{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T17:56:43Z","timestamp":1775066203847,"version":"3.50.1"},"reference-count":122,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/legalcode"}],"funder":[{"name":"Armasuisse Science and Technology, Cyber-Defense Campus, Switzerland, through the Research Program Cyberspace by the Project Security Analysis of Firmware of Mobile Devices","award":["ARAMIS Nr. AR-F03-003"],"award-info":[{"award-number":["ARAMIS Nr. AR-F03-003"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Access"],"published-print":{"date-parts":[[2024]]},"DOI":"10.1109\/access.2024.3390612","type":"journal-article","created":{"date-parts":[[2024,4,17]],"date-time":"2024-04-17T17:37:40Z","timestamp":1713375460000},"page":"57261-57287","source":"Crossref","is-referenced-by-count":23,"title":["Dynamic Security Analysis on Android: A Systematic Literature Review"],"prefix":"10.1109","volume":"12","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2649-3299","authenticated-orcid":false,"given":"Thomas","family":"Sutter","sequence":"first","affiliation":[{"name":"Institute of Computer Science, University of Bern, Bern, Switzerland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2582-5557","authenticated-orcid":false,"given":"Timo","family":"Kehrer","sequence":"additional","affiliation":[{"name":"Institute of Computer Science, University of Bern, Bern, Switzerland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5105-3258","authenticated-orcid":false,"given":"Marc","family":"Rennhard","sequence":"additional","affiliation":[{"name":"Institute of Computer Science, Z\u00fcrich University of Applied Sciences, Winterthur, Switzerland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5008-1107","authenticated-orcid":false,"given":"Bernhard","family":"Tellenbach","sequence":"additional","affiliation":[{"name":"Armasuisse Science and Technology, Cyber-Defense Campus, Zürich, Switzerland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4052-475X","authenticated-orcid":false,"given":"Jacques","family":"Klein","sequence":"additional","affiliation":[{"name":"Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, Luxembourg, Luxembourg"}]}],"member":"263","reference":[{"key":"ref1","volume-title":"Complete Guide to GDPR Compliance","year":"2023"},{"key":"ref2","volume-title":"California Consumer\n Privacy Act (CCPA)","year":"2023"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1145\/2666356.2594299"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2021.106809"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1145\/2699026.2699105"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1145\/3567599"},{"key":"ref7","first-page":"2115","article-title":"Log: It\u2019s big, it\u2019s heavy, it\u2019s\n filled with personal data! Measuring the logging of sensitive information in\n the Android ecosystem","volume-title":"Proc. Usenix\n Secur. Symp.","author":"Lyons"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/3377811.3380402"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/2931037.2931054"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1145\/3106237.3106298"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2015.89"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1145\/3178876.3186035"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833764"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2017.04.001"},{"key":"ref15","doi-asserted-by":"crossref","DOI":"10.1016\/j.jss.2023.111677","article-title":"A systematic literature review on Android-specific\n smells","volume":"201","author":"Wu","year":"2023","journal-title":"J. Syst. Softw."},{"issue":"13","key":"ref16","doi-asserted-by":"crossref","first-page":"160","DOI":"10.3390\/electronics10131606","article-title":"Android mobile malware detection using machine\n learning: A systematic review","volume":"10","author":"Senanayake","year":"2021","journal-title":"Electronics"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.3002842"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-40467-2_4"},{"key":"ref19","volume-title":"UI\/Application Exerciser Monkey","year":"2023"},{"issue":"4","key":"ref20","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3395042","article-title":"Fine-grained code coverage measurement in automated\n black-box Android testing","volume":"29","author":"Pilgun","year":"2020","journal-title":"ACM Trans. Softw.\n Eng. Methodol."},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE-SEIP.2017.32"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1145\/3460319.3464828"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1145\/3502868"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1145\/3395363.3397354"},{"key":"ref25","volume-title":"Write Automated Tests With UI\n Automator","year":"2023"},{"key":"ref26","volume-title":"OSS-FUZZ: Continuous Fuzzing for Open Source\n Software","year":"2023"},{"key":"ref27","volume-title":"Fuzzing Java in OSS-FUZZ","year":"2021"},{"key":"ref28","volume-title":"Jazzer","year":"2023"},{"key":"ref29","volume-title":"OWASP: Certificate and Public\n Key Pinning","year":"2023"},{"key":"ref30","doi-asserted-by":"crossref","DOI":"10.1016\/j.eswa.2022.119133","article-title":"Fileless malware threats: Recent advances, analysis\n approach through memory forensics and research\n challenges","volume":"214","author":"Kara","year":"2023","journal-title":"Exp. Syst. Appl."