{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T12:16:37Z","timestamp":1763468197995,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":60,"publisher":"ACM","license":[{"start":{"date-parts":[[2014,3,3]],"date-time":"2014-03-03T00:00:00Z","timestamp":1393804800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2014,3,3]]},"DOI":"10.1145\/2557547.2557563","type":"proceedings-article","created":{"date-parts":[[2014,2,25]],"date-time":"2014-02-25T13:21:11Z","timestamp":1393334471000},"page":"187-198","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":23,"title":["PREC"],"prefix":"10.1145","author":[{"given":"Tsung-Hsuan","family":"Ho","sequence":"first","affiliation":[{"name":"North Carolina State University, Raleigh, NC, USA"}]},{"given":"Daniel","family":"Dean","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC, USA"}]},{"given":"Xiaohui","family":"Gu","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC, USA"}]},{"given":"William","family":"Enck","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC, USA"}]}],"member":"320","published-online":{"date-parts":[[2014,3,3]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Android Security Overview. Android Source. http:\/\/source.android.com\/devices\/tech\/security\/. Android Security Overview. Android Source. http:\/\/source.android.com\/devices\/tech\/security\/."},{"key":"e_1_3_2_1_2_1","unstructured":"Antutu Benchmark. https:\/\/play.google.com\/store\/apps\/details?id=com.antutu.ABenchMark. Antutu Benchmark. https:\/\/play.google.com\/store\/apps\/details?id=com.antutu.ABenchMark."},{"key":"e_1_3_2_1_3_1","unstructured":"DTrace. http:\/\/docs.oracle.com\/javase\/6\/docs\/technotes\/guides\/vm\/dtrace.html. DTrace. http:\/\/docs.oracle.com\/javase\/6\/docs\/technotes\/guides\/vm\/dtrace.html."},{"key":"e_1_3_2_1_4_1","unstructured":"DWARF Debugging Standard. http:\/\/www.dwarfstd.org\/. DWARF Debugging Standard. http:\/\/www.dwarfstd.org\/."},{"key":"e_1_3_2_1_5_1","unstructured":"Exception Handling ABI for ARM Architecture. http:\/\/infocenter.arm.com\/help\/topic\/com.arm.doc.ihi0038a\/IHI0038A_ehabi.pdf. Exception Handling ABI for ARM Architecture. http:\/\/infocenter.arm.com\/help\/topic\/com.arm.doc.ihi0038a\/IHI0038A_ehabi.pdf."},{"key":"e_1_3_2_1_6_1","unstructured":"Ice Cream Sandwich. Android Developer. http:\/\/developer.android.com\/about\/versions\/android-4.0-highlights.html. Ice Cream Sandwich. Android Developer. http:\/\/developer.android.com\/about\/versions\/android-4.0-highlights.html."},{"key":"e_1_3_2_1_7_1","unstructured":"Linux man page - pTrace - process trace. http:\/\/linux.die.net\/man\/2\/ptrace. Linux man page - pTrace - process trace. http:\/\/linux.die.net\/man\/2\/ptrace."},{"key":"e_1_3_2_1_8_1","unstructured":"Linux Trace Toolkit - next generation. https:\/\/lttng.org. Linux Trace Toolkit - next generation. https:\/\/lttng.org."},{"key":"e_1_3_2_1_9_1","unstructured":"Security-Enhanced Linux. Android Developer. http:\/\/source.android.com\/devices\/tech\/security\/selinux.html. Security-Enhanced Linux. Android Developer. http:\/\/source.android.com\/devices\/tech\/security\/selinux.html."},{"key":"e_1_3_2_1_10_1","unstructured":"SystemTap. http:\/\/sourceware.org\/systemtap\/. SystemTap. http:\/\/sourceware.org\/systemtap\/."},{"key":"e_1_3_2_1_11_1","unstructured":"UI\/Application Exerciser Mokey. http:\/\/developer.android.com\/tools\/help\/monkey.html. UI\/Application Exerciser Mokey. http:\/\/developer.android.com\/tools\/help\/monkey.html."},{"key":"e_1_3_2_1_12_1","unstructured":"Vulnerabilities. X-Ray. http:\/\/www.xray.io\/#vulnerabilities. Vulnerabilities. X-Ray. http:\/\/www.xray.io\/#vulnerabilities."},{"key":"e_1_3_2_1_13_1","unstructured":"Apple. Apple Updates iOS to 6.1. Apple. http:\/\/www.apple.com\/pr\/library\/2013\/01\/28Apple-Updates-iOS-to-6-1.html. Apple. Apple Updates iOS to 6.1. Apple. http:\/\/www.apple.com\/pr\/library\/2013\/01\/28Apple-Updates-iOS-to-6-1.html."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-45248-5_8"},{"key":"e_1_3_2_1_15_1","volume-title":"Behavior-Based Malware Clustering. In Proc. of NDSS","author":"Bayer U.","year":"2009","unstructured":"U. Bayer , P. Milani , C. Hlauschek , C. Kruegel , and E. Kirda . Scalable , Behavior-Based Malware Clustering. In Proc. of NDSS , 2009 . U. Bayer, P. Milani, C. Hlauschek, C. Kruegel, and E. Kirda. Scalable, Behavior-Based Malware Clustering. In Proc. of NDSS, 2009."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"crossref","DOI":"10.1093\/oso\/9780198538493.001.0001","volume-title":"Neural Networks for Pattern Recognition","author":"Bishop C. M.","year":"1995","unstructured":"C. M. Bishop . Neural Networks for Pattern Recognition . Oxford University Press, Inc. , New York, NY, USA , 1995 . C. M. Bishop. Neural Networks for Pattern Recognition. Oxford University Press, Inc., New York, NY, USA, 1995."