{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,16]],"date-time":"2026-04-16T10:17:30Z","timestamp":1776334650720,"version":"3.51.2"},"reference-count":56,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"5","license":[{"start":{"date-parts":[[2017,5,1]],"date-time":"2017-05-01T00:00:00Z","timestamp":1493596800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans.Inform.Forensic Secur."],"published-print":{"date-parts":[[2017,5]]},"DOI":"10.1109\/tifs.2016.2646641","type":"journal-article","created":{"date-parts":[[2016,12,29]],"date-time":"2016-12-29T19:15:42Z","timestamp":1483038942000},"page":"1103-1112","source":"Crossref","is-referenced-by-count":94,"title":["Monet: A User-Oriented Behavior-Based Malware Variants Detection System for Android"],"prefix":"10.1109","volume":"12","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4775-0362","authenticated-orcid":false,"given":"Mingshen","family":"Sun","sequence":"first","affiliation":[]},{"given":"Xiaolei","family":"Li","sequence":"additional","affiliation":[]},{"given":"John C. S.","family":"Lui","sequence":"additional","affiliation":[]},{"given":"Richard T. B.","family":"Ma","sequence":"additional","affiliation":[]},{"given":"Zhenkai","family":"Liang","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref39","first-page":"163","article-title":"DroidMiner: Automated mining and characterization of fine-grained malicious behaviors in Android applications","author":"yang","year":"2014","journal-title":"Proc ESORICS"},{"key":"ref38","first-page":"259","article-title":"FlowDroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps","author":"arzt","year":"2014","journal-title":"Proc PLDI"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23247"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1145\/2307636.2307663"},{"key":"ref31","first-page":"1","article-title":"DroidEagle: Seamless detection of visually similar Android apps","author":"sun","year":"2015","journal-title":"Proc WiSec"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1145\/2664243.2664275"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382223"},{"key":"ref36","first-page":"21","article-title":"A study of Android application security","author":"enck","year":"2011","journal-title":"Proc USENIX Security07"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2016.2523912"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1145\/2818000.2818038"},{"key":"ref28","first-page":"659","article-title":"Finding unknown malice in 10 seconds: Mass vetting for new threats at the Google-play scale","author":"chen","year":"2015","journal-title":"Proc USENIX Security07"},{"key":"ref27","first-page":"182","article-title":"AnDarwin: Scalable detection of semantically similar Android applications","author":"crussell","year":"2013","journal-title":"Proc ESORICS"},{"key":"ref29","first-page":"25","article-title":"ViewDroid: Towards obfuscation-resilient mobile application repackaging detection","author":"zhang","year":"2014","journal-title":"Proc ACM Conf Sec Privacy Wireless Mobile Netw"},{"key":"ref2","year":"2016","journal-title":"The Future of Mobile Malware"},{"key":"ref1","article-title":"McAfee labs threats report may 2015","year":"2015"},{"key":"ref20","year":"2016","journal-title":"Android Platform Based Linux Kernel Rootkit"},{"key":"ref22","year":"2016","journal-title":"Contagio Mobile Mobile Malware Mini Dump"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom.2013.25"},{"key":"ref24","year":"2016","journal-title":"Aurora Softworks Quadrant Standard Edition"},{"key":"ref23","year":"0","journal-title":"Monkey"},{"key":"ref26","first-page":"62","article-title":"Juxtapp: A scalable system for detecting code reuse among Android applications","author":"hanna","year":"2013","journal-title":"Proc DIMVA"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.16"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23263"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45719-2_21"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2016.2536605"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1145\/2046614.2046619"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1109\/SPW.2016.25"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1145\/1741866.1741874"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1145\/1378600.1378626"},{"key":"ref10","first-page":"82","article-title":"ADAM: An automatic and extensible platform to stress test Android anti-virus systems","author":"zheng","year":"2013","journal-title":"Proc DIMVA"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/2484313.2484355"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1145\/2494522"},{"key":"ref12","year":"2016","journal-title":"Lbe Secrity Guard"},{"key":"ref13","year":"2016","journal-title":"Qihoo 360 Mobile Guard"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/2664243.2664245"},{"key":"ref15","first-page":"27","article-title":"Aurasium: Practical policy enforcement for Android applications","author":"xu","year":"2012","journal-title":"Proc USENIX Security07"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1145\/2462456.2464462"},{"key":"ref17","year":"2016","journal-title":"Smali\/Baksmali"},{"key":"ref18","year":"2012","journal-title":"ApkTool A tool for reverse engineering Android apk files"},{"key":"ref19","author":"aho","year":"2003","journal-title":"Compilers Principles Techniques and Tools"},{"key":"ref4","year":"2012","journal-title":"Android and Security"},{"key":"ref3","year":"2016","journal-title":"Gartner Says Worldwide Smartphone Sales Grew 3 9 Percent in First Quarter of 2016"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660359"},{"key":"ref5","article-title":"Threat Report H1 2014","year":"2014"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/2133601.2133640"},{"key":"ref7","first-page":"1","article-title":"Systematic detection of capability leaks in stock Android smartphones","author":"grace","year":"2012","journal-title":"Proc NDSS"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1109\/ICECCS.2014.13"},{"key":"ref9","first-page":"1","article-title":"Hey, you, get off of my market: Detecting malicious apps in official and alternative Android markets","author":"zhou","year":"2012","journal-title":"Proc NDSS"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC.2015.103"},{"key":"ref45","year":"2016","journal-title":"Droidbox"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23164"},{"key":"ref47","first-page":"1","article-title":"Flexible and fine-grained mandatory access control on Android for diverse security and privacy policies","author":"bugiel","year":"2013","journal-title":"Proc USENIX Security07"},{"key":"ref42","first-page":"29","article-title":"DroidScope: Seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis","author":"yan","year":"2012","journal-title":"Proc USENIX Security07"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978343"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23145"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516689"}],"container-title":["IEEE Transactions on Information Forensics and Security"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10206\/7862329\/07801876.pdf?arnumber=7801876","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,12]],"date-time":"2022-01-12T16:19:21Z","timestamp":1642004361000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/7801876\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,5]]},"references-count":56,"journal-issue":{"issue":"5"},"URL":"https:\/\/doi.org\/10.1109\/tifs.2016.2646641","relation":{},"ISSN":["1556-6013","1556-6021"],"issn-type":[{"value":"1556-6013","type":"print"},{"value":"1556-6021","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017,5]]}}}