{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,30]],"date-time":"2026-03-30T20:57:39Z","timestamp":1774904259851,"version":"3.50.1"},"reference-count":39,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans.Inform.Forensic Secur."],"published-print":{"date-parts":[[2020]]},"DOI":"10.1109\/tifs.2019.2932228","type":"journal-article","created":{"date-parts":[[2019,7,31]],"date-time":"2019-07-31T19:45:50Z","timestamp":1564602350000},"page":"987-1001","source":"Crossref","is-referenced-by-count":286,"title":["Android HIV: A Study of Repackaging Malware for Evading Machine-Learning Detection"],"prefix":"10.1109","volume":"15","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4224-6450","authenticated-orcid":false,"given":"Xiao","family":"Chen","sequence":"first","affiliation":[]},{"given":"Chaoran","family":"Li","sequence":"additional","affiliation":[]},{"given":"Derui","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Sheng","family":"Wen","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2189-7801","authenticated-orcid":false,"given":"Jun","family":"Zhang","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3289-6599","authenticated-orcid":false,"given":"Surya","family":"Nepal","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5252-0831","authenticated-orcid":false,"given":"Yang","family":"Xiang","sequence":"additional","affiliation":[]},{"given":"Kui","family":"Ren","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660359"},{"key":"ref38","first-page":"1","article-title":"Adversarial examples: Attacks and defenses for deep learning","volume":"abs 1712 7107","author":"yuan","year":"2017","journal-title":"CoRR"},{"key":"ref33","author":"wu","year":"2018","journal-title":"Adversarial Sample Generation Making Machine Learningsystems Robust for Security"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/AsiaJCIS.2012.18"},{"key":"ref31","year":"2015","journal-title":"Internet security threat report volume 20"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1145\/2637364.2592003"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134642"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2015.31"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11203-9_10"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2016.2523912"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2017.2720160"},{"key":"ref11","first-page":"2121","article-title":"Adaptive subgradient methods for online learning and stochastic optimization","volume":"12","author":"duchi","year":"2011","journal-title":"J Mach Learn Res"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2687880"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2014.2386139"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/2517312.2517315"},{"key":"ref15","article-title":"Explaining and harnessing adversarial examples","author":"goodfellow","year":"2014","journal-title":"arXiv 1412 6572"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-66399-9_4"},{"key":"ref17","article-title":"Generating adversarial malware examples for black-box attacks based on gan","author":"hu","year":"2017","journal-title":"arXiv 1702 05983"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2012.013012.00028"},{"key":"ref19","first-page":"197","article-title":"Practical evasion of a learning-based classifier: A case study","author":"laskov","year":"2014","journal-title":"Proc IEEE Symp Secur Privacy (SP)"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2013.101613.00077"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/1128817.1128824"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2017.190"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1007\/s10994-010-5188-5"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.49"},{"key":"ref29","first-page":"1","article-title":"Intriguing properties of neural networks","volume":"abs 1312 6199","author":"szegedy","year":"2013","journal-title":"CoRR"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40994-3_25"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2017.11.007"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134636"},{"key":"ref2","first-page":"228","article-title":"Permission-based Android malware detection","volume":"2","author":"aung","year":"2013","journal-title":"Int J Sci Technol Res"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2017.2700270"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23247"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-28865-9_2"},{"key":"ref22","year":"2018","journal-title":"McAfee Mobile Threat Report Q1 2018"},{"key":"ref21","article-title":"MaMaDroid: Detecting Android malware by building Markov chains of behavioral models","author":"mariconti","year":"2016","journal-title":"arXiv 1612 04433"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2016.36"},{"key":"ref23","year":"2017","journal-title":"Evading machine learning malware detection"},{"key":"ref26","article-title":"Generic black-box end-to-end attack against state of the art API call based malware classifiers","author":"rosenberg","year":"2017","journal-title":"arXiv 1707 05970"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/ICTAI.2013.53"}],"container-title":["IEEE Transactions on Information Forensics and Security"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10206\/8833568\/08782574.pdf?arnumber=8782574","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,4,27]],"date-time":"2022-04-27T17:00:43Z","timestamp":1651078843000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8782574\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"references-count":39,"URL":"https:\/\/doi.org\/10.1109\/tifs.2019.2932228","relation":{},"ISSN":["1556-6013","1556-6021"],"issn-type":[{"value":"1556-6013","type":"print"},{"value":"1556-6021","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020]]}}}