{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,17]],"date-time":"2026-04-17T02:53:35Z","timestamp":1776394415425,"version":"3.51.2"},"reference-count":46,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2017,3,7]],"date-time":"2017-03-07T00:00:00Z","timestamp":1488844800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100000266","name":"Engineering and Physical Sciences Research Council","doi-asserted-by":"publisher","award":["EP\/L022656\/1"],"award-info":[{"award-number":["EP\/L022656\/1"]}],"id":[{"id":"10.13039\/501100000266","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Telecommun Syst"],"published-print":{"date-parts":[[2017,11]]},"DOI":"10.1007\/s11235-017-0296-1","type":"journal-article","created":{"date-parts":[[2017,3,7]],"date-time":"2017-03-07T12:09:30Z","timestamp":1488888570000},"page":"417-430","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":14,"title":["Towards a threat assessment framework for apps collusion"],"prefix":"10.1007","volume":"66","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6430-9558","authenticated-orcid":false,"given":"Harsha Kumara","family":"Kalutarage","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0260-1697","authenticated-orcid":false,"given":"Hoang Nga","family":"Nguyen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0726-3319","authenticated-orcid":false,"given":"Siraj Ahmed","family":"Shaikh","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2017,3,7]]},"reference":[{"key":"296_CR1","unstructured":"Asavoae, I. M., Blasco, J., Chen, T. M., Kalutarage, H. K., Muttik, I., Nguyen, H. N., Roggenbach, M., & Shaikh, S. A. (2016). Towards automated android app collusion detection. In Aspinall, D., Cavallaro, L., Seghir, M. N., & M. Volkamer (Eds.), Proceedings of international workshop on innovations in mobile privacy and security 2016, CEUR Workshop Proceedings (pp. 29\u201337)."},{"key":"296_CR2","volume-title":"Application collusion attack on the permission-based security model and its implications for modern smartphone systems","author":"C Marforio","year":"2011","unstructured":"Marforio, C., Francillon, A., Capkun, S., Capkun, S., & Capkun, S. (2011). Application collusion attack on the permission-based security model and its implications for modern smartphone systems. ETH Zurich: Department of Computer Science."},{"key":"296_CR3","unstructured":"Elish, K. O., Yao, D. D., & Ryder, B. G. (2015). On the need of precise inter-app icc classification for detecting android malware collusions. In Proceedings of IEEE mobile security technologies (MoST), in conjunction with the IEEE symposium on security and privacy."},{"key":"296_CR4","doi-asserted-by":"crossref","first-page":"255","DOI":"10.1016\/j.cose.2014.11.001","volume":"49","author":"KO Elish","year":"2015","unstructured":"Elish, K. O., Shu, X., Yao, D. D., Ryder, B. G., & Jiang, X. (2015). Profiling user-trigger dependence for android malware detection. Computers & Security, 49, 255\u2013273.","journal-title":"Computers & Security"},{"key":"296_CR5","doi-asserted-by":"crossref","unstructured":"La\u00a0Polla, M., Martinelli, F., & Sgandurra, D. (2013). A survey on security for mobile devices. Communications Surveys Tutorials IEEE, 15(1), 446\u2013471.","DOI":"10.1109\/SURV.2012.013012.00028"},{"key":"296_CR6","doi-asserted-by":"crossref","unstructured":"Marforio, C., Ritzdorf, H., Francillon, A., & Capkun, S. (2012). Analysis of the communication between colluding applications on modern smartphones. In Proceedings of the 28th annual computer security applications conference, ACM (pp. 51\u201360).","DOI":"10.1145\/2420950.2420958"},{"key":"296_CR7","unstructured":"Schlegel, R., Zhang, K., Zhou, X. Y., Intwala, M., Kapadia, A., & Wang, X. (2011). Soundcomber: A stealthy and context-aware sound trojan for smartphones. In NDSS (Vol.\u00a011, pp. 17\u201333)."