},{"key":"ref31","volume-title":"Strace\u2014Linux Syscall Tracer","year":"2023"},{"key":"ref32","volume-title":"Ptrace\u2014Linux Manual Page","year":"2023"},{"key":"ref33","volume-title":"Android Developer: Share\n Memory","year":"2023"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1145\/2799979.2800036"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1145\/1273442.1250746"},{"key":"ref36","volume-title":"Frida Source Code","author":"Ravn\u00e5s","year":"2014"},{"key":"ref37","volume-title":"Quarkslab Dynamic Binary\n Instrumentation","year":"2023"},{"key":"ref38","volume-title":"Dynamorio","year":"2023"},{"key":"ref39","volume-title":"Logcat Command-Line Tool","year":"2023"},{"issue":"12","key":"ref40","doi-asserted-by":"crossref","first-page":"2049","DOI":"10.1016\/j.infsof.2013.07.010","article-title":"A systematic review of systematic review process\n research in software engineering","volume":"55","author":"Kitchenham","year":"2013","journal-title":"Inf.\n Softw. Technol."},{"key":"ref41","volume-title":"Publish or Perish","year":"2022"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2971712"},{"key":"ref43","volume-title":"DBLP Computer Science\n Bibliography","year":"2023"},{"key":"ref44","volume-title":"Google Scholar: Top\n Publications Software Systems","year":"2023"},{"key":"ref45","volume-title":"Google Scholar: Top\n Publications Computer Security & Crypography","year":"2023"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1145\/3098243.3098247"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00005"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1007\/s11280-017-0458-9"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2018.2799522"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23149"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23171"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1145\/3321705.3329801"},{"key":"ref53","first-page":"603","article-title":"50 ways to leak your data: An exploration of\n apps\u2019 circumvention of the Android permissions\n system","volume-title":"Proc. 28th USENIX Secur.\n Symp.","author":"Reardon"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1145\/3292006.3300027"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.26599\/TST.2019.9010067"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2020.110609"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1145\/3377811.3380438"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1109\/TMC.2019.2903186"},{"key":"ref59","first-page":"3667","article-title":"Share first, ask later (or never?) Studying\n violations of GDPR\u2019s explicit consent in Android\n apps","volume-title":"Proc. 30th USENIX Secur.\n Symp.","author":"Nguyen"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1145\/3540250.3558969"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2023.23176"},{"key":"ref62","volume-title":"Hope Felivery: Extracting User\n Locations From Mobile Instant Messengers","year":"2023"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2023.3240724"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1145\/3611643.3616330"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2879302"},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2018.2792941"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2018.00040"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2018.2844349"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-018-0415-3"},{"key":"ref70","doi-asserted-by":"crossref","DOI":"10.1016\/j.jss.2019.07.088","article-title":"StaDART: Addressing the problem of dynamic code\n updates in the security analysis of Android\n applications","volume":"159","author":"Ahmad","year":"2020","journal-title":"J. Syst. Softw."},{"key":"ref71","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2019.101688","article-title":"EspyDroid+: Precise reflection analysis of Android\n apps","volume":"90","author":"Gajrani","year":"2020","journal-title":"Comput. Secur."},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.101663"},{"key":"ref73","doi-asserted-by":"publisher","DOI":"10.1016\/j.jpdc.2019.11.001"},{"key":"ref74","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2019.102423"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.1109\/TR.2019.2924677"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2020.106291"},{"key":"ref77","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2023.103277","article-title":"A system call-based Android malware detection\n approach with homogeneous & heterogeneous ensemble machine\n learning","volume":"130","author":"Bhat","year":"2023","journal-title":"Comput. Secur."