{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,25]],"date-time":"2026-01-25T20:26:29Z","timestamp":1769372789809,"version":"3.49.0"},"reference-count":48,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2019,10,26]],"date-time":"2019-10-26T00:00:00Z","timestamp":1572048000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2019,10,26]],"date-time":"2019-10-26T00:00:00Z","timestamp":1572048000000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Comput Virol Hack Tech"],"published-print":{"date-parts":[[2020,6]]},"DOI":"10.1007\/s11416-019-00341-y","type":"journal-article","created":{"date-parts":[[2019,10,26]],"date-time":"2019-10-26T07:20:51Z","timestamp":1572074451000},"page":"125-139","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["Lightweight versus obfuscation-resilient malware detection in android applications"],"prefix":"10.1007","volume":"16","author":[{"given":"Ali","family":"Aghamohammadi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8877-6895","authenticated-orcid":false,"given":"Fathiyeh","family":"Faghih","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,10,26]]},"reference":[{"key":"341_CR1","unstructured":"Share of global mobile website traffic. Accessed 9 Dec 2018. \nhttps:\/\/www.statista.com\/statistics\/277125\/share-of-website-traffic-coming-from-mobile-devices"},{"key":"341_CR2","unstructured":"Smartphone OS Market Share. Accessed 9 Dec 2018. \nhttps:\/\/www.idc.com\/promo\/smartphone-market-share\/os"},{"key":"341_CR3","unstructured":"McAfee Research & Reports. Accessed 9 Dec 2018. \nhttps:\/\/www.mcafee.com\/enterprise\/en-us\/about\/newsroom\/research-reports.html"},{"key":"341_CR4","doi-asserted-by":"crossref","unstructured":"Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K., Siemens, C.E.R.T.: Drebin: effective and explainable detection of android malware in your pocket. In: Ndss, vol.\u00a014, pp. 23\u201326 (2014)","DOI":"10.14722\/ndss.2014.23247"},{"key":"341_CR5","doi-asserted-by":"crossref","unstructured":"Nataraj, L., Karthikeyan, S, Jacob, G., Manjunath, B.S.: Malware images: visualization and automatic classification. In: Proceedings of the 8th International Symposium on Visualization for Cyber Security, p.\u00a04. ACM (2011)","DOI":"10.1145\/2016904.2016908"},{"key":"341_CR6","doi-asserted-by":"crossref","unstructured":"Ahmadi, M., Ulyanov, D., Semenov, S., Trofimov, M., Giacinto, G.: Novel feature extraction, selection and fusion for effective malware family classification. In: Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy, pp. 183\u2013194. ACM (2016)","DOI":"10.1145\/2857705.2857713"},{"issue":"1","key":"341_CR7","doi-asserted-by":"publisher","first-page":"83","DOI":"10.1109\/TDSC.2016.2536605","volume":"15","author":"A Saracino","year":"2018","unstructured":"Saracino, A., Sgandurra, D., Dini, G., Martinelli, F.: Madam: effective and efficient behavior-based android malware detection and prevention. IEEE Trans. Dependable Secure Comput. 15(1), 83\u201397 (2018)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"issue":"2","key":"341_CR8","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1145\/2619091","volume":"32","author":"W Enck","year":"2014","unstructured":"Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B.-G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. (TOCS) 32(2), 5 (2014)","journal-title":"ACM Trans. Comput. Syst. (TOCS)"},{"key":"341_CR9","doi-asserted-by":"crossref","unstructured":"Zhang, Y., Yang, M., Xu, B., Yang, Z., Gu, G., Ning, P., Wang, X.S., Zang, B.: Vetting undesirable behaviors in android apps with permission use analysis. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, pp. 611\u2013622. ACM (2013)","DOI":"10.1145\/2508859.2516689"},{"key":"341_CR10","unstructured":"How does Google Play Protect aim to improve Android security? Accessed 9 Dec 2018. \nhttps:\/\/searchsecurity.techtarget.com\/answer\/How-does-Google-Play-Protect-aim-to-improve-Android-security"},{"key":"341_CR11","unstructured":"Fratantonio, Y., Bianchi, A., Robertson, W., Kirda, E., Kruegel, C., Vigna, G.: Triggerscope: towards detecting logic bombs in android applications. In: Security and Privacy (SP), 2016 IEEE Symposium on, pp. 377\u2013396. IEEE (2016)"},{"key":"341_CR12","unstructured":"Hidden App Malware Found on Google Play. Accessed 9 Dec 2018. \nhttps:\/\/www.symantec.com\/blogs\/threat-intelligence\/hidden-app-malware-google-play"},{"key":"341_CR13","unstructured":"Crooks infiltrate Google Play with malware in QR reading utilities. Accessed 9 Dec 2018. \nhttps:\/\/nakedsecurity.sophos.com\/2018\/03\/23\/crooks-infiltrate-google-play-with-malware-lurking-in-qr-reading-utilities"},{"key":"341_CR14","unstructured":"A Whale of a Tale: HummingBad Returns. Accessed 9 Dec 2018. \nhttps:\/\/blog.checkpoint.com\/2017\/01\/23\/hummingbad-returns"},{"issue":"3","key":"341_CR15","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1145\/3162625","volume":"26","author":"J Garcia","year":"2018","unstructured":"Garcia, J., Hammad, M., Malek, S.: Lightweight, obfuscation-resilient detection and family identification of android malware. ACM Trans. Softw. Eng. Methodol. 