{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,2]],"date-time":"2026-02-02T13:47:05Z","timestamp":1770040025345,"version":"3.49.0"},"reference-count":80,"publisher":"Elsevier","isbn-type":[{"value":"9780128046296","type":"print"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1016\/b978-0-12-804629-6.00006-7","type":"book-chapter","created":{"date-parts":[[2016,9,24]],"date-time":"2016-09-24T20:07:03Z","timestamp":1474747623000},"page":"101-154","source":"Crossref","is-referenced-by-count":11,"title":["Supervised Learning Based Detection of Malware on Android"],"prefix":"10.1016","author":[{"given":"F.","family":"Tchakount\u00e9","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"F.","family":"Hayata","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"78","reference":[{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0010","series-title":"Machine Learning-Based Malware Detection for Android Applications: History Matters!","author":"Allix","year":"2014"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0015","series-title":"Manifest permissions","year":"2015"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0020","unstructured":"Android-apktool, A tool for reverse engineering Android apk files. http:\/\/code.google.com\/p\/android-apktool\/."},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0025","series-title":"Android source","year":"2015"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0030","unstructured":"Android studio, http:\/\/developer.android.com\/tools\/studio\/index.html."},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0035","series-title":"Proceedings of 17th Network and Distributed System Security Symposium (NDSS)","article-title":"DREBIN: effective and explainable detection of android malware in your pocket","author":"Arp","year":"2014"},{"issue":"3","key":"10.1016\/B978-0-12-804629-6.00006-7_bb0040","first-page":"228","article-title":"Permission-based android malware detection","volume":"2","author":"Aung","year":"2013","journal-title":"Int. J. Sci. Technol. Res."},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0045","series-title":"Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS\u201910)","first-page":"73","article-title":"A methodology for empirical analysis of permission-based security models and its application to Android","author":"Barrera","year":"2010"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0055","series-title":"Analysis of the android architecture","author":"Br\u00e4hler","year":"2015"},{"issue":"1","key":"10.1016\/B978-0-12-804629-6.00006-7_bb0060","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1023\/A:1010933404324","article-title":"Random forests","volume":"45","author":"Breiman","year":"2001","journal-title":"J. Mach. Learn."},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0065","series-title":"Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile devices (SPSM\u201911)","first-page":"15","article-title":"Crowdroid: behavior-based malware detection system for android","author":"Burguera","year":"2011"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0070","series-title":"Over 1 billion android-based smart phones to ship in 2017","year":"2013"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0075","series-title":"Proceedings of Eighth International Conference on Availability, Reliability and Security (ARES)","first-page":"607","article-title":"A classifier of malicious android applications","author":"Canfora","year":"2013"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0080","series-title":"Proceedings of the 9th Annual International Conference on Mobile Systems, Applications and Services (MobiSys\u201911)","first-page":"239","article-title":"Analyzing inter-application communication in Android","author":"Chin","year":"2011"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0050","series-title":"Contagio","year":"2015"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0085","series-title":"Machine learning for cognitive networks: technology assessments and research challenges","author":"Dietterich","year":"2003"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0090","series-title":"Proceedings of Trusted Systems","first-page":"67","article-title":"A multi-criteria-based evaluation of android applications","author":"Dini","year":"2012"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0095","series-title":"Proceedings of the 6th International Conference on Mathematical Methods, Models, and Architectures for Computer Network Security. MMM-ACNS-12","first-page":"240","article-title":"Madam: a multi-level anomaly detector for android malware","author":"Dini","year":"2012"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0100","series-title":"The dalvik virtual machine architecture","author":"Ehringer","year":"2010"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0105","series-title":"Proceedings of the 16th ACM Conference on Computer and Communications Security","first-page":"235","article-title":"On lightweight mobile phone application certification","author":"Enck","year":"2009"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0110","doi-asserted-by":"crossref","first-page":"205","DOI":"10.1016\/j.cose.2014.02.007","article-title":"Permission based android security: issues and countermeasures","volume":"43","author":"Fang","year":"2014","journal-title":"Comput. Sec."