{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,8]],"date-time":"2026-03-08T23:50:21Z","timestamp":1773013821327,"version":"3.50.1"},"reference-count":32,"publisher":"Institution of Engineering and Technology (IET)","issue":"1","license":[{"start":{"date-parts":[[2025,11,24]],"date-time":"2025-11-24T00:00:00Z","timestamp":1763942400000},"content-version":"vor","delay-in-days":327,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/doi.wiley.com\/10.1002\/tdm_license_1.1"}],"funder":[{"DOI":"10.13039\/501100004317","name":"Shihezi University","doi-asserted-by":"publisher","award":["RCZK202433"],"award-info":[{"award-number":["RCZK202433"]}],"id":[{"id":"10.13039\/501100004317","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100004317","name":"Shihezi University","doi-asserted-by":"publisher","award":["RCSK202437"],"award-info":[{"award-number":["RCSK202437"]}],"id":[{"id":"10.13039\/501100004317","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["ietresearch.onlinelibrary.wiley.com"],"crossmark-restriction":true},"short-container-title":["IET Information Security"],"published-print":{"date-parts":[[2025,1]]},"abstract":"<jats:p>As the most widely used operating system in the world, Android has naturally become the main target of malicious hackers. The current research on Android malware detection relies on manually defined sensitive API feature sets. With the continuous innovation and change of malicious behavior, new threats and attack methods have emerged. If we still rely on the original sensitive API set, malicious applications will not be discovered. To address this issue, we do not use the existing sensitive API feature set but instead design a key activation mechanism (KAM) based on convolutional neural networks (CNNs) to obtain sensitive API. We use this mechanism to automatically mine API features that play an important role in determining maliciousness from application datasets. And we use the API group (ApiG) obtained through this mechanism for template generalization, and obtain a method called AEDroid that can delay model aging. By analyzing these API features, it was found that they not only cover the existing sensitive API feature types but also include sensitive APIs for seven new types of malicious behavior. The experimental results show that with the addition of the newly discovered sensitive API, the Android malware detection rate has increased by more than 5%, especially on newly emerged malicious datasets, where the effect is more pronounced.<\/jats:p>","DOI":"10.1049\/ise2\/5572223","type":"journal-article","created":{"date-parts":[[2025,11,25]],"date-time":"2025-11-25T06:32:07Z","timestamp":1764052327000},"update-policy":"https:\/\/doi.org\/10.1002\/crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["AEDroid: Adaptive Enhanced Android Malware Detection\u2010Based on Interpretability of Deep Learning"],"prefix":"10.1049","volume":"2025","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5154-3123","authenticated-orcid":false,"given":"Pengfei","family":"Liu","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8701-3944","authenticated-orcid":false,"given":"Guangquan","family":"Xu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jian","family":"Sun","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wenxia","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-9346-9584","authenticated-orcid":false,"given":"Jie","family":"Chen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"265","published-online":{"date-parts":[[2025,11,24]]},"reference":[{"key":"e_1_2_11_1_2","unstructured":"Counterpoint Smartphone Reports: Share of Global Smartphone Shipments by Operating System 2024 Accessed: June.20 2024. [Online]. Available: WebPage https:\/\/www.counterpointresearch.com\/insights\/global-smartphone-os-market-share\/."},{"key":"e_1_2_11_2_2","unstructured":"ChinaTelecom National Mobile Application Security Observation Report in 2023 2024 WebPage Accessed: June.20 2024. [Online]. Available:http:\/\/news.sohu.com\/a\/763627708_121733765."},{"key":"e_1_2_11_3_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102264"},{"key":"e_1_2_11_4_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2024.103807"},{"key":"e_1_2_11_5_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2024.103846"},{"key":"e_1_2_11_6_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103651"},{"key":"e_1_2_11_7_2","doi-asserted-by":"crossref","unstructured":"ZhangX. ZhangY. andZhongM. et al.Enhancing State-of-the-art Classifiers With API Semantics to Detect Evolved Android Malware Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (CCS) 2020 Association for Computing Machinery 757\u2013770.","DOI":"10.1145\/3372297.3417291"},{"key":"e_1_2_11_8_2","unstructured":"ArztS. RasthoferS. andBoddenE. Susi: A Tool for the Fully Automated Classification and Categorization of Android Sources and Sinks 2013 University of Darmstadt Tech. Rep."