{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,12]],"date-time":"2026-06-12T16:17:44Z","timestamp":1781281064329,"version":"3.54.1"},"reference-count":45,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2025,3,10]],"date-time":"2025-03-10T00:00:00Z","timestamp":1741564800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0"},{"start":{"date-parts":[[2025,3,10]],"date-time":"2025-03-10T00:00:00Z","timestamp":1741564800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0"}],"funder":[{"name":"The authors are thankful to the Deanship of Graduate Studies and Scientific Research at the University of Bisha for supporting this work through the Fast-Track Research Support Program."}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int J Comput Intell Syst"],"DOI":"10.1007\/s44196-025-00783-x","type":"journal-article","created":{"date-parts":[[2025,3,10]],"date-time":"2025-03-10T15:40:14Z","timestamp":1741621214000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":29,"title":["Hybrid Android Malware Detection and Classification Using Deep Neural Networks"],"prefix":"10.1007","volume":"18","author":[{"given":"Muhammad Umar","family":"Rashid","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Shahnawaz","family":"Qureshi","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Abdullah","family":"Abid","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Saad Said","family":"Alqahtany","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ali","family":"Alqazzaz","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Mahmood","family":"ul Hassan","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Mana Saleh","family":"Al Reshan","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Asadullah","family":"Shaikh","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2025,3,10]]},"reference":[{"key":"783_CR1","doi-asserted-by":"crossref","unstructured":"Alsmadi, T., Alqudah, N.: A survey on malware detection techniques. In: 2021 International Conference On Information Technology (ICIT), pp. 371\u2013376 (2021)","DOI":"10.1109\/ICIT52682.2021.9491765"},{"key":"783_CR2","unstructured":"Shu, X., Tian, K., Ciambrone, A., Yao, D.: Breaking the target: an analysis of the target data breach and lessons learned. arXiv Preprint arXiv:1701.04940 (2017)"},{"key":"783_CR3","doi-asserted-by":"crossref","unstructured":"Lange, T., Kettani, H.: On security threats of botnets to cyber systems. In: 2019 6th International Conference on Signal Processing and Integrated Networks (SPIN), pp. 176\u2013183 (2019)","DOI":"10.1109\/SPIN.2019.8711780"},{"key":"783_CR4","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1109\/MITP.2018.2881373","volume":"21","author":"K Thakur","year":"2019","unstructured":"Thakur, K., Hayajneh, T., Tseng, J.: Cyber security in social media: challenges and the way forward. IT Prof. 21, 41\u201349 (2019)","journal-title":"IT Prof."},{"key":"783_CR5","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3448609","volume":"24","author":"R Mayrhofer","year":"2021","unstructured":"Mayrhofer, R., Stoep, J., Brubaker, C., Kralevich, N.: The android platform security model. ACM Trans. Priv. Secur. TOPS 24, 1\u201335 (2021)","journal-title":"ACM Trans. Priv. Secur. TOPS"},{"key":"783_CR6","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.future.2021.11.030","volume":"130","author":"P Maniriho","year":"2022","unstructured":"Maniriho, P., Mahmood, A., Chowdhury, M.: A study on malicious software behaviour analysis and detection techniques: taxonomy, current trends and challenges. Future Gener. Comput. Syst. 130, 1\u201318 (2022)","journal-title":"Future Gener. Comput. Syst."},{"key":"783_CR7","unstructured":"Kalauner, P.: Analysis and Bypass of Android Application Anti-Reverse Engineering Mechanisms. Wien (2023)"},{"key":"783_CR8","first-page":"1","volume":"52","author":"A Afianian","year":"2019","unstructured":"Afianian, A., Niksefat, S., Sadeghiyan, B., Baptiste, D.: Malware dynamic analysis evasion techniques: a survey. ACM Comput. Surv. CSUR 52, 1\u201328 (2019)","journal-title":"ACM Comput. Surv. CSUR"},{"key":"783_CR9","doi-asserted-by":"crossref","unstructured":"Rathod, H., Agal, S.: A study and overview on current trends and technology in mobile applications and its development. In: International Conference on ICT For Sustainable Development, pp. 383\u2013395 (2023)","DOI":"10.1007\/978-981-99-4932-8_35"},{"key":"783_CR10","doi-asserted-by":"publisher","first-page":"117334","DOI":"10.1109\/ACCESS.2022.3219047","volume":"10","author":"M \u0130brahim","year":"2022","unstructured":"\u0130brahim, M., Issa, B., Jasser, M.: A method for automatic android malware detection based on static analysis and deep learning. IEEE Access 10, 117334\u2013117352 (2022)","journal-title":"IEEE Access"},{"key":"783_CR11","doi-asserted-by":"crossref","unstructured":"Subash, A., Vijay, G., Selvan, G., Ramkumar, M., et al.: Malware detection in android application using static permission. In: 2023 5th International Conference on Inventive Research In Computing Applications (ICIRCA), pp. 1241\u20131245 (2023)","DOI":"10.1109\/ICIRCA57980.2023.10220934"},{"key":"783_CR12","doi-asserted-by":"crossref","unstructured":"Nguyen, C., Khoa, N., Doan, K., Cam, N.: Android malware category and family classification using static analysis. In: 2023 International Conference on Information Networking (ICOIN), pp. 162\u2013167 (2023)","DOI":"10.1109\/ICOIN56518.2023.10049039"},{"key":"783_CR13","doi-asserted-by":"publisher","first-page":"11373","DOI":"10.1007\/s00521-023-08303-8","volume":"35","author":"M Chaudhary","year":"2023","unstructured":"Chaudhary, M., Masood, A.: RealMalSol: real-time optimized model for Android malware detection using efficient neural networks and model quantization. Neural Comput. Appl. 35, 11373\u201311388 (2023)","journal-title":"Neural Comput. Appl."},{"key":"783_CR14","doi-asserted-by":"publisher","DOI":"10.1016\/j.pmcj.2021.101336","volume":"72","author":"S Sasidharan","year":"2021","unstructured":"Sasidharan, S., Thomas, C.: ProDroid\u2014an Android malware detection framework based on profile hidden Markov model. Pervasive Mob. Comput. 72, 101336 (2021)","journal-title":"Pervasive Mob. Comput."},{"key":"783_CR15","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102399","volume":"110","author":"A Guerra-Manzanares","year":"2021","unstructured":"Guerra-Manzanares, A., Bahsi, H., N\u00f5mm, S.: KronoDroid: time-based hybrid-featured dataset for effective android malware detection and characterization. Comput. Secur. 110, 102399 (2021)","journal-title":"Comput. Secur."},{"key":"783_CR16","doi-asserted-by":"publisher","DOI":"10.1016\/j.phycom.2022.101975","volume":"57","author":"F Ullah","year":"2023","unstructured":"Ullah, F., Ullah, S., Srivastava, G., Lin, J.: Droid-MCFG: Android malware detection system using manifest and control flow traces with multi-head temporal convolutional network. Phys. Commun. 57, 101975 (2023)","journal-title":"Phys. Commun."},{"key":"783_CR17","doi-asserted-by":"publisher","first-page":"118","DOI":"10.1049\/ise2.12082","volume":"17","author":"Y Wu","year":"2023","unstructured":"Wu, Y., Shi, J., Wang, P., Zeng, D., Sun, C.: DeepCatra: learning flow-and graph-based behaviours for Android malware detection. IET Inf. Secur. 17, 118\u2013130 (2023)","journal-title":"IET Inf. Secur."},{"key":"783_CR18","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2023.121125","volume":"235","author":"Z Liu","year":"2024","unstructured":"Liu, Z., Wang, R., Japkowicz, N., Gomes, H., Peng, B., Zhang, W.: SeGDroid: an Android malware detection method based on sensitive function call graph learning. Expert Syst. Appl. 235, 121125 (2024)","journal-title":"Expert Syst. Appl."},{"key":"783_CR19","doi-asserted-by":"publisher","first-page":"14246","DOI":"10.1109\/ACCESS.2022.3146363","volume":"10","author":"D \u015eah\u0131n","year":"2022","unstructured":"\u015eah\u0131n, D., Akleylek, S., Kili\u00e7, E.: LinRegDroid: detection of Android malware using multiple linear regression models-based classifiers. IEEE Access 10, 14246\u201314259 (2022)","journal-title":"IEEE Access"},{"key":"783_CR20","doi-asserted-by":"publisher","first-page":"984","DOI":"10.1109\/TNSE.2020.2996379","volume":"8","author":"H Zhu","year":"2020","unstructured":"Zhu, H., Li, Y., Li, R., Li, J., You, Z., Song, H.: SEDMDroid: an enhanced stacking ensemble framework for Android malware detection. IEEE Trans. Netw. Sci. Eng.. 8, 984\u2013994 (2020)","journal-title":"IEEE Trans. Netw. Sci. Eng.."},{"key":"783_CR21","doi-asserted-by":"publisher","first-page":"3216","DOI":"10.1109\/TII.2017.2789219","volume":"14","author":"J Li","year":"2018","unstructured":"Li, J., Sun, L., Yan, Q., Li, Z., Srisa-An, W., Ye, H.: Significant permission identification for machine-learning-based android malware detection. IEEE Trans. Ind. Inf. 14, 3216\u20133225 (2018)","journal-title":"IEEE Trans. Ind. Inf."