},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0115","series-title":"The effectiveness of install-time permission systems for third-party applications","author":"Felt","year":"2010"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0120","series-title":"Proceedings of the ACM Conference on Computer and Communications Security (CCS)","first-page":"627","article-title":"Android permissions demystified","author":"Felt","year":"2011"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0125","series-title":"Proceedings of the Eighth Symposium on Usable Privacy and Security (SOUPS\u201912)","first-page":"1","article-title":"Android permissions: user attention, comprehension, and behavior","author":"Felt","year":"2012"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0130","article-title":"\u00c9valuation des logiciels antiviraux: quand le marketing s\u2019oppose \u00e0 la technique","volume":"21","author":"Filiol","year":"2005","journal-title":"Journal de la s\u00e9curit\u00e9 informatique MISC"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0135","first-page":"280","article-title":"Discriminatory analysis-nonparametric discrimination: consistency properties","volume":"11","author":"Fix","year":"1952"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0140","series-title":"Proceedings of the Fifteenth International Conference on Machine Learning (ICML\u2019 98)","first-page":"144","article-title":"Generating accurate rule sets without global optimisation","author":"Frank","year":"1998"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0145","series-title":"Proceedings of the 13th International Conference on Machine Learning (ICML\u201996)","first-page":"148","article-title":"Experiments with a new boosting algorithm","author":"Freund","year":"1996"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0150","series-title":"Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI\u201914)","first-page":"259","article-title":"FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps","author":"Fritz","year":"2014"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0155","series-title":"A characterization of malicious android applications","author":"Gomez","year":"2015"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0160","author":"Google Play","year":"2015"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0165","unstructured":"Google Play Help, About app permissions. https:\/\/support.google.com\/googleplay\/answer\/6014972?p= app_permissions&rd=1."},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0170","series-title":"Proceedings of the 19th Annual Symposium on Network and Distributed System Security (NDSS\u201912)","article-title":"Systematic detection of capability leaks in stock android smartphones","author":"Grace","year":"2012"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0175","series-title":"Rule Induction. Data Mining and Knowledge Discovery Handbook","first-page":"249","author":"Grzymala-Busse","year":"2010"},{"issue":"2","key":"10.1016\/B978-0-12-804629-6.00006-7_bb0180","doi-asserted-by":"crossref","first-page":"498","DOI":"10.1109\/TPDS.2013.147","article-title":"Collaborative policy administration","volume":"25","author":"Han","year":"2014","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"issue":"1","key":"10.1016\/B978-0-12-804629-6.00006-7_bb0185","doi-asserted-by":"crossref","first-page":"29","DOI":"10.1148\/radiology.143.1.7063747","article-title":"The meaning and use of the area under a receiver operating characteristic (ROC) curve","volume":"143","author":"Hanley","year":"1982","journal-title":"Radiology"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0190","series-title":"Proceedings of the 28th IEEE\/ACM International Conference on Automated Software Engineering (ASE2013)","first-page":"652","article-title":"Flow permissions for android","author":"Holavanalli","year":"2013"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb9010","series-title":"Applied logistic regression","author":"Hosmer","year":"2000"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0195","series-title":"Wiley Series in Probability and Statistics","article-title":"Applied Logistic Regression","author":"Hosmer","year":"2013"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0200","series-title":"Proceedings of Advances in Intelligent Systems and Applications","first-page":"111","article-title":"Performance evaluation on permission-based detection for Android malware","author":"Huang","year":"2013"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0205","unstructured":"JD-GUI, http:\/\/java.decompiler.free.fr\/?q=jdgui."