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046614.2046619"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2338965.2336768"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2462096.2462100"},{"key":"e_1_3_2_1_20_1","volume-title":"Proc. of DSN","author":"Chen X.","year":"2008","unstructured":"X. Chen , J. Andersen , Z. M. Mao , M. Bailey , and J. Nazario . Towards an Understanding of Anti-virtualization and Anti-debugging Behavior in Modern Malware . In Proc. of DSN , 2008 . X. Chen, J. Andersen, Z. M. Mao, M. Bailey, and J. Nazario. Towards an Understanding of Anti-virtualization and Anti-debugging Behavior in Modern Malware. In Proc. of DSN, 2008."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1247660.1247690"},{"key":"e_1_3_2_1_22_1","author":"Creech G.","year":"2013","unstructured":"G. Creech and J. Hu . A Semantic Approach to Host-based Intrusion Detection Systems Using Contiguous and Discontiguous System Call Patterns. IEEE Transactions on Computers , 2013 . G. Creech and J. Hu. A Semantic Approach to Host-based Intrusion Detection Systems Using Contiguous and Discontiguous System Call Patterns. IEEE Transactions on Computers, 2013.","journal-title":"IEEE Transactions on Computers"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2371536.2371572"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2089125.2089126"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/DISCEX.2003.1194894"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.5555\/1947337.1947356"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030126"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/11663812_4"},{"key":"e_1_3_2_1_29_1","volume-title":"Proc. of NDSS","author":"Garfinkel T.","year":"2003","unstructured":"T. Garfinkel . Traps and pitfalls: Practical problems in system call interposition based security tools . In Proc. of NDSS , 2003 . T. Garfinkel. Traps and pitfalls: Practical problems in system call interposition based security tools. In Proc. of NDSS, 2003."},{"key":"e_1_3_2_1_30_1","volume-title":"Proc. of LISA","author":"Girardin L.","year":"1998","unstructured":"L. Girardin and D. Brodbeck . A visual approach for monitoring logs . In Proc. of LISA , 1998 . L. Girardin and D. Brodbeck. A visual approach for monitoring logs. In Proc. of LISA, 1998."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2307636.2307663"},{"key":"e_1_3_2_1_32_1","volume-title":"Proc. of ICML","author":"Hu W.","year":"2003","unstructured":"W. Hu , Y. Liao , and V. R. Vemuri . Robust anomaly detection using support vector machines . In Proc. of ICML , 2003 . W. Hu, Y. Liao, and V. R. Vemuri. Robust anomaly detection using support vector machines. In Proc. of ICML, 2003."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/CIS.2011.226"},{"key":"e_1_3_2_1_34_1","author":"Jiang H.","year":"2009","unstructured":"H. Jiang and J. Ruan . The application of genetic neural network in network intrusion detection. Journal of Computers , 2009 . H. Jiang and J. Ruan. The application of genetic neural network in network intrusion detection. Journal of Computers, 2009.","journal-title":"Journal of Computers"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-642-56927-2","volume-title":"Self-Organizing Maps","author":"Kohonen T.","year":"2001","unstructured":"T. Kohonen , J. Tan , and T. Huang . Self-Organizing Maps . Springer , 3 rd edition, 2001 . T. Kohonen, J. Tan, and T. Huang. Self-Organizing Maps. Springer, 3rd edition, 2001.","edition":"3"},{"key":"e_1_3_2_1_36_1","volume-title":"Proc. of USENIX Security","author":"Kolbitsch C.","year":"2009","unstructured":"C. Kolbitsch , P. M. Comparetti , C. Kruegel , E. Kirda , X. Zhou , and X. Wang . Effective and Efficient Malware Detection at the End Host . In Proc. of USENIX Security , 2009 . C. Kolbitsch, P. M. Comparetti, C. Kruegel, E. Kirda, X. Zhou, and X. Wang. Effective and Efficient Malware Detection at the End Host. In Proc. of USENIX Security, 2009."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-39650-5_19"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN.2002.1007776"},{"key":"e_1_3_2_1_39_1","unstructured":"H. Lockheimer. Android and Security. Google Mobile Blog. http:\/\/googlemobile.blogspot.com\/2012\/02\/androidand-security.html. H. Lockheimer. Android and Security. Google Mobile Blog. http:\/\/googlemobile.blogspot.com\/2012\/02\/androidand-security.html."},{"key":"e_1_3_2_1_40_1","volume-title":"IEEE TODS","author":"Maggi F.","year":"2008","unstructured":"F. Maggi , M. Matteucci , and S. Zanero . Detecting intrusions through system call sequence and argument analysis . IEEE TODS , 2008 . F. Maggi, M. Matteucci, and S. Zanero. Detecting intrusions through system call sequence and argument analysis. IEEE TODS, 2008."