},{"key":"783_CR22","doi-asserted-by":"crossref","unstructured":"Abuthawabeh, M., Mahmoud, K.: Android malware detection and categorization based on conversation-level network traffic features. In: 2019 International Arab Conference On Information Technology (ACIT), pp. 42\u201347 (2019)","DOI":"10.1109\/ACIT47987.2019.8991114"},{"key":"783_CR23","doi-asserted-by":"crossref","unstructured":"Chen, M., Zhou, Q., Wang, K., Zeng, Z.: An Android malware detection method using deep learning based on multi-features. In: 2022 IEEE International Conference On Artificial Intelligence And Computer Applications (ICAICA), pp. 187\u2013190 (2022)","DOI":"10.1109\/ICAICA54878.2022.9844642"},{"key":"783_CR24","doi-asserted-by":"publisher","first-page":"844","DOI":"10.1016\/j.future.2020.10.008","volume":"115","author":"S Imtiaz","year":"2021","unstructured":"Imtiaz, S., Rehman, S., Javed, A., Jalil, Z., Liu, X., Alnumay, W.: DeepAMD: detection and identification of Android malware using high-efficient deep artificial neural network. Future Gener. Comput. Syst. 115, 844\u2013856 (2021)","journal-title":"Future Gener. Comput. Syst."},{"key":"783_CR25","doi-asserted-by":"crossref","unstructured":"Taheri, L., Kadir, A., Lashkari, A.: Extensible android malware detection and family classification using network-flows and API-calls. In: 2019 International Carnahan Conference On Security Technology (ICCST), pp. 1\u20138 (2019)","DOI":"10.1109\/CCST.2019.8888430"},{"key":"783_CR26","doi-asserted-by":"crossref","unstructured":"Lashkari, A., Kadir, A., Taheri, L., Ghorbani, A.: Toward developing a systematic approach to generate benchmark android malware datasets and classification. In: 2018 International Carnahan Conference On Security Technology (ICCST), pp. 1\u20137 (2018)","DOI":"10.1109\/CCST.2018.8585560"},{"key":"783_CR27","doi-asserted-by":"crossref","unstructured":"Taheri, L., Kadir, A., Lashkari, A.: Extensible android malware detection and family classification using network-flows and API-calls. In: 2019 International Carnahan Conference On Security Technology (ICCST), pp. 1\u20138 (2019)","DOI":"10.1109\/CCST.2019.8888430"},{"key":"783_CR28","first-page":"108","volume":"1","author":"I Sharafaldin","year":"2018","unstructured":"Sharafaldin, I., Lashkari, A., Ghorbani, A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp 1, 108\u2013116 (2018)","journal-title":"ICISSp"},{"key":"783_CR29","doi-asserted-by":"crossref","unstructured":"Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: 2012 IEEE Symposium on Security and Privacy, pp. 95\u2013109. IEEE (2012)","DOI":"10.1109\/SP.2012.16"},{"key":"783_CR30","doi-asserted-by":"crossref","unstructured":"Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K., Siemens, C.E.R.T.: Drebin: effective and explainable detection of android malware in your pocket. In: NDSS, vol. 14, pp. 23\u201326 (2014)","DOI":"10.14722\/ndss.2014.23247"},{"issue":"6","key":"783_CR31","doi-asserted-by":"publisher","DOI":"10.1155\/2015\/479174","volume":"11","author":"H Kang","year":"2015","unstructured":"Kang, H., Jang, J.W., Mohaisen, A., Kim, H.K.: Detecting and classifying android malware using static analysis along with creator information. Int. J. Distrib. Sens. Netw. 11(6), 479174 (2015)","journal-title":"Int. J. Distrib. Sens. Netw."},{"key":"783_CR32","doi-asserted-by":"publisher","first-page":"125","DOI":"10.1016\/j.cose.2015.12.005","volume":"58","author":"JW Jang","year":"2016","unstructured":"Jang, J.W., Kang, H., Woo, J., Mohaisen, A., Kim, H.K.: Andro\u2013Dumpsys: anti-malware system based on the similarity of malware creator and malware centric information. Comput. Secur. 58, 125\u2013138 (2016)","journal-title":"Comput. Secur."},{"key":"783_CR33","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s40064-016-1861-x","volume":"5","author":"JW Jang","year":"2016","unstructured":"Jang, J.W., Yun, J., Mohaisen, A., Woo, J., Kim, H.K.: Detecting and classifying method based on similarity matching of Android malware behavior with profile. SpringerPlus 5, 1\u201323 (2016)","journal-title":"SpringerPlus"},{"key":"783_CR34","doi-asserted-by":"crossref","unstructured":"Ideses, I., Neuberger, A.: Adware detection and privacy control in mobile devices. In: 2014 IEEE 28th Convention of Electrical & Electronics Engineers in Israel (IEEEI), pp. 1\u20135 (2014)","DOI":"10.1109\/EEEI.2014.7005849"},{"key":"783_CR35","unstructured":"Cidre, E.:. Kharon dataset: Android