1109\/ICSE.2015.50"},{"key":"6498_CR29","doi-asserted-by":"crossref","unstructured":"Yong B, Xu Z, Shen J, Chen H, Tian Y, Zhou Q (2017) Neural network model with Monte Carlo algorithm for electricity demand forecasting in Queensland. Australasian Computer Science Week Multiconference, ACM, p 47","DOI":"10.1145\/3014812.3014861"},{"key":"6498_CR30","first-page":"1105","volume":"7","author":"M Zhang","year":"2014","unstructured":"Zhang M, Duan Y, Yin H, Zhao Z (2014) Semantics-aware android malware classification using weighted contextual API dependency graphs. ACM 7:1105\u20131116","journal-title":"ACM"},{"key":"6498_CR31","unstructured":"Zhao H (2016) General vector machine. Available online: \n                    https:\/\/arxiv.org\/abs\/1602.03950v1\n                    \n                  . Accessed 17 Oct 2017. arXiv:1602.03950"},{"key":"6498_CR32","doi-asserted-by":"crossref","unstructured":"Zheng M, Sun M, Lui JCS (2014) DroidTrace: a ptrace based Android dynamic analysissystem with forward execution capability. Wireless Communications and Mobile Computing Conference, IEEE, p 128\u2013133","DOI":"10.1109\/IWCMC.2014.6906344"},{"key":"6498_CR33","doi-asserted-by":"crossref","unstructured":"Zhou W, Zhou Y, Jiang X, Ning P (2012) Detecting repackaged smartphone applications in third-party android marketplaces. ACM Conference on Data and Application Security and Privacy. ACM, p 317\u2013326","DOI":"10.1145\/2133601.2133640"}],"container-title":["Multimedia Tools and Applications"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11042-018-6498-z\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11042-018-6498-z.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11042-018-6498-z.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,20]],"date-time":"2019-09-20T17:37:06Z","timestamp":1569001026000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11042-018-6498-z"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,8,11]]},"references-count":33,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2019,2]]}},"alternative-id":["6498"],"URL":"https:\/\/doi.org\/10.1007\/s11042-018-6498-z","relation":{},"ISSN":["1380-7501","1573-7721"],"issn-type":[{"value":"1380-7501","type":"print"},{"value":"1573-7721","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,8,11]]},"assertion":[{"value":"10 April 2018","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"24 July 2018","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"2 August 2018","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"11 August 2018","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}