},{"key":"e_1_3_2_1_41_1","volume-title":"Proc. of AST","author":"Mahmood R.","year":"2013","unstructured":"R. Mahmood , N. Esfahani , T. Kacem , N. Mirzaei , S. Malek , and A. Stavrou . A whitebox approach for automated security testing of android applications on the cloud . In Proc. of AST , 2013 . R. Mahmood, N. Esfahani, T. Kacem, N. Mirzaei, S. Malek, and A. Stavrou. A whitebox approach for automated security testing of android applications on the cloud. In Proc. of AST, 2013."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.5555\/645838.670733"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2007.17"},{"key":"e_1_3_2_1_44_1","unstructured":"J. Oberheide. Dissecting Android's Bouncer. The Duo Bulletin. https:\/\/blog.duosecurity.com\/2012\/06\/dissecting-androids-bouncer\/. J. Oberheide. Dissecting Android's Bouncer. The Duo Bulletin. https:\/\/blog.duosecurity.com\/2012\/06\/dissecting-androids-bouncer\/."},{"key":"e_1_3_2_1_45_1","volume-title":"Proc. of USENIX Security","author":"Oberheide J.","year":"2008","unstructured":"J. Oberheide , E. Cooke , and F. Jahanian . CloudAV: N-Version Antivirus in the Network Cloud . In Proc. of USENIX Security , 2008 . J. Oberheide, E. Cooke, and F. Jahanian. CloudAV: N-Version Antivirus in the Network Cloud. In Proc. of USENIX Security, 2008."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382220"},{"key":"e_1_3_2_1_47_1","volume-title":"Proc. of VB","author":"Pilz H.","year":"2012","unstructured":"H. Pilz . Building a Test Environment for Android Anti-malware Tests . In Proc. of VB , 2012 . H. Pilz. Building a Test Environment for Android Anti-malware Tests. In Proc. of VB, 2012."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920313"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/2435349.2435379"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/2295136.2295141"},{"key":"e_1_3_2_1_51_1","volume-title":"Proc. of the USENIX Security","author":"Somayaji A.","year":"2000","unstructured":"A. Somayaji and S. Forrest . Automated response using system-call delays . In Proc. of the USENIX Security , 2000 . A. Somayaji and S. Forrest. Automated response using system-call delays. In Proc. of the USENIX Security, 2000."},{"key":"e_1_3_2_1_52_1","volume-title":"Dynodroid: An input generation system for android apps. Technical report","author":"Tahiliani A. M. R.","year":"2012","unstructured":"A. M. R. Tahiliani and M. Naik . Dynodroid: An input generation system for android apps. Technical report , Georgia Institute of Technology , 2012 . A. M. R. Tahiliani and M. Naik. Dynodroid: An input generation system for android apps. Technical report, Georgia Institute of Technology, 2012."},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1999.766910"},{"key":"e_1_3_2_1_54_1","volume-title":"Bloomberg Businessweek","author":"Womack B.","year":"2012","unstructured":"B. Womack . Google Says 700,000 Applications Available for Android . Bloomberg Businessweek , Oct. 2012 . http:\/\/www.businessweek.com\/news\/2012-10-29\/google-says-700-000-applications-available-forandroid-devices. B. Womack. Google Says 700,000 Applications Available for Android. Bloomberg Businessweek, Oct. 2012. http:\/\/www.businessweek.com\/news\/2012-10-29\/google-says-700-000-applications-available-forandroid-devices."},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/1741866.1741874"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-37057-1_19"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.25"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/2381934.2381950"},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.16"},{"key":"e_1_3_2_1_60_1","volume-title":"Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets. In Proc. of NDSS","author":"Zhou Y.","year":"2012","unstructured":"Y. Zhou , Z. Wang , W. Zhou , and X. Jiang . Hey, You , Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets. In Proc. of NDSS , 2012 . Y. Zhou, Z. Wang, W. Zhou, and X. Jiang. Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets. In Proc. of NDSS, 2012."}],"event":{"name":"CODASPY'14: Fourth ACM Conference on Data and Application Security and Privacy","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"San Antonio Texas USA","acronym":"CODASPY'14"},"container-title":["Proceedings of the 4th ACM conference on Data and application security and privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2557547.2557563","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2557547.2557563","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T08:09:50Z","timestamp":1750234190000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2557547.2557563"}},"subtitle":["practical root exploit containment for android devices"],"short-title":[],"issued":{"date-parts":[[2014,3,3]]},"references-count":60,"alternative-id":["10.1145\/2557547.2557563","10.1145\/2557547"],"URL":"https:\/\/doi.org\/10.1145\/2557547.2557563","relation":{},"subject":[],"published":{"date-parts":[[2014,3,3]]},"assertion":[{"value":"2014-03-03","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}