},{"key":"296_CR8","doi-asserted-by":"crossref","unstructured":"Enck, W., Ongtang, M., & McDaniel, P. (2009). On lightweight mobile phone application certification. In Proceedings of the 16th ACM conference on Computer and communications security, ACM (pp. 235\u2013245).","DOI":"10.1145\/1653662.1653691"},{"key":"296_CR9","doi-asserted-by":"crossref","unstructured":"Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., & Rieck, K. (2014). DREBIN: effective and explainable detection of android malware in your pocket. In 21st annual network and distributed system security symposium, NDSS 2014, San Diego, California, USA, February 23-26, 2014, The Internet Society.","DOI":"10.14722\/ndss.2014.23247"},{"key":"296_CR10","doi-asserted-by":"crossref","unstructured":"Canfora, G., Lorenzo, A. D., Medvet, E., Mercaldo, F., & Visaggio, C. A. (2015) Effectiveness of opcode ngrams for detection of multi family android malware. In 10th International Conference on Availability, Reliability and Security, ARES 2015, (pp. 333\u2013340). Toulouse, France.","DOI":"10.1109\/ARES.2015.57"},{"key":"296_CR11","doi-asserted-by":"crossref","unstructured":"Dai, G., Ge, J., Cai, M., Xu, D., & Li, W. (2015). Svm-based malware detection for android applications. In Proceedings of the 8th ACM conference on security & privacy in wireless and mobile networks (PP. 33:1\u201333:2), New York, NY.","DOI":"10.1145\/2766498.2774991"},{"key":"296_CR12","doi-asserted-by":"crossref","unstructured":"Kate, P. M., & Dhavale, S. V. (2015). Two phase static analysis technique for android malware detection. In Proceedings of the Third International Symposium on Women in Computing and Informatics, WCI 2015, co-located with ICACCI 2015 (PP. 650\u2013655), Kochi.","DOI":"10.1145\/2791405.2791558"},{"key":"296_CR13","doi-asserted-by":"crossref","unstructured":"Li, Q., & Li, X. (2015). Android malware detection based on static analysis of characteristic tree. In 2015 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery, CyberC 2015 (PP. 84\u201391), Xi\u2019an, China.","DOI":"10.1109\/CyberC.2015.88"},{"key":"296_CR14","unstructured":"Wang, Z., Li, C., Guan, Y., & Xue, Y. (2015). Droidchain: A novel malware detection method for android based on behavior chain. In: 2015 IEEE Conference on Communications and Network Security, CNS 2015 (PP. 727\u2013728). Florence, Italy."},{"key":"296_CR15","doi-asserted-by":"crossref","unstructured":"Han, H., Chen, Z., Yan, Q., Peng, L., & Zhang, L. (2015). A real-time android malware detection system based on network traffic analysis. In Algorithms and architectures for parallel processing-15th international conference, ICA3PP 2015, Zhangjiajie, China, November 18\u201320, 2015. Proceedings, Part III. (2015) (pp. 504\u2013516).","DOI":"10.1007\/978-3-319-27137-8_37"},{"key":"296_CR16","doi-asserted-by":"crossref","unstructured":"Kim, K., & Choi, M. (2015). Android malware detection using multivariate time-series technique. In 17th Asia-Pacific network operations and management symposium, APNOMS 2015 (pp. 198\u2013202). Busan, South Korea.","DOI":"10.1109\/APNOMS.2015.7275426"},{"key":"296_CR17","doi-asserted-by":"crossref","unstructured":"Song, F., & Touili, T. (2014). Model-checking for android malware detection. In Garrigue, J., (ed.) Programming Languages and Systems - 12th Asian Symposium, APLAS 2014 Singapore, November 17-19, 2014, Proceedings. Volume 8858 of Lecture notes in computer science (pp. 216\u2013235). Springer.","DOI":"10.1007\/978-3-319-12736-1_12"},{"key":"296_CR18","doi-asserted-by":"crossref","unstructured":"Beaucamps, P., Gnaedig, I., & Marion, J. (2012). Abstraction-based malware analysis using rewriting and model checking. In Foresti, S., Yung, M., & Martinelli, F., (Eds.), Computer security - ESORICS 2012 - 17th European symposium on research in computer security, Pisa, Italy, September 10\u201312, 2012. Proceedings. Volume 7459 of Lecture Notes in Computer Science (pp. 806\u2013823). Springer.","DOI":"10.1007\/978-3-642-33167-1_46"},{"key":"296_CR19","doi-asserted-by":"crossref","unstructured":"Burket, J., Flynn, L., Klieber, W., Lim, J., & Snavely, W. (2015). Making didfail succeed: Enhancing the cert static taint analyzer for android app sets. Technical Report MSU-CSE-00-2, Software Engineering Institute, Carnegie Mellon University, Pittsburgh,USA (March 2015).","DOI":"10.21236\/ADA619331"},{"key":"296_CR20","doi-asserted-by":"crossref","unstructured":"Arzt, S., Rasthofer, S., Fritz, C., Bodden, E., Bartel, A., Klein, J., Le\u00a0Traon, Y., Octeau, D., & McDaniel, P. (2014). Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. In Proceedings of the 35th ACM SIGPLAN conference on programming language design and implementation, ACM (p. 29).","DOI":"10.1145\/2666356.2594299"},{"key":"296_CR21","unstructured":"Fritz, C., Arzt, S., Rasthofer, S., Bodden, E., Bartel, A., Klein, J., & et al. (2013). Highly precise taint analysis for android applications. EC SPRIDE, TU Darmstadt: Tech. Rep."