26(3), 11 (2018)","journal-title":"ACM Trans. Softw. Eng. Methodol."},{"issue":"3","key":"341_CR16","first-page":"228","volume":"2","author":"Z Aung","year":"2013","unstructured":"Aung, Z., Zaw, W.: Permission-based android malware detection. Int. J. Sci. Technol. Res. 2(3), 228\u2013234 (2013)","journal-title":"Int. J. Sci. Technol. Res."},{"key":"341_CR17","doi-asserted-by":"crossref","unstructured":"Aafer, Y., Du, W., Yin, H.: Droidapiminer: Mining api-level features for robust malware detection in android. In International Conference on Security and Privacy in Communication Systems, pp. 86\u2013103. Springer, Cham (2013)","DOI":"10.1007\/978-3-319-04283-1_6"},{"key":"341_CR18","unstructured":"Mikolov, T., Sutskever, I., Chen, K., Corrado, G.S., Dean, J.: Distributed representations of words and phrases and their compositionality. In: Advances in Neural Information Processing Systems, pp. 3111\u20133119 (2013)"},{"key":"341_CR19","unstructured":"Rong, X.: word2vec parameter learning explained. arXiv preprint \narXiv:1411.2738\n\n (2014)"},{"key":"341_CR20","unstructured":"ProGuard The open source optimizer and obfuscator for Java bytecode. Accessed 9 Dec 2018. \nhttps:\/\/www.guardsquare.com\/proguard"},{"key":"341_CR21","unstructured":"DexProtector-Cutting edge obfuscator for Android apps. Accessed 9 Dec 2018. \nhttps:\/\/dexprotector.com"},{"issue":"1","key":"341_CR22","doi-asserted-by":"publisher","first-page":"99","DOI":"10.1109\/TIFS.2013.2290431","volume":"9","author":"V Rastogi","year":"2014","unstructured":"Rastogi, V., Chen, Y., Jiang, X., et al.: Catch me if you can: evaluating android anti-malware against transformation attacks. IEEE Trans. Inf. Forensics Secur. 9(1), 99\u2013108 (2014)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"341_CR23","unstructured":"Hidden miners on Google Play. Accessed 9 Dec 2018. \nhttps:\/\/usa.kaspersky.com\/blog\/google-play-hidden-miners\/15101"},{"key":"341_CR24","unstructured":"Gibert, D.: Convolutional neural networks for malware classification. PhD thesis, MS Thesis, Dept. of Computer Science, UPC (2016)"},{"key":"341_CR25","unstructured":"Dalvik bytecode. Accessed 9 Dec 2018. \nhttps:\/\/source.android.com\/devices\/tech\/dalvik\/dalvik-bytecode"},{"key":"341_CR26","unstructured":"Chung, J., Gulcehre, C., Cho, K.H., Bengio, Y.: Empirical evaluation of gated recurrent neural networks on sequence modeling. arXiv preprint \narXiv:1412.3555\n\n (2014)"},{"key":"341_CR27","unstructured":"Dalvik executable format. Accessed 9 Dec 2018. \nhttps:\/\/source.android.com\/devices\/tech\/dalvik\/dex-format"},{"key":"341_CR28","first-page":"181","volume":"1","author":"H Fereidooni","year":"2016","unstructured":"Fereidooni, H., Moonsamy, V., Conti, M., Batina, L.: Efficient classification of android malware in the wild using robust static features. Prot. Mobile Netw. Dev.: Chall. Solut. 1, 181\u2013209 (2016)","journal-title":"Prot. Mobile Netw. Dev.: Chall. Solut."},{"key":"341_CR29","unstructured":"A deep dive into DEX file format. Accessed 9 Dec 2018. \nhttps:\/\/elinux.org\/images\/d\/d9\/A_deep_dive_into_dex_file_format-chiossi.pdf"},{"key":"341_CR30","unstructured":"Krizhevsky, A., Sutskever, I., Hinton, G.E.: Imagenet classification with deep convolutional neural networks. In: Advances in Neural Information Processing Systems, pp. 1097\u20131105 (2012)"},{"key":"341_CR31","unstructured":"Desnos, A. et\u00a0al.: Androguard: reverse engineering, malware and goodware analysis of android applications. \nhttps:\/\/code.google.com\/p\/androguard\n\n, p. 153 (2013)"},{"key":"341_CR32","unstructured":"RevealDroid Java repository. Accessed 9 Dec 2018. \nhttps:\/\/bitbucket.org\/joshuaga\/revealdroid"},{"key":"341_CR33","first-page":"265","volume":"16","author":"M Abadi","year":"2016","unstructured":"Abadi, M., Barham, P., Chen, J., Chen, Z., Davis, A., Dean, J., Devin, M., Ghemawat, S., Irving, G., Isard, M., et al.: Tensorflow: a system for large-scale machine learning. OSDI 