},{"key":"ref78","doi-asserted-by":"publisher","DOI":"10.1049\/iet-ifs.2017.0460"},{"key":"ref79","doi-asserted-by":"publisher","DOI":"10.1145\/3495243.3560548"},{"key":"ref80","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-020-09879-8"},{"key":"ref81","first-page":"307","article-title":"FANS: Fuzzing Android native system services via\n automated interface analysis","volume-title":"Proc. 29th\n USENIX Conf. Secur. Symp.","author":"Liu"},{"key":"ref82","first-page":"789","article-title":"PARTEMU: Enabling dynamic analysis of real-world\n TrustZone software using emulation","volume-title":"Proc.\n 29th USENIX Conf. Secur. Symp.","author":"Harrison"},{"key":"ref83","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00094"},{"key":"ref84","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-61638-0_26"},{"key":"ref85","volume-title":"Bringing Balance to the Force: Dynamic Analysis\n of the Android Application Framework","author":"Dawoud","year":"2021"},{"key":"ref86","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-022-00458-7"},{"key":"ref87","doi-asserted-by":"publisher","DOI":"10.1109\/SP46215.2023.10179302"},{"key":"ref88","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00013"},{"key":"ref89","volume-title":"Network Security Configuration","year":"2023"},{"key":"ref90","volume-title":"360 App Store","year":"2023"},{"key":"ref91","volume-title":"Pymodel","author":"Jacky","year":"2022"},{"key":"ref92","doi-asserted-by":"publisher","DOI":"10.1145\/2619091"},{"key":"ref93","volume-title":"Fiddler Network Proxy","year":"2023"},{"key":"ref94","doi-asserted-by":"publisher","DOI":"10.1145\/2637364.2592003"},{"key":"ref95","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3133987"},{"key":"ref96","volume-title":"Malware Names","year":"2023"},{"key":"ref97","volume-title":"Malware Attribute Enumeration and\n Characterization (MAEC)","year":"2022"},{"key":"ref98","volume-title":"Types of Malware","year":"2023"},{"key":"ref99","volume-title":"Malware Categories","year":"2023"},{"key":"ref100","doi-asserted-by":"publisher","DOI":"10.1145\/3544968"},{"key":"ref101","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23247"},{"key":"ref102","volume-title":"Yara in a Nutshell","year":"2023"},{"key":"ref103","volume-title":"Security With Dynamically Loaded Code","year":"2024"},{"key":"ref104","volume-title":"Safer Dynamic Code Loading","year":"2024"},{"key":"ref105","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23145"},{"key":"ref106","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.30"},{"key":"ref107","volume-title":"Manifest.permission","year":"2023"},{"key":"ref108","doi-asserted-by":"publisher","DOI":"10.1145\/2901739.2903508"},{"key":"ref109","doi-asserted-by":"publisher","DOI":"10.1109\/ESEM56168.2023.10304863"},{"key":"ref110","doi-asserted-by":"publisher","DOI":"10.1145\/3556974"},{"key":"ref111","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2020.102087","article-title":"Android security assessment: A review, taxonomy and\n research gap study","volume":"100","author":"Garg","year":"2021","journal-title":"Comput. Secur."},{"key":"ref112","doi-asserted-by":"publisher","DOI":"10.1145\/3417978"},{"key":"ref113","doi-asserted-by":"crossref","DOI":"10.1016\/j.cosrev.2021.100373","article-title":"Malicious application detection in Android\u2014 A\n systematic literature review","volume":"40","author":"Sharma","year":"2021","journal-title":"Comput. Sci.\n Rev."},{"issue":"20","key":"ref114","doi-asserted-by":"crossref","first-page":"7928","DOI":"10.3390\/s22207928","article-title":"Detecting malware by analyzing app permissions on\n Android platform: A systematic literature review","volume":"22","author":"Ehsan","year":"2022","journal-title":"Sensors"},{"key":"ref115","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-10551-7_7"},{"key":"ref116","doi-asserted-by":"publisher","DOI":"10.1007\/s11219-017-9368-4"},{"key":"ref117","doi-asserted-by":"publisher","DOI":"10.1016\/j.cosrev.2020.100358"},{"key":"ref118","doi-asserted-by":"publisher","DOI":"10.1155\/2022\/7775917"},{"key":"ref119","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2021.3114381"},{"key":"ref120","doi-asserted-by":"publisher","DOI":"10.1049\/sfw2.12123"},{"key":"ref121","doi-asserted-by":"publisher","DOI":"10.1109\/TR.2018.2865733"},{"key":"ref122","doi-asserted-by":"crossref","DOI":"10.1016\/j.infsof.2021.106625","article-title":"Why many challenges with GUI test automation (will)\n remain","volume":"138","author":"Nass","year":"2021","journal-title":"Inf. Softw. Technol."}],"container-title":["IEEE Access"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6287639\/10380310\/10504267.pdf?arnumber=10504267","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,11,27]],"date-time":"2024-11-27T00:01:37Z","timestamp":1732665697000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10504267\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"references-count":122,"URL":"https:\/\/doi.org\/10.1109\/access.2024.3390612","relation":{},"ISSN":["2169-3536"],"issn-type":[{"value":"2169-3536","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]}}}