{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,6]],"date-time":"2026-07-06T03:47:13Z","timestamp":1783309633185,"version":"3.54.6"},"reference-count":156,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100014538","name":"Lembaga Pengelola Dana Pendidikan","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100014538","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Republic of Indonesia"},{"name":"RTA Program Universitas Gadjah Mada","award":["5075\/UN1.P.II\/Dit-Lit\/PT.01.01\/2023"],"award-info":[{"award-number":["5075\/UN1.P.II\/Dit-Lit\/PT.01.01\/2023"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Access"],"published-print":{"date-parts":[[2024]]},"DOI":"10.1109\/access.2024.3377658","type":"journal-article","created":{"date-parts":[[2024,3,18]],"date-time":"2024-03-18T19:21:25Z","timestamp":1710789685000},"page":"41255-41286","source":"Crossref","is-referenced-by-count":36,"title":["Hybrid Android Malware Detection: A Review of Heuristic-Based Approach"],"prefix":"10.1109","volume":"12","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0227-3219","authenticated-orcid":false,"given":"Rajif Agung","family":"Yunmar","sequence":"first","affiliation":[{"name":"Department of Electrical and Information Engineering, Universitas Gadjah Mada, Yogyakarta, Special Region of Yogyakarta, Indonesia"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1705-3232","authenticated-orcid":false,"given":"Sri Suning","family":"Kusumawardani","sequence":"additional","affiliation":[{"name":"Department of Electrical and Information Engineering, Universitas Gadjah Mada, Yogyakarta, Special Region of Yogyakarta, Indonesia"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0340-1198","authenticated-orcid":false,"family":"Widyawan","sequence":"additional","affiliation":[{"name":"Department of Electrical and Information Engineering, Universitas Gadjah Mada, Yogyakarta, Special Region of Yogyakarta, Indonesia"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3876-5781","authenticated-orcid":false,"given":"Fadi","family":"Mohsen","sequence":"additional","affiliation":[{"name":"Department of Computer Science, University of Groningen, Groningen, The Netherlands"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"263","reference":[{"key":"ref1","volume-title":"20 Android Statistics In 2023 (Market Share & Users)","author":"Ruby","year":"2023"},{"key":"ref2","volume-title":"Mobile Operating Systems\u2019 Market Share Worldwide From 1st Quarter 2009 to 2nd Quarter 2023","year":"2009"},{"key":"ref3","volume-title":"Mobile Operating System Market Share Worldwide","year":"2023"},{"key":"ref4","volume-title":"IT Threat Evolution in Q3","author":"Shishkova","year":"2022"},{"key":"ref5","volume-title":"Mobile Malware Report, no Let ip With Android Malware","year":"2019"},{"key":"ref6","volume-title":"Mobile Security: Android vs IOS\u2014Which One is Safer?","year":"2023"},{"key":"ref7","article-title":"Mobile malware anomaly-based detection systems using static analysis features","author":"Firdaus","year":"2017"},{"key":"ref8","volume-title":"What is Heuristic Analysis?","year":"2019"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1016\/j.cosrev.2020.100358"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/access.2018.2844349"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3055156"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/trustcom\/bigdatase.2018.00115"},{"key":"ref13","first-page":"550","article-title":"DroidLogger: Reveal suspicious behavior of Android applications via instrumentation","volume-title":"Proc. 7th Int. Conf. Comput. Converg. Technol. (ICCCT)","author":"Dai"},{"key":"ref14","first-page":"1","article-title":"Hey, you, get off of my market: Detecting malicious apps in official and alternative Android markets","volume-title":"Proc. NDSS","volume":"2","author":"Zhou"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/inmic50486.2020.9318117"},{"key":"ref16","volume-title":"Guidelines for performing systematic literature reviews in software engineering","author":"Kitchenham","year":"2007"},{"key":"ref17","volume-title":"Android Security, Attacks and Defenses","author":"Dubey","year":"2013"},{"key":"ref18","volume-title":"Android Platform Architecture","year":"2021"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1016\/j.cosrev.2022.100529"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1109\/tetci.2023.3281833"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1186\/s42400-022-00119-8"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1080\/08839514.2021.2007327"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102833"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1016\/j.cosrev.2021.100373"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.102087"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1016\/j.compeleceng.2021.107143"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.3390\/info12050185"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.3390\/electronics10131606"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/access.2020.3006143"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/access.2020.3028370"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.3390\/electronics9060942"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2019.03.007"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.17781\/p002605"},{"issue":"8","key":"ref34","first-page":"255","article-title":"Android malware detection: A survey","volume":"50","author":"Odusami","year":"2018","journal-title":"Scientia