16, 265\u2013283 (2016)","journal-title":"OSDI"},{"key":"341_CR34","unstructured":"Chollet, F. et al.: Keras: The python deep learning library. In: Astrophysics Source Code Library (2018)"},{"key":"341_CR35","unstructured":"Jiang, X., Zhou, Y.: Dissecting android malware: characterization and evolution. In: 2012 IEEE Symposium on Security and Privacy, pp. 95\u2013109. IEEE (2012)"},{"key":"341_CR36","doi-asserted-by":"crossref","unstructured":"Wei, F., Li, Y., Roy, S., Ou, X., Zhou, W.: Deep ground truth analysis of current android malware. In: International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 252\u2013276. Springer, Berlin (2017)","DOI":"10.1007\/978-3-319-60876-1_12"},{"key":"341_CR37","unstructured":"Koodous: an online analysis tools over a vast APKs repository. Accessed 9 Dec 2018. \nhttps:\/\/koodous.com"},{"key":"341_CR38","unstructured":"Wang, R.: Flash in the pan? Virus Bull. (1998)"},{"key":"341_CR39","doi-asserted-by":"crossref","unstructured":"Christodorescu, M., Jha, S.: Static analysis of executables to detect malicious patterns. Technical report, Wisconsin Univ-Madison Dept of Computer Sciences (2006)","DOI":"10.21236\/ADA449067"},{"issue":"18","key":"341_CR40","doi-asserted-by":"publisher","first-page":"3311","DOI":"10.1002\/sec.1255","volume":"8","author":"M Narouei","year":"2015","unstructured":"Narouei, M., Ahmadi, M., Giacinto, G., Takabi, H., Sami, A.: DLLMiner: structural mining for malware detection. Secur. Commun. Netw. 8(18), 3311\u20133322 (2015)","journal-title":"Secur. Commun. Netw."},{"key":"341_CR41","unstructured":"Hu, W., Tan, Y.: Generating adversarial malware examples for black-box attacks based on gan. arXiv preprint \narXiv:1702.05983\n\n (2017)"},{"key":"341_CR42","doi-asserted-by":"crossref","unstructured":"Peiravian, N., Zhu, X.: Machine learning for android malware detection using permission and api calls. In: Tools with Artificial Intelligence (ICTAI), 2013 IEEE 25th International Conference on, pp. 300\u2013305. IEEE (2013)","DOI":"10.1109\/ICTAI.2013.53"},{"key":"341_CR43","unstructured":"Gennissen, J., Cavallaro, L., Moonsamy, V., Batina, L.: Gamut: sifting through images to detect android malware (2017)"},{"key":"341_CR44","doi-asserted-by":"crossref","unstructured":"Vidas, T., Christin, N.: Evading android runtime analysis via sandbox detection. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, pp. 447\u2013458. ACM (2014)","DOI":"10.1145\/2590296.2590325"},{"key":"341_CR45","unstructured":"Erel. Android tutorial-code obfuscation. \nhttps:\/\/www.b4x.com\/android\/forum\/threads\/code-obfuscation.13773\n\n. [Online; accessed 18 July 2019]"},{"key":"341_CR46","doi-asserted-by":"crossref","unstructured":"Canfora, G., Martinelli, F., Mercaldo, F., Nardone, V., Santone, A., Visaggio, C.A.: Leila: formal tool for identifying mobile malicious behaviour. IEEE Trans. Softw. Eng. (2018)","DOI":"10.1109\/TSE.2018.2834344"},{"key":"341_CR47","doi-asserted-by":"crossref","unstructured":"Hammad, M.: Self-protection of Android systems from inter-component communication attacks. Ph.D. thesis, UC Irvine (2018)","DOI":"10.1145\/3238147.3238207"},{"key":"341_CR48","doi-asserted-by":"crossref","unstructured":"Polakis, I., Diamantaris, M., Petsas, T., Maggi, F., Ioannidis, S.: Powerslave: analyzing the energy consumption of mobile antivirus software. In: International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 165\u2013184. Springer, Berlin (2015)","DOI":"10.1007\/978-3-319-20550-2_9"}],"container-title":["Journal of Computer Virology and Hacking Techniques"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-019-00341-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11416-019-00341-y\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-019-00341-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,10,24]],"date-time":"2020-10-24T23:27:45Z","timestamp":1603582065000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11416-019-00341-y"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,10,26]]},"references-count":48,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2020,6]]}},"alternative-id":["341"],"URL":"https:\/\/doi.org\/10.1007\/s11416-019-00341-y","relation":{},"ISSN":["2263-8733"],"issn-type":[{"value":"2263-8733","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,10,26]]},"assertion":[{"value":"22 January 2019","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"14 October 2019","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"26 October 2019","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}