},{"key":"296_CR22","unstructured":"Octeau, D., McDaniel, P., Jha, S., Bartel, A., Bodden, E., Klein, J., & Le\u00a0Traon, Y. (2013). Effective inter-component communication mapping in android with epicc: An essential step towards holistic security analysis. In: USENIX Security 2013."},{"key":"296_CR23","doi-asserted-by":"crossref","unstructured":"Li, L., Bartel, A., Bissyand, T., Klein, J., Le\u00a0Traon, Y., Arzt, S., Siegfried, R., Bodden, E., Octeau, D., & Mcdaniel, P. (2015). IccTA: Detecting inter-component privacy leaks in android apps. In: Proceedings of the 37th International Conference on Software Engineering (ICSE 2015).","DOI":"10.1109\/ICSE.2015.48"},{"key":"296_CR24","doi-asserted-by":"crossref","unstructured":"Ravitch, T., Creswick, E. R., Tomb, A., Foltzer, A., Elliott, T., Casburn, L. (2014). Multi-app security analysis with fuse: Statically detecting android app collusion. In Proceedings of the 4th program protection and reverse engineering workshop, ACM  (p. 4)","DOI":"10.1145\/2689702.2689705"},{"key":"296_CR25","doi-asserted-by":"crossref","unstructured":"Gordon, M. I., Kim, D., Perkins, J. H., Gilham, L., Nguyen, N., & Rinard, M. C. (2015). Information flow analysis of android applications in droidsafe. In NDSS.","DOI":"10.14722\/ndss.2015.23089"},{"key":"296_CR26","doi-asserted-by":"crossref","unstructured":"Chin, E., Felt, A. P., Greenwood, K., & Wagner, D. (2011). Analyzing inter-application communication in android. In Proceedings of the 9th international conference on Mobile systems, applications, and services, ACM (2011) (pp. 239\u2013252).","DOI":"10.1145\/1999995.2000018"},{"issue":"6","key":"296_CR27","doi-asserted-by":"crossref","first-page":"10:1","DOI":"10.1147\/JRD.2013.2284403","volume":"57","author":"D Sbirlea","year":"2013","unstructured":"Sbirlea, D., Burke, M., Guarnieri, S., Pistoia, M., & Sarkar, V. (2013). Automatic detection of inter-application permission leaks in android applications. IBM Journal of Research and Development, 57(6), 10:1\u201310:12.","journal-title":"IBM Journal of Research and Development"},{"key":"296_CR28","doi-asserted-by":"crossref","unstructured":"Maji, A. K., Arshad, F., Bagchi, S., Rellermeyer, J. S., & et\u00a0al. (2012). An empirical study of the robustness of inter-component communication in android. In Dependable systems and networks (DSN), 2012 42nd annual IEEE\/IFIP international conference on (pp. 1\u201312). IEEE.","DOI":"10.1109\/DSN.2012.6263963"},{"key":"296_CR29","doi-asserted-by":"crossref","unstructured":"Gasior, W., & Yang, L. (2011). Network covert channels on the android platform. In Proceedings of the seventh annual workshop on cyber security and information intelligence research, ACM (p. 61).","DOI":"10.1145\/2179298.2179367"},{"key":"296_CR30","doi-asserted-by":"crossref","unstructured":"Gasior, W., & Yang, L. (2012). Exploring covert channel in android platform. In: Cyber Security (CyberSecurity), 2012 International Conference on (pp. 173\u2013177).","DOI":"10.1109\/CyberSecurity.2012.29"},{"key":"296_CR31","unstructured":"Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A. R., & Shastry, B. (2012). Towards taming privilege-escalation attacks on android. In NDSS."},{"key":"296_CR32","unstructured":"Ritzdorf, H. (2012). Analyzing covert channels on mobile devices. PhD thesis, ETH Z\u00fcrich, Department of Computer Science."},{"key":"296_CR33","unstructured":"Bagheri, H., Sadeghi, A., Garcia, J., & Malek, S. (2015). Covert: Compositional analysis of android inter-app vulnerabilities. Technical report, Tech. Rep. GMU-CS-TR-2015-1, Department of Computer Science, George Mason University, 4400 University Drive MSN 4A5, Fairfax, VA 22030-4444 USA."},{"issue":"2","key":"296_CR34","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1145\/2619091","volume":"32","author":"W Enck","year":"2014","unstructured":"Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B. G., Cox, L. P., et al. (2014). Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. ACM Transactions on Computer Systems (TOCS), 32(2), 5.","journal-title":"ACM Transactions on Computer Systems (TOCS)"},{"key":"296_CR35","doi-asserted-by":"crossref","unstructured":"Rasthofer, S., Arzt, S., Lovat, E., & Bodden, E. (2014). Droidforce: Enforcing complex, data-centric, system-wide policies in android. In Availability, Reliability and Security (ARES), 2014 Ninth International Conference on (pp. 40\u201349). IEEE.","DOI":"10.1109\/ARES.2014.13"},{"key":"296_CR36","doi-asserted-by":"crossref","unstructured":"Klieber, W., Flynn, L., Bhosale, A., Jia, L., & Bauer, L. (2014). Android taint flow analysis for app sets. In Proceedings of the 3rd ACM SIGPLAN international workshop on the state of the art in java program analysis, ACM (pp. 1\u20136).","DOI":"10.1145\/2614628.2614633"},{"key":"296_CR37","volume-title":"One-class classification","author":"DM Tax","year":"2001","unstructured":"Tax, D. M. (2001). One-class classification. Delft: Delft University of Technology."},{"key":"296_CR38","volume-title":"On the problem of the most efficient tests of statistical hypotheses","author":"J Neyman","year":"1992","unstructured":"Neyman, J., & Pearson, E. S. (1992). On the problem of the most efficient tests of statistical hypotheses. New York: Springer."},{"key":"296_CR39","doi-asserted-by":"crossref","unstructured":"Kalutarage, H.K., Lee, C., Shaikh, S.A., Sung, F.L.B.: Towards an early warning system for network attacks using bayesian inference. In Cyber security and cloud computing (CSCloud), 2015 IEEE 2nd international conference on. (pp. 399\u2013404).","DOI":"10.1109\/CSCloud.2015.35"},{"key":"296_CR40","doi-asserted-by":"crossref","first-page":"327","DOI":"10.1016\/j.compeleceng.2015.07.007","volume":"47","author":"HK Kalutarage","year":"2015","unstructured":"Kalutarage, H. K., Shaikh, S. A., Wickramasinghe, I. P., Zhou, Q., & James, A. E. (2015). Detecting stealthy attacks: Efficient monitoring of suspicious activities on computer networks. Computers and Electrical Engineering, 47, 327\u2013344.","journal-title":"Computers and Electrical Engineering"},{"key":"296_CR41","doi-asserted-by":"crossref","unstructured":"Peng, H., Gates, C., Sarma, B., Li, N., Qi, Y., Potharaju, R., Nita-Rotaru, C., & Molloy, I. (2012) Using probabilistic generative models for ranking risks of android apps. In: Proceedings of the 2012 ACM conference on Computer and communications security, ACM (pp. 241\u2013252)","DOI":"10.1145\/2382196.2382224"},{"key":"296_CR42","doi-asserted-by":"crossref","DOI":"10.1201\/b19191","volume-title":"Handbook of statistical distributions with applications","author":"K Krishnamoorthy","year":"2015","unstructured":"Krishnamoorthy, K. (2015). Handbook of statistical distributions with applications. Boca Raton: CRC Press."},{"key":"296_CR43","doi-asserted-by":"crossref","unstructured":"Sarma, B. P., Li, N., Gates, C., Potharaju, R., Nita-Rotaru, C., & Molloy, I. (2012) Android permissions: A perspective combining risks and benefits. In: Proceedings of the 17th ACM Symposium on Access Control Models and Technologies, ACM (pp. 13\u201322).","DOI":"10.1145\/2295136.2295141"},{"key":"296_CR44","unstructured":"Haris, M., Haddadi, H., & Hui, P. (2014) Privacy leakage in mobile computing: Tools, methods, and characteristics. arXiv preprint \n                        arXiv:1410.4978"},{"key":"296_CR45","unstructured":"Elish, K. O., Yao, D., & Ryder, B. G. (2015) On the need of precise inter-app ICC classification for detecting Android malware collusions. In: MoST."},{"key":"296_CR46","unstructured":"Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., & Sadeghi, A. R. (2011) Xmandroid: A new android evolution to mitigate privilege escalation attacks. Technische Universit\u00e4t Darmstadt, Technical Report TR-2011-04."}],"container-title":["Telecommunication Systems"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11235-017-0296-1\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11235-017-0296-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11235-017-0296-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,9,25]],"date-time":"2017-09-25T17:05:12Z","timestamp":1506359112000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11235-017-0296-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,3,7]]},"references-count":46,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2017,11]]}},"alternative-id":["296"],"URL":"https:\/\/doi.org\/10.1007\/s11235-017-0296-1","relation":{},"ISSN":["1018-4864","1572-9451"],"issn-type":[{"value":"1018-4864","type":"print"},{"value":"1572-9451","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017,3,7]]}}}