},{"key":"e_1_2_11_9_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.101663"},{"key":"e_1_2_11_10_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103277"},{"key":"e_1_2_11_11_2","doi-asserted-by":"publisher","DOI":"10.1155\/2023\/5393890"},{"key":"e_1_2_11_12_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2025.3547301"},{"key":"e_1_2_11_13_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103126"},{"key":"e_1_2_11_14_2","doi-asserted-by":"publisher","DOI":"10.1109\/TNSE.2020.2996379"},{"key":"e_1_2_11_15_2","doi-asserted-by":"publisher","DOI":"10.1038\/s41467-023-36961-8"},{"key":"e_1_2_11_16_2","doi-asserted-by":"crossref","unstructured":"GkillasA. AmpeliotisD. andBerberidisK. A Highly Interpretable Deep Equilibrium Network for Hyperspectral Image Deconvolution ICASSP 2023-2023 IEEE International Conference on Acoustics Speech and Signal Processing (ICASSP) 2023 Rhodes Island Greece IEEE 1\u20135.","DOI":"10.1109\/ICASSP49357.2023.10095286"},{"key":"e_1_2_11_17_2","doi-asserted-by":"publisher","DOI":"10.1007\/s11760-022-02313-0"},{"key":"e_1_2_11_18_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jmsy.2023.05.027"},{"key":"e_1_2_11_19_2","doi-asserted-by":"crossref","unstructured":"SelvarajuR. R. CogswellM. DasA. VedantamR. ParikhD. andBatraD. Grad-CAM: Visual Explanations From Deep Networks via Gradient-Based Localization Proceedings of the IEEE International Conference on Computer Vision (ICCV) 2017 Venice Italy IEEE 618\u2013626.","DOI":"10.1109\/ICCV.2017.74"},{"key":"e_1_2_11_20_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-020-00489-5"},{"key":"e_1_2_11_21_2","doi-asserted-by":"publisher","DOI":"10.1007\/s11042-023-15364-3"},{"key":"e_1_2_11_22_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.datak.2022.102110"},{"key":"e_1_2_11_23_2","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23247"},{"key":"e_1_2_11_24_2","doi-asserted-by":"crossref","unstructured":"FanM. LiuJ. LuoX. ChenK. ChenT. andTianZ. Frequent Subgraph Based Familial Classification of Android Malware IEEE 27th International Symposium on Software Reliability Engineering (ISSRE) 2016 Ottawa ON Canada IEEE 24\u201335.","DOI":"10.1109\/ISSRE.2016.14"},{"key":"e_1_2_11_25_2","unstructured":"Malgenomeproject Android Malcious Dataset: Malgenomeproject Dataset 2024 WebPage Accessed: June.20 2024. [Online].Available:http:\/\/www.malgenomeproject.org\/."},{"key":"e_1_2_11_26_2","unstructured":"VirusTotal A Website that Provides Free Suspicious File Analysis Services 2024 WebPage Accessed: June.20 2024. [Online]. Available:https:\/\/www.virustotal.com\/gui\/home\/upload."},{"key":"e_1_2_11_27_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.3044867"},{"key":"e_1_2_11_28_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2018.2871682"},{"key":"e_1_2_11_29_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2020.3005088"},{"key":"e_1_2_11_30_2","doi-asserted-by":"crossref","unstructured":"ZhangX. ZhangY. andZhongM. et al.Enhancing State-of-the-Art Classifiers With API Semantics to Detect Evolved Android Malware Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security 2020 Association for Computing Machinery 757\u2013770.","DOI":"10.1145\/3372297.3417291"},{"key":"e_1_2_11_31_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.3025436"},{"key":"e_1_2_11_32_2","doi-asserted-by":"publisher","DOI":"10.1109\/TKDE.2024.3436891"}],"container-title":["IET Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/ietresearch.onlinelibrary.wiley.com\/doi\/pdf\/10.1049\/ise2\/5572223","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/ietresearch.onlinelibrary.wiley.com\/doi\/full-xml\/10.1049\/ise2\/5572223","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/ietresearch.onlinelibrary.wiley.com\/doi\/pdf\/10.1049\/ise2\/5572223","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,8]],"date-time":"2026-03-08T22:35:37Z","timestamp":1773009337000},"score":1,"resource":{"primary":{"URL":"https:\/\/ietresearch.onlinelibrary.wiley.com\/doi\/10.1049\/ise2\/5572223"}},"subtitle":[],"editor":[{"given":"Peican","family":"Zhu","sequence":"additional","affiliation":[],"role":[{"role":"editor","vocabulary":"crossref"}]}],"short-title":[],"issued":{"date-parts":[[2025,1]]},"references-count":32,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2025,1]]}},"alternative-id":["10.1049\/ise2\/5572223"],"URL":"https:\/\/doi.org\/10.1049\/ise2\/5572223","archive":["Portico"],"relation":{},"ISSN":["1751-8709","1751-8717"],"issn-type":[{"value":"1751-8709","type":"print"},{"value":"1751-8717","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,1]]},"assertion":[{"value":"2024-12-21","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-09-22","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-11-24","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}],"article-number":"5572223"}}