{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,20]],"date-time":"2026-02-20T19:07:33Z","timestamp":1771614453491,"version":"3.50.1"},"reference-count":65,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"7","license":[{"start":{"date-parts":[[2017,7,1]],"date-time":"2017-07-01T00:00:00Z","timestamp":1498867200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"}],"funder":[{"DOI":"10.13039\/501100001381","name":"National Research Foundation Singapore","doi-asserted-by":"publisher","award":["NRF2014NCR-NCR001-30"],"award-info":[{"award-number":["NRF2014NCR-NCR001-30"]}],"id":[{"id":"10.13039\/501100001381","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans.Inform.Forensic Secur."],"published-print":{"date-parts":[[2017,7]]},"DOI":"10.1109\/tifs.2017.2661723","type":"journal-article","created":{"date-parts":[[2017,1,31]],"date-time":"2017-01-31T19:40:18Z","timestamp":1485891618000},"page":"1529-1544","source":"Crossref","is-referenced-by-count":72,"title":["Auditing Anti-Malware Tools by Evolving Android Malware and Dynamic Loading Technique"],"prefix":"10.1109","volume":"12","author":[{"given":"Yinxing","family":"Xue","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6388-2571","authenticated-orcid":false,"given":"Guozhu","family":"Meng","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yang","family":"Liu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tian Huat","family":"Tan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hongxu","family":"Chen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jun","family":"Sun","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jie","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref39","author":"turner","year":"2016","journal-title":"Malware Hijacks Big Four Australian Banks’ Apps Steals Two-Factor SMS Codes"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2015.61"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516676"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660359"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1504\/IJSN.2014.059327"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1145\/2931037.2931043"},{"key":"ref37","first-page":"303","article-title":"AppContext: Differentiating malicious and benign mobile app behaviors using context","author":"yang","year":"2014","journal-title":"Proc ICSE"},{"key":"ref36","year":"2015","journal-title":"Mystique $|$ Evolving Android Malware for Auditing Anti-Malware Tools"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23145"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382222"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2013.6703688"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2015.02.007"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813606"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2014.12"},{"key":"ref28","first-page":"37","article-title":"Attack of the clones: Detecting cloned applications on Android markets","author":"crussell","year":"2012","journal-title":"Proc ESORICS"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1145\/2592791.2592796"},{"key":"ref27","author":"hamada","year":"2016","journal-title":"Simplocker First Confirmed Ransomware for Android"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2015.05.001"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1007\/s11390-015-1573-7"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1145\/2484313.2484355"},{"key":"ref1","year":"0","journal-title":"AV-TEST Product Review and Certification Report-May\/2016"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/2648511.2648513"},{"key":"ref22","article-title":"A brief history of mobile malware","year":"2012"},{"key":"ref21","article-title":"Android malware—Past, present, and future","author":"castillo","year":"2012"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382221"},{"key":"ref23","article-title":"Internet security threat report","year":"2016"},{"key":"ref26","article-title":"Mobile threat report: What’s on the horizon for 2016","author":"snell","year":"2016"},{"key":"ref25","article-title":"An analysis of the AnserverBot trojan","author":"zhou","year":"2011"},{"key":"ref50","year":"2016","journal-title":"Android Malware MisoSMS One of the Largest Botnets to Date"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1145\/2554850.2554896"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1145\/1007512.1007518"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1145\/2516760.2516768"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-28891-3_18"},{"key":"ref56","article-title":"ARTist: The Android runtime instrumentation and security toolkit","author":"backes","year":"2016","journal-title":"CoRR"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1145\/2818000.2818036"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1109\/CSCloud.2015.97"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1109\/BADGERS.2014.7"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1002\/sec.800"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1145\/2554850.2555157"},{"key":"ref11","doi-asserted-by":"crossref","first-page":"365","DOI":"10.1145\/2897845.2897856","article-title":"Mystique: Evolving Android malware for auditing anti-malware tools","author":"meng","year":"2016","journal-title":"Proc Asia CCS"},{"key":"ref40","article-title":"ECMAScript 2015 language specification","year":"2015"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-28901-1"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/MS.2002.1020288"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23328"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1145\/2047862.2047866"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2013.73"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1145\/2714576.2714589"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.21236\/ADA235785"},{"key":"ref19","first-page":"7","article-title":"Feature models, grammars, and propositional formulas","author":"batory","year":"2005","journal-title":"Proc SPLC"},{"key":"ref4","first-page":"17","article-title":"Soundcomber: A stealthy and context-aware sound trojan for smartphones","author":"schlegel","year":"2011","journal-title":"Proc NDSS"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2013.2290431"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.16"},{"key":"ref5","article-title":"Efficient runtime monitoring with metric temporal logic: A case study in the Android operating system","author":"gunadi","year":"2013","journal-title":"CoRR"},{"key":"ref8","first-page":"82","article-title":"ADAM: An automatic and extensible platform to stress test Android anti-virus systems","author":"zheng","year":"2013","journal-title":"Proc DIMVA"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23247"},{"key":"ref49","article-title":"The rise of Android ransomware","year":"2014"},{"key":"ref9","doi-asserted-by":"crossref","first-page":"745","DOI":"10.1007\/978-3-319-16549-3_60","article-title":"Automatic generation of mobile malwares using genetic programming","volume":"9028","author":"aydogan","year":"2015","journal-title":"Applications of Evolutionary Computation"},{"key":"ref46","year":"2016"},{"key":"ref45","year":"2016","journal-title":"Xposed module repository"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1145\/2435349.2435377"},{"key":"ref47","first-page":"393","article-title":"TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones","author":"enck","year":"2010","journal-title":"Proc OSDI"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1109\/GEFS.2008.4484566"},{"key":"ref41","first-page":"107","article-title":"Optimization of product instantiation using integer programming","author":"van den broek","year":"2010","journal-title":"Proc SPLC"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2015.69"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2013.6606595"}],"container-title":["IEEE Transactions on Information Forensics and Security"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10206\/7898876\/07837653.pdf?arnumber=7837653","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,6,22]],"date-time":"2024-06-22T05:12:23Z","timestamp":1719033143000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/7837653\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,7]]},"references-count":65,"journal-issue":{"issue":"7"},"URL":"https:\/\/doi.org\/10.1109\/tifs.2017.2661723","relation":{},"ISSN":["1556-6013","1556-6021"],"issn-type":[{"value":"1556-6013","type":"print"},{"value":"1556-6021","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017,7]]}}}