Sinica Informationis"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1007\/s11219-017-9368-4"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1631\/fitee.1601745"},{"key":"ref37","article-title":"A review on the use of deep learning in Android malware detection","author":"Naway","year":"2018","journal-title":"arXiv:1812.10360"},{"key":"ref38","volume-title":"Embedded Android","author":"Yaghmour","year":"2013"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1201\/b17598"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1109\/access.2019.2918139"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1155\/2018\/1649703"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1109\/access.2020.3008081"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1016\/j.compeleceng.2022.107903"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1145\/1134285.1134500"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1109\/access.2018.2792941"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1109\/iscturkey51113.2020.9308003"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1109\/icimcis51567.2020.9354315"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1109\/iccisci.2019.8716471"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1109\/scored53546.2021.9652685"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.5220\/0006256706530662"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1016\/j.asoc.2021.107783"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1155\/2020\/8861639"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-10-7200-0_13"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2020.102483"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1109\/worlds451998.2021.9513992"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1145\/2802130.2802132"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1186\/s40064-015-1356-1"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1063\/1.4992953"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-68542-7_48"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1002\/int.22529"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2023.103486"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1109\/scisisis55246.2022.10002083"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-021-00390-2"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1145\/2897845.2897860"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-23829-6_40"},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.1109\/ecace.2019.8679493"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1145\/2799979.2800003"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1109\/ares.2013.93"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.18185\/erzifbed.806683"},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1109\/i2ct.2017.8226303"},{"key":"ref71","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-10-8633-5_36"},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.1109\/compsac.2015.103"},{"key":"ref73","doi-asserted-by":"publisher","DOI":"10.1109\/icce.2016.7430561"},{"key":"ref74","doi-asserted-by":"publisher","DOI":"10.1155\/2020\/8863617"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.1109\/tdsc.2016.2536605"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1109\/tifs.2016.2646641"},{"key":"ref77","doi-asserted-by":"publisher","DOI":"10.1109\/tst.2016.7399288"},{"key":"ref78","doi-asserted-by":"publisher","DOI":"10.32604\/csse.2022.023652"},{"key":"ref79","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-22915-7_41"},{"key":"ref80","doi-asserted-by":"publisher","DOI":"10.1109\/icufn.2016.7537161"},{"issue":"6","key":"ref81","first-page":"1031","article-title":"Android malware detection approaches in combination with static and dynamic features","volume":"21","author":"Su","year":"2019","journal-title":"Int. J. Netw. Secur."},{"key":"ref82","doi-asserted-by":"publisher","DOI":"10.1145\/2619239.2631434"},{"key":"ref83","doi-asserted-by":"publisher","DOI":"10.3390\/app122110755"},{"key":"ref84","doi-asserted-by":"publisher","DOI":"10.1109\/cns48642.2020.9162341"},{"key":"ref85","doi-asserted-by":"publisher","DOI":"10.1016\/j.compeleceng.2019.04.019"},{"key":"ref86","article-title":"Multiple layer hybrid classification for Android malware detection","author":"Konstantinos","year":"2021"},{"key":"ref87","doi-asserted-by":"publisher","DOI":"10.1109\/syscon53536.2022.9773881"},{"key":"ref88","doi-asserted-by":"publisher","DOI":"10.1155\/2021\/7035233"},{"key":"ref89","doi-asserted-by":"publisher","DOI":"10.1109\/itnec.2019.8729017"},{"key":"ref90","doi-asserted-by":"publisher","DOI":"10.1109\/icoiact50329.2020.9332066"},{"key":"ref91","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-59162-9_20"},{"key":"ref92","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2015.02.149"},{"key":"ref93","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-56991-8_51"},{"key":"ref94","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-78078-8_25"},{"key":"ref95","doi-asserted-by":"publisher","DOI":"10.1109\/tnse.2022.3188597"},{"key":"ref96","doi-asserted-by":"publisher","DOI":"10.1109\/ccst.2019.8888430"},{"key":"ref97","doi-asserted-by":"publisher","DOI":"10.1109\/icore58172.2022.00032"},{"key":"ref98","doi-asserted-by":"publisher","DOI":"10.3390\/app13137720"},{"key":"ref99","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2020.10.008"},{"key":"ref100","doi-asserted-by":"publisher","DOI":"10.1007\/s10922-021-09634-4"},{"key":"ref101","doi-asserted-by":"publisher","DOI":"10.1109\/dasa54658.2022.9764984"},{"key":"ref102","doi-asserted-by":"publisher","DOI":"10.1007\/s41870-023-01392-7"},{"key":"ref103","doi-asserted-by":"publisher","DOI":"10.1016\/j.inffus.2018.12.006"},{"key":"ref104","doi-asserted-by":"publisher","DOI":"10.21528\/cbic2021-32"},{"key":"ref105","doi-asserted-by":"publisher","DOI":"10.3390\/electronics10232948"},{"key":"ref106","doi-asserted-by":"publisher","DOI":"10.1007\/s11334-023-00530-5"},{"key":"ref107","doi-asserted-by":"publisher","DOI":"10.1038\/s41598-023-30028-w"},{"key":"ref108","doi-asserted-by":"publisher","DOI":"10.1109\/skima57145.2022.10029504"},{"key":"ref109","article-title":"Hybrid-falcon: Hybrid pattern malware detection and categorization with network traffic and program code","author":"Xu","year":"2021","journal-title":"arXiv:2112.10035"},{"key":"ref110","doi-asserted-by":"publisher","DOI":"10.1109\/sp.2012.16"},{"key":"ref111","volume-title":"The Drebin Dataset","year":"2014"},{"key":"ref112","volume-title":"AndroZoo Dataset","year":"2016"},{"key":"ref113","volume-title":"MalDroid-2020","year":"2020"},{"key":"ref114","volume-title":"Kronodroid Dataset","author":"Guerra-Manzanares","year":"2023"},{"key":"ref115","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.101663"},{"key":"ref116","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102670"},{"key":"ref117","doi-asserted-by":"publisher","DOI":"10.1145\/3241539.3267768"},{"key":"ref118","doi-asserted-by":"publisher","DOI":"10.9781\/ijimai.2020.09.001"},{"key":"ref119","doi-asserted-by":"publisher","DOI":"10.1109\/waina.2017.26"},{"key":"ref120","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2015.12.005"},{"key":"ref121","doi-asserted-by":"publisher","DOI":"10.1109\/ccoms.2019.8821665"},{"key":"ref122","doi-asserted-by":"publisher","DOI":"10.1007\/s11432-018-9615-8"},{"key":"ref123","doi-asserted-by":"publisher","DOI":"10.1049\/cje.2018.09.008"},{"key":"ref124","doi-asserted-by":"publisher","DOI":"10.1145\/3014812.3014888"},{"key":"ref125","doi-asserted-by":"publisher","DOI":"10.1109\/icitri56423.2022.9970205"},{"key":"ref126","doi-asserted-by":"publisher","DOI":"10.1016\/j.aej.2018.10.008"},{"key":"ref127","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-014-0250-0"},{"key":"ref128","doi-asserted-by":"publisher","DOI":"10.1109\/access.2018.2853121"},{"key":"ref129","doi-asserted-by":"publisher","DOI":"10.1155\/2022\/8398591"},{"key":"ref130","doi-asserted-by":"publisher","DOI":"10.1109\/access.2017.2771470"},{"key":"ref131","doi-asserted-by":"publisher","DOI":"10.1109\/trustcom.2013.25"},{"key":"ref132","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-60425-7_1"},{"key":"ref133","doi-asserted-by":"publisher","DOI":"10.1145\/3041008.3041010"},{"key":"ref134","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2020.02.002"},{"key":"ref135","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-67526-8"},{"key":"ref136","first-page":"172","article-title":"Outlier detection with one-class SVMs: An application to melanoma prognosis","volume-title":"Proc. AMIA Annu. Symp.","author":"Dreiseitl"},{"key":"ref137","volume-title":"Classification and Grouping of Linux System Calls","year":"2023"},{"key":"ref138","doi-asserted-by":"publisher","DOI":"10.1145\/2699026.2699109"},{"issue":"3","key":"ref139","first-page":"14","article-title":"Toward efficient dynamic analysis and testing for Android malware","volume":"2","author":"Shen","year":"2014","journal-title":"INPRA"},{"key":"ref140","doi-asserted-by":"publisher","DOI":"10.4018\/ijiit.2018040104"},{"key":"ref141","doi-asserted-by":"publisher","DOI":"10.1109\/tse.2016.2615307"},{"key":"ref142","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-15618-7_5"},{"key":"ref143","volume-title":"The Economic Value of Prevention in the Cybersecurity Lifecycle","year":"2020"},{"key":"ref144","doi-asserted-by":"publisher","DOI":"10.1145\/2619091"},{"key":"ref145","volume-title":"Droidbox","author":"Lantz","year":"2012"},{"key":"ref146","first-page":"1","article-title":"The state of mobile Internet connectivity 2021 connected society","author":"Delaporte","year":"2021"},{"key":"ref147","doi-asserted-by":"publisher","DOI":"10.3390\/s22176562"},{"key":"ref148","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23247"},{"key":"ref149","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2022.12.095"},{"key":"ref150","doi-asserted-by":"publisher","DOI":"10.1145\/2623330.2623661"},{"key":"ref151","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2018.09.007"},{"key":"ref152","doi-asserted-by":"publisher","DOI":"10.1109\/mobilecloud.2015.9"},{"key":"ref153","volume-title":"Global Mobile Threat Report","year":"2022"},{"key":"ref154","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382284"},{"key":"ref155","doi-asserted-by":"publisher","DOI":"10.1145\/3605775"},{"key":"ref156","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2022.11.001"}],"container-title":["IEEE Access"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6287639\/10380310\/10473005.pdf?arnumber=10473005","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,26]],"date-time":"2024-03-26T21:29:49Z","timestamp":1711488589000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10473005\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"references-count":156,"URL":"https:\/\/doi.org\/10.1109\/access.2024.3377658","relation":{},"ISSN":["2169-3536"],"issn-type":[{"value":"2169-3536","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]}}}