{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,22]],"date-time":"2026-01-22T20:02:50Z","timestamp":1769112170619,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":44,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,12,4]],"date-time":"2017-12-04T00:00:00Z","timestamp":1512345600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1513939"],"award-info":[{"award-number":["CNS-1513939"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,12,4]]},"DOI":"10.1145\/3134600.3134642","type":"proceedings-article","created":{"date-parts":[[2017,12,4]],"date-time":"2017-12-04T19:18:32Z","timestamp":1512415112000},"page":"288-302","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":83,"title":["Malware Detection in Adversarial Settings"],"prefix":"10.1145","author":[{"given":"Wei","family":"Yang","sequence":"first","affiliation":[{"name":"University of Illinois at Urbana-Champaign"}]},{"given":"Deguang","family":"Kong","sequence":"additional","affiliation":[{"name":"Yahoo Research"}]},{"given":"Tao","family":"Xie","sequence":"additional","affiliation":[{"name":"University of Illinois at Urbana-Champaign"}]},{"given":"Carl A.","family":"Gunter","sequence":"additional","affiliation":[{"name":"University of Illinois at Urbana-Champaign"}]}],"member":"320","published-online":{"date-parts":[[2017,12,4]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"https:\/\/goo.gl\/QVn82","author":"Detector Airpush","unstructured":"Airpush Detector . https:\/\/goo.gl\/QVn82 . Airpush Detector. https:\/\/goo.gl\/QVn82."},{"key":"e_1_3_2_1_2_1","unstructured":"Airpush Opt-out. http:\/\/www.airpush.com\/optout\/.  Airpush Opt-out. http:\/\/www.airpush.com\/optout\/."},{"key":"e_1_3_2_1_3_1","unstructured":"Contagio. http:\/\/contagiominidump.blogspot.com\/.  Contagio. http:\/\/contagiominidump.blogspot.com\/."},{"key":"e_1_3_2_1_4_1","unstructured":"Virusshare. http:\/\/virusshare.com\/.  Virusshare. http:\/\/virusshare.com\/."},{"key":"e_1_3_2_1_5_1","unstructured":"Virustotal. https:\/\/www.virustotal.com\/.  Virustotal. https:\/\/www.virustotal.com\/."},{"key":"e_1_3_2_1_6_1","unstructured":"Weka 3: Data mining software in Java. http:\/\/www.cs.waikato.ac.nz\/ml\/weka\/.  Weka 3: Data mining software in Java. http:\/\/www.cs.waikato.ac.nz\/ml\/weka\/."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23247"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382222"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/2771783.2771796"},{"key":"e_1_3_2_1_10_1","volume-title":"Bioinformatics: A Practical Guide to the Analysis of Genes and Proteins","author":"Baxevanis A. D.","year":"2004","unstructured":"A. D. Baxevanis and B. F. F. Ouellette . Bioinformatics: A Practical Guide to the Analysis of Genes and Proteins . John WileySons , 2004 . A. D. Baxevanis and B. F. F. Ouellette. Bioinformatics: A Practical Guide to the Analysis of Genes and Proteins. John WileySons, 2004."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40994-3_25"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/TKDE.2013.57"},{"key":"e_1_3_2_1_13_1","first-page":"777","volume-title":"Proc. AAAI Workshop Evaluation Methods for Machine Learning","author":"C\u00e1rdenas A. A.","year":"2006","unstructured":"A. A. C\u00e1rdenas and J. S. Baras . Evaluation of classifiers: Practical considerations for security applications . In Proc. AAAI Workshop Evaluation Methods for Machine Learning , pages 777 -- 780 , 2006 . A. A. C\u00e1rdenas and J. S. Baras. Evaluation of classifiers: Practical considerations for security applications. In Proc. AAAI Workshop Evaluation Methods for Machine Learning, pages 777--780, 2006."