},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0210","series-title":"Dr. Android and Mr. Hide: Fine-grained security policies on unmodified android","author":"Jeon","year":"2013"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0215","series-title":"Proceedings of the Second International Conference on Knowledge Discovery and Data Mining","first-page":"202","article-title":"Scaling up the accuracy of naive-bayes classiers: a decision-tree hybrid","author":"Kohavi","year":"1996"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0220","series-title":"These aren\u2019t the permissions you\u2019re looking for","author":"Lineberry","year":"2015"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0225","series-title":"Proceedings of the 2nd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MOBILECLOUD\u201914)","first-page":"142","article-title":"A two-layered permission-based android malware. Detection scheme","author":"Liu","year":"2014"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0230","series-title":"Apple cedes market share in smartphone operating system market as android surges and windows phone gains, according to IDC","author":"Llamas","year":"2013"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0235","series-title":"Machine Learning: An Artificial Intelligence Approach","year":"1983"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0240","series-title":"Proceedings of Security and Privacy in Mobile Information and Communication Systems","first-page":"40","article-title":"Android security permissions\u2014can we trust them?","author":"Orthacker","year":"2012"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0245","series-title":"Proceedings of the American Association of Artificial Intelligence (AAAI\u201982)","first-page":"133","article-title":"Reverend bayes on inference engines: a distributed hierarchical approach","author":"Pearl","year":"1982"},{"issue":"8","key":"10.1016\/B978-0-12-804629-6.00006-7_bb0250","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1109\/CC.2014.6911083","article-title":"Android malware detection with contrasting permission patterns","volume":"11","author":"Ping","year":"2014","journal-title":"Commun. China"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0255","series-title":"Proceedings of the 11th International Conference on Trust, Privacy and Security in Digital Business (TrustBus\u201914)","first-page":"24","article-title":"Android malware detection based on software complexity metrics","author":"Protsenko","year":"2014"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0260","series-title":"C4.5: Programs for Machine Learning","author":"Quinlan","year":"1993"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0265","series-title":"Proceedings of 2011 IEEE International Conference on Electro\/Information Technology (EIT)","first-page":"1","article-title":"Various approaches in analyzing Android applications with its permission-based security models","author":"Rassameeroj","year":"2011"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0270","series-title":"Proceedings of the third ACM Conference on Data and Application Security and Privacy","first-page":"221","article-title":"Appprofiler: a flexible method of exposing privacy-related behavior in android applications to end users","author":"Rosen","year":"2013"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0275","series-title":"Proceedings of the 10th International Conference on Information Systems Security (ICISS)","first-page":"338","article-title":"PMDS: permission-based malware detection system","author":"Rovelli","year":"2014"},{"issue":"7","key":"10.1016\/B978-0-12-804629-6.00006-7_bb0280","doi-asserted-by":"crossref","first-page":"388","DOI":"10.1145\/361011.361067","article-title":"Protection and the control of information sharing in Multics","volume":"17","author":"Saltzer","year":"1974","journal-title":"Commun. ACM"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0285","series-title":"Proceedings of IEEE Consumer Communications and Networking Conference (CCNC)","first-page":"149","article-title":"On the automatic categorisation of android applications","author":"Sanz","year":"2012"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0290","series-title":"Proceedings of the International Joint Conference CISIS\u201912-ICEUTE\u201912-SOCO\u201912 Special Sessions","first-page":"289","article-title":"PUMA: permission usage to detect malware in Android","author":"Sanz","year":"2013"},{"issue":"6\u20137","key":"10.1016\/B978-0-12-804629-6.00006-7_bb0295","doi-asserted-by":"crossref","first-page":"469","DOI":"10.1080\/01969722.2013.803889","article-title":"MAMA: manifest analysis for malware detection in Android","volume":"44","author":"Sanz","year":"2013","journal-title":"J. Cybern. Syst."