{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,22]],"date-time":"2026-01-22T06:36:14Z","timestamp":1769063774949,"version":"3.49.0"},"reference-count":47,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015,10]]},"DOI":"10.1109\/malware.2015.7413693","type":"proceedings-article","created":{"date-parts":[[2016,2,26]],"date-time":"2016-02-26T11:26:08Z","timestamp":1456485968000},"page":"128-135","source":"Crossref","is-referenced-by-count":28,"title":["Clustering android malware families by http traffic"],"prefix":"10.1109","author":[{"given":"Marco","family":"Aresu","sequence":"first","affiliation":[]},{"given":"Davide","family":"Ariu","sequence":"additional","affiliation":[]},{"given":"Mansour","family":"Ahmadi","sequence":"additional","affiliation":[]},{"given":"Davide","family":"Maiorca","sequence":"additional","affiliation":[]},{"given":"Giorgio","family":"Giacinto","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref39","article-title":"Android malware genome project","author":"zhou","year":"2012"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.15"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1109\/PST.2014.6890946"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-36516-4_7"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/NGMAST.2014.57"},{"key":"ref30","first-page":"1","article-title":"Evaluation of machine learning classifiers for mobile malware detection","author":"narudin","year":"2014","journal-title":"Soft Computing"},{"key":"ref37","first-page":"26","article-title":"Behavioral clustering of http-based malware and signature generation using malicious network traces","author":"perdisci","year":"2010","journal-title":"Proceedings of the 7th USENIX Conference on Networked Systems Design and Implementation"},{"key":"ref36","first-page":"103","article-title":"BIRCH: an efficient data clustering method for very large databases","author":"zhang","year":"1996","journal-title":"Proceedings of the 1996 ACM SIGMOD international conference on Management of data"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1002\/sec.1170"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1145\/2699026.2699119"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516728"},{"key":"ref40","article-title":"Contagio mobile - mobile malware mini dump","author":"parkour","year":"2012"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/1999995.2000018"},{"key":"ref12","first-page":"543","article-title":"Effective inter-component communication mapping in android: An essential step towards holistic security analysis","author":"octeau","year":"2013","journal-title":"Presented as part of the 22nd USENIX Security Symposium (USENIX Security 13)"},{"key":"ref13","article-title":"Systematic detection of capability leaks in stock android smartphones","author":"grace","year":"2012","journal-title":"19th Annual Network & Distributed System Security Symposium"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382223"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1145\/2435349.2435377"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1145\/2133601.2133640"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23247"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/AsiaJCIS.2012.18"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11203-9_10"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1007\/s10844-010-0148-x"},{"key":"ref4","first-page":"139","article-title":"Botminer: Clustering analysis of network traffic for protocol-and structure-independent botnet detection","author":"gu","year":"2008","journal-title":"Proceedings of The 17th Conference on Security Symposium"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046780"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1145\/1080793.1080806"},{"key":"ref6","article-title":"A timeline of mobile botnets","author":"nigam","year":"2015","journal-title":"Virus Bulletin"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2014.02.009"},{"key":"ref5","article-title":"Security threat report","year":"2014"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/2348543.2348563"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOM.2013.6566868"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/SECCOMW.2006.359550"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2012.06.022"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1145\/1161289.1161307"},{"key":"ref46","article-title":"jnetpcap opensource - protocol analysis sdk","year":"2014"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/2046614.2046619"},{"key":"ref45","article-title":"Uiautomator - android framework","year":"2014"},{"key":"ref22","first-page":"29","article-title":"Droidscope: Seamlessly reconstructing the os and dalvik semantic views for dynamic android malware analysis","author":"yan","year":"2012","journal-title":"Proceedings of the 21st USENIX Conference on Security Symposium"},{"key":"ref47","article-title":"Snort - open source network intrusion prevention system","year":"2014"},{"key":"ref21","article-title":"A system call-centric analysis and stimulation technique to automatically reconstruct android malware behaviors","author":"reina","year":"2013","journal-title":"Proceedings of European Workshop on System Security (EUROSEC"},{"key":"ref42","article-title":"Copperdroid","year":"2014"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/IWCMC.2013.6583806"},{"key":"ref41","article-title":"Virustotal - free online virus, malware and url scanner","year":"2014","journal-title":"https z\/www virustotal com\/"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1145\/2435349.2435379"},{"key":"ref44","article-title":"Tracedroid - free online dynamic android app nalysis","year":"2014"},{"key":"ref26","first-page":"1","article-title":"Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones","author":"enck","year":"2010","journal-title":"Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation"},{"key":"ref43","article-title":"Anubis - free online malware analysis for unknown binaries (windows executable or android apk)","year":"2014"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/EST.2010.26"}],"event":{"name":"2015 10th International Conference on Malicious and Unwanted Software (MALWARE)","location":"Fajardo","start":{"date-parts":[[2015,10,20]]},"end":{"date-parts":[[2015,10,22]]}},"container-title":["2015 10th International Conference on Malicious and Unwanted Software (MALWARE)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/7405773\/7413673\/07413693.pdf?arnumber=7413693","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,3,21]],"date-time":"2017-03-21T09:27:44Z","timestamp":1490088464000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/7413693\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,10]]},"references-count":47,"URL":"https:\/\/doi.org\/10.1109\/malware.2015.7413693","relation":{},"subject":[],"published":{"date-parts":[[2015,10]]}}}