},{"key":"e_1_3_2_1_14_1","author":"Chawla N. V.","year":"2002","unstructured":"N. V. Chawla , K. W. Bowyer , L. O. Hall , and W. P. Kegelmeyer . Smote: Synthetic minority over-sampling technique. Journal of artificial intelligence research, pages 321--357 , 2002 . N. V. Chawla, K. W. Bowyer, L. O. Hall, and W. P. Kegelmeyer. Smote: Synthetic minority over-sampling technique. Journal of artificial intelligence research, pages 321--357, 2002.","journal-title":"Journal of artificial intelligence research, pages 321--357"},{"key":"e_1_3_2_1_15_1","first-page":"659","volume-title":"Proc. USENIX Security","author":"Chen K.","year":"2015","unstructured":"K. Chen , P. Wang , Y. Lee , X. Wang , N. Zhang , H. Huang , W. Zou , and P. Liu . Finding unknown malice in 10 seconds: Mass vetting for new threats at the Google-play scale . In Proc. USENIX Security , pages 659 -- 674 , 2015 . K. Chen, P. Wang, Y. Lee, X. Wang, N. Zhang, H. Huang, W. Zou, and P. Liu. Finding unknown malice in 10 seconds: Mass vetting for new threats at the Google-play scale. In Proc. USENIX Security, pages 659--674, 2015."},{"key":"e_1_3_2_1_16_1","author":"Demontis A.","year":"2017","unstructured":"A. Demontis , M. Melis , B. Biggio , D. Maiorca , D. Arp , K. Rieck , I. Corona , G. Giacinto , and F. Roli . Yes, machine learning can be more secure! a case study on Android malware detection. IEEE Trans. TDSC , 2017 . A. Demontis, M. Melis, B. Biggio, D. Maiorca, D. Arp, K. Rieck, I. Corona, G. Giacinto, and F. Roli. Yes, machine learning can be more secure! a case study on Android malware detection. IEEE Trans. TDSC, 2017.","journal-title":"IEEE Trans. TDSC"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2635868.2635869"},{"key":"e_1_3_2_1_18_1","first-page":"2672","volume-title":"Proc. NIPS","author":"Goodfellow I.","year":"2014","unstructured":"I. Goodfellow , J. Pouget-Abadie , M. Mirza , B. Xu , D. Warde-Farley , S. Ozair , A. Courville , and Y. Bengio . Generative adversarial nets . In Proc. NIPS , pages 2672 -- 2680 , 2014 . I. Goodfellow, J. Pouget-Abadie, M. Mirza, B. Xu, D. Warde-Farley, S. Ozair, A. Courville, and Y. Bengio. Generative adversarial nets. In Proc. NIPS, pages 2672--2680, 2014."},{"key":"e_1_3_2_1_19_1","volume-title":"Adversarial perturbations against deep neural networks for malware classification. arXiv preprint arXiv:1606.04435","author":"Grosse K.","year":"2016","unstructured":"K. Grosse , N. Papernot , P. Manoharan , M. Backes , and P. McDaniel . Adversarial perturbations against deep neural networks for malware classification. arXiv preprint arXiv:1606.04435 , 2016 . K. Grosse, N. Papernot, P. Manoharan, M. Backes, and P. McDaniel. Adversarial perturbations against deep neural networks for malware classification. arXiv preprint arXiv:1606.04435, 2016."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2594368.2594390"},{"key":"e_1_3_2_1_21_1","volume-title":"Generating adversarial malware examples for black-box attacks based on GAN. arXiv preprint arXiv:1702.05983","author":"Hu W.","year":"2017","unstructured":"W. Hu and Y. Tan . Generating adversarial malware examples for black-box attacks based on GAN. arXiv preprint arXiv:1702.05983 , 2017 . W. Hu and Y. Tan. Generating adversarial malware examples for black-box attacks based on GAN. arXiv preprint arXiv:1702.05983, 2017."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046684.2046692"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2487575.2488219"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1002\/nav.3800020109"},{"key":"e_1_3_2_1_25_1","volume-title":"Numerical Ecology: Developments in Environmental Modelling","author":"Legendre P.","year":"1998","unstructured":"P. Legendre and L. Legendre . Numerical Ecology: Developments in Environmental Modelling . Elsevier ., 1998 . P. Legendre and L. Legendre. Numerical Ecology: Developments in Environmental Modelling. Elsevier., 1998."},{"key":"e_1_3_2_1_26_1","volume-title":"Proc. ICLR","author":"Liu Y.","year":"2017","unstructured":"Y. Liu , X. Chen , C. Liu , and D. Song . Delving into transferable adversarial examples and black-box attacks . In Proc. ICLR , 2017 . Y. Liu, X. Chen, C. Liu, and D. Song. Delving into transferable adversarial examples and black-box attacks. In Proc. ICLR, 2017."