},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0300","series-title":"Proceedings of the 17th ACM Symposium on Access Control Models and Technologies (SACMAT\u201912)","first-page":"13","article-title":"Android permissions: a perspective combining risks and benefits","author":"Sarma","year":"2012"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0305","series-title":"Proceedings of the Asia-Pacific Advanced Network (Asia JCIS)","first-page":"23","article-title":"Detecting android malware by analyzing manifest files","author":"Sato","year":"2013"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0310","series-title":"Proceedings of 2010 International Conference on Computational Intelligence and Security (CIS)","first-page":"329","article-title":"Automated static code analysis for classifying android applications using machine learning","author":"Shabtai","year":"2010"},{"issue":"1","key":"10.1016\/B978-0-12-804629-6.00006-7_bb0315","doi-asserted-by":"crossref","first-page":"161","DOI":"10.1007\/s10844-010-0148-x","article-title":"Andromaly: a behavioral malware detection framework for android devices","volume":"38","author":"Shabtai","year":"2012","journal-title":"J. Intell. Inf. Syst."},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0320","series-title":"Proceedings of Ambient Intelligence","first-page":"65","article-title":"Permissionwatcher: creating user awareness of application permissions in mobile systems","author":"Struse","year":"2012"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0325","series-title":"Proceedings of IEEE 2014 International Conference on Information Networking (ICOIN)","first-page":"449","article-title":"Permission-based malware detection mechanisms for smartphones","author":"Su","year":"2014"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0330","series-title":"Practical Applications of Data Mining","author":"Suh","year":"2011"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0335","series-title":"Introduction to Data Mining","author":"Tan","year":"2005"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0340","series-title":"Proceedings of 2011 International Conference on Internet Technology and Applications (iTAP)","first-page":"1","article-title":"Extending Android security enforcement with a security distance model","author":"Tang","year":"2011"},{"issue":"11","key":"10.1016\/B978-0-12-804629-6.00006-7_bb0345","first-page":"754","article-title":"Qualitative evaluation of security tools for android","volume":"2","author":"Tchakount\u00e9","year":"2013","journal-title":"Int. J. Sci. Technol."},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0350","series-title":"The Nature of Statistical Learning Theory. Information Science and Statistics","author":"Vapnik","year":"2000"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0355","series-title":"Threat analysis of the android market","author":"Vennon","year":"2010"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0360","series-title":"Proceedings of the 2011 Web 2.0 Security and Privacy Workshop (W2SP2011)","article-title":"Curbing Android permission creep","author":"Vidas","year":"2011"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0365","series-title":"Virustotal\u2014free online virus, malware and URL scanner","year":"2015"},{"issue":"11","key":"10.1016\/B978-0-12-804629-6.00006-7_bb0370","doi-asserted-by":"crossref","first-page":"1869","DOI":"10.1109\/TIFS.2014.2353996","article-title":"Exploring permission-induced risk in android applications for malicious application detection","volume":"9","author":"Wang","year":"2014","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0375","series-title":"Proceedings of 2012 IEEE 28th International Conference on Data Engineering Workshops (ICDEW)","first-page":"251","article-title":"Malicious Android applications in the enterprise: what do they do and how do we fix it?","author":"Wei","year":"2012"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0380","unstructured":"Weka 3, Data Mining Software in Java. http:\/\/www.cs.waikato.ac.nz\/ml\/weka\/."},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0385","series-title":"Data Mining Practical Machine Learning Tools and Techniques","author":"Witten","year":"2011"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0390","series-title":"Proceedings of the ACM SIGSAC Conference on Computer & Communications Security (CCS\u201913)","first-page":"611","article-title":"Vetting undesirable behaviors in Android apps with permission use analysis","author":"Zhang","year":"2013"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0395","series-title":"Proceedings of IEEE Symposium on Security and Privacy (SP12)","first-page":"95","article-title":"Dissecting android malware: characterization and evolution","author":"Zhou","year":"2012"},{"key":"10.1016\/B978-0-12-804629-6.00006-7_bb0400","series-title":"Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS\u20192012)","first-page":"5","article-title":"Hey, you, get off of my market: detecting malicious apps in official and alternative android markets","author":"Zhou","year":"2012"}],"container-title":["Mobile Security and Privacy"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:B9780128046296000067?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:B9780128046296000067?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2018,9,8]],"date-time":"2018-09-08T04:22:52Z","timestamp":1536380572000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/B9780128046296000067"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9780128046296"],"references-count":80,"URL":"https:\/\/doi.org\/10.1016\/b978-0-12-804629-6.00006-7","relation":{},"subject":[],"published":{"date-parts":[[2017]]}}}