malware under a microscope. In: Learning from Authoritative Security Experiment Results, p. 1 (2016)"},{"key":"783_CR36","doi-asserted-by":"crossref","unstructured":"Lashkari, A.H., Kadir, A.F.A., Gonzalez, H., Mbah, K.F., Ghorbani, A.A.: Towards a network-based framework for android malware detection and characterization. In: 2017 15th Annual Conference on Privacy, Security and Trust (PST), pp. 233\u201323309. IEEE (2017)","DOI":"10.1109\/PST.2017.00035"},{"key":"783_CR37","doi-asserted-by":"crossref","unstructured":"Wei, F., Li, Y., Roy, S., Ou, X., Zhou, W.: Deep ground truth analysis of current android malware. In: Detection of Intrusions and Malware, and Vulnerability Assessment: 14th International Conference, DIMVA 2017, Bonn, Germany, July 6\u20137, 2017, Proceedings 14, pp. 252\u2013276. Springer (2017)","DOI":"10.1007\/978-3-319-60876-1_12"},{"key":"783_CR38","doi-asserted-by":"publisher","first-page":"S48","DOI":"10.1016\/j.diin.2018.01.007","volume":"24","author":"EB Karbab","year":"2018","unstructured":"Karbab, E.B., Debbabi, M., Derhab, A., Mouheb, D.: MalDozer: automatic framework for android malware detection using deep learning. Digit. Investig. 24, S48\u2013S59 (2018)","journal-title":"Digit. Investig."},{"key":"783_CR39","unstructured":"Suarez-Tangil, G., Stringhini, G.: Eight years of rider measurement in the android malware ecosystem: evolution and lessons learned. arXiv preprint arXiv:1801.08115 (2018)"},{"key":"783_CR40","doi-asserted-by":"crossref","unstructured":"Lashkari, A.H., Kadir, A.F.A., Taheri, L., Ghorbani, A.A.: Toward developing a systematic approach to generate benchmark android malware datasets and classification. In: 2018 International Carnahan Conference on Security Technology (ICCST), pp. 1\u20137. IEEE (2018)","DOI":"10.1109\/CCST.2018.8585560"},{"key":"783_CR41","unstructured":"Android malware dataset (CIC-AndMal2017) (2017) https:\/\/www.unb.ca\/cic\/datasets\/andmal2017.html. Accessed 12 Mar 2020"},{"key":"783_CR42","unstructured":"Investigation of the android malware (cicinvesandmal2019) (2020) https:\/\/www.unb.ca\/cic\/datasets\/invesandmal2019.html. Accessed 12 Mar 2020"},{"issue":"3","key":"783_CR43","doi-asserted-by":"publisher","first-page":"567","DOI":"10.1007\/s12667-019-00359-7","volume":"13","author":"G Shrivastava","year":"2022","unstructured":"Shrivastava, G., Kumar, P.: Intent and permission modeling for privacy leakage detection in android. Energy Syst. 13(3), 567\u2013580 (2022)","journal-title":"Energy Syst."},{"issue":"24","key":"783_CR44","doi-asserted-by":"publisher","first-page":"35713","DOI":"10.1007\/s11042-019-07899-1","volume":"78","author":"G Shrivastava","year":"2019","unstructured":"Shrivastava, G., Kumar, P.: SensDroid: analysis for malicious activity risk of Android application. Multimedia Tools Appl. 78(24), 35713\u201335731 (2019)","journal-title":"Multimedia Tools Appl."},{"key":"783_CR45","doi-asserted-by":"crossref","unstructured":"Nishimoto, Y., Kajiwara, N., Matsumoto, S., Hori, Y., Sakurai, K.: Detection of android API call using logging mechanism within android framework. In: Security and Privacy in Communication Networks: 9th International ICST Conference, SecureComm 2013, Sydney, NSW, Australia, September 25\u201328, 2013, Revised Selected Papers 9, pp. 393\u2013404. Springer (2013)","DOI":"10.1007\/978-3-319-04283-1_25"}],"container-title":["International Journal of Computational Intelligence Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s44196-025-00783-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s44196-025-00783-x\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s44196-025-00783-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,11]],"date-time":"2025-03-11T02:07:10Z","timestamp":1741658830000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s44196-025-00783-x"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,3,10]]},"references-count":45,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2025,12]]}},"alternative-id":["783"],"URL":"https:\/\/doi.org\/10.1007\/s44196-025-00783-x","relation":{},"ISSN":["1875-6883"],"issn-type":[{"value":"1875-6883","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,3,10]]},"assertion":[{"value":"30 September 2024","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"25 February 2025","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"10 March 2025","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}],"article-number":"52"}}