},{"key":"e_1_3_2_1_27_1","unstructured":"Montrojans ghosts and more mean bumps ahead for mobile and connected thingskey. https:\/\/www.mcafee.com\/us\/resources\/reports\/rp-mobile-threat-report-2017.pdf.  Montrojans ghosts and more mean bumps ahead for mobile and connected thingskey. https:\/\/www.mcafee.com\/us\/resources\/reports\/rp-mobile-threat-report-2017.pdf."},{"key":"e_1_3_2_1_28_1","unstructured":"Monkey. http:\/\/developer.Android.com\/tools\/help\/monkey.html.  Monkey. http:\/\/developer.Android.com\/tools\/help\/monkey.html."},{"key":"e_1_3_2_1_29_1","volume-title":"Transferability in machine learning: from phenomena to black-box attacks using adversarial samples. arXiv preprint arXiv:1605.07277","author":"Papernot N.","year":"2016","unstructured":"N. Papernot , P. McDaniel , and I. Goodfellow . Transferability in machine learning: from phenomena to black-box attacks using adversarial samples. arXiv preprint arXiv:1605.07277 , 2016 . N. Papernot, P. McDaniel, and I. Goodfellow. Transferability in machine learning: from phenomena to black-box attacks using adversarial samples. arXiv preprint arXiv:1605.07277, 2016."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053009"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2016.36"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1022643204877"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/2484313.2484355"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.20"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/2818000.2818038"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2737924.2737988"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/2381896.2381910"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23078"},{"key":"e_1_3_2_1_39_1","volume-title":"Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199","author":"Szegedy C.","year":"2013","unstructured":"C. Szegedy , W. Zaremba , I. Sutskever , J. Bruna , D. Erhan , I. Goodfellow , and R. Fergus . Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199 , 2013 . C. Szegedy, W. Zaremba, I. Sutskever, J. Bruna, D. Erhan, I. Goodfellow, and R. Fergus. Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199, 2013."},{"key":"e_1_3_2_1_40_1","volume-title":"Proc. CASON","author":"Valle\u00e9-Rai R.","year":"1999","unstructured":"R. Valle\u00e9-Rai , P. Co , E. Gagnon , L. Hendren , P. Lam , and V. Sundaresan . Soot: A Java bytecode optimization framework . In Proc. CASON , 1999 . R. Valle\u00e9-Rai, P. Co, E. Gagnon, L. Hendren, P. Lam, and V. Sundaresan. Soot: A Java bytecode optimization framework. In Proc. CASON, 1999."},{"key":"e_1_3_2_1_41_1","volume-title":"Proc. NDSS","author":"Xu W.","year":"2016","unstructured":"W. Xu , Y. Qi , and D. Evans . Automatically evading classifiers . In Proc. NDSS , 2016 . W. Xu, Y. Qi, and D. Evans. Automatically evading classifiers. In Proc. NDSS, 2016."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-37057-1_19"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.5555\/2818754.2818793"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.16"}],"event":{"name":"ACSAC 2017: 2017 Annual Computer Security Applications Conference","location":"Orlando FL USA","acronym":"ACSAC 2017"},"container-title":["Proceedings of the 33rd Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3134600.3134642","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3134600.3134642","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3134600.3134642","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T03:30:11Z","timestamp":1750217411000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3134600.3134642"}},"subtitle":["Exploiting Feature Evolutions and Confusions in Android Apps"],"short-title":[],"issued":{"date-parts":[[2017,12,4]]},"references-count":44,"alternative-id":["10.1145\/3134600.3134642","10.1145\/3134600"],"URL":"https:\/\/doi.org\/10.1145\/3134600.3134642","relation":{},"subject":[],"published":{"date-parts":[[2017,12,4]]},"assertion":[{"value":"2017-12-04","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}