{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,5]],"date-time":"2026-02-05T06:03:31Z","timestamp":1770271411453,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":52,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,5,27]],"date-time":"2018-05-27T00:00:00Z","timestamp":1527379200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CCF-1409423, CNS-1513939, CNS-1564274"],"award-info":[{"award-number":["CCF-1409423, CNS-1513939, CNS-1564274"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,5,27]]},"DOI":"10.1145\/3180155.3180223","type":"proceedings-article","created":{"date-parts":[[2018,12,13]],"date-time":"2018-12-13T15:45:16Z","timestamp":1544715916000},"page":"384-394","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":22,"title":["EnMobile"],"prefix":"10.1145","author":[{"given":"Wei","family":"Yang","sequence":"first","affiliation":[{"name":"University of Illinois at Urbana-Champaign"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mukul R.","family":"Prasad","sequence":"additional","affiliation":[{"name":"Fujitsu Laboratories of America"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tao","family":"Xie","sequence":"additional","affiliation":[{"name":"University of Illinois at Urbana-Champaign"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2018,5,27]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Android.Answerbot. https:\/\/www.symantec.com\/security_response\/writeup.jsp?docid=2011-100711-2129-99."},{"key":"e_1_3_2_1_2_1","unstructured":"Android.Geinimi. https:\/\/www.symantec.com\/security_response\/writeup.jsp?docid=2011-010111-5403-99."},{"key":"e_1_3_2_1_3_1","unstructured":"In review: 2016's mobile threat landscape brings diversity scale and scope. http:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/2016-mobile-threat-landscape\/."},{"key":"e_1_3_2_1_4_1","unstructured":"Microsoft malware protection center. http:\/\/www.microsoft.com\/security\/portal\/threat\/Threats.aspx."},{"key":"e_1_3_2_1_5_1","unstructured":"Security alert: New BeanBot SMS Trojan discovered. http:\/\/www.cs.ncsu.edu\/faculty\/jiang\/BeanBot\/."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-04283-1_6"},{"key":"e_1_3_2_1_7_1","unstructured":"Antiy Labs. http:\/\/www.antiy.net\/."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23247"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/2594291.2594299"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382222"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.5555\/2818754.2818808"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2015.69"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/2814270.2814274"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/2259051.2259052"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23140"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.5555\/2831143.2831185"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2594368.2594391"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2014.11.001"},{"key":"e_1_3_2_1_19_1","unstructured":"EnMobile. https:\/\/sites.google.com\/site\/entitymobile\/."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660343"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/2635868.2635869"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23379"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.30"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23089"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/2568225.2568276"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2568225.2568301"},{"key":"e_1_3_2_1_27_1","volume-title":"Proc. CETUS","author":"Lam P.","year":"2011","unstructured":"P. Lam, E. Bodden, O. Lhot\u00e1k, and L. Hendren. The Soot framework for Java program analysis: a retrospective. In Proc. CETUS, 2011."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2786805.2786879"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.5555\/2818754.2818791"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23287"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382223"},{"key":"e_1_3_2_1_32_1","unstructured":"Virus Information - McAfee. http:\/\/home.mcafee.com\/virusinfo\/."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.5555\/2818754.2818767"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.5555\/2534766.2534813"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.5555\/2534766.2534812"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23039"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23066"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2015.66"},{"key":"e_1_3_2_1_39_1","volume-title":"The pros and cons of behavioral based, signature based and white list based security","author":"Shinder D.L.","year":"2015","unstructured":"D.L. Shinder. The pros and cons of behavioral based, signature based and white list based security, 2015. http:\/\/www.windowsecurity.com\/articles-tutorials\/misc_network_security\/Pros-Cons-Behavioral-Signature-Whitelist-Security.html."},{"key":"e_1_3_2_1_40_1","unstructured":"Soot: A framework for analyzing and transforming Java and Android applications. http:\/\/sable.github.io\/soot\/."},{"key":"e_1_3_2_1_41_1","unstructured":"Threat Analysis - Sophos. https:\/\/www.sophos.com\/en-us\/threat-center\/threat-analyses.aspx."},{"key":"e_1_3_2_1_42_1","unstructured":"Security Threat - Symantec. https:\/\/www.symantec.com\/security_response\/."},{"key":"e_1_3_2_1_43_1","unstructured":"Threat Encyclopedia - Trend Micro. http:\/\/www.trendmicro.com\/vinfo\/us\/threat-encyclopedia\/."},{"key":"e_1_3_2_1_44_1","unstructured":"VirusTotal - free online virus malware and URL scanner. https:\/\/www.virustotal.com\/."},{"key":"e_1_3_2_1_45_1","volume-title":"BlackHat DC Conference","author":"Walenstein A.","year":"2007","unstructured":"A. Walenstein, M. Venable, M. Hayes, C. Thompson, and A. Lakhotia. Exploiting similarity between variants to defeat malware. In BlackHat DC Conference, March 2007."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-60876-1_12"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660357"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.5555\/2818754.2818768"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2015.76"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.5555\/2818754.2818793"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660359"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.16"}],"event":{"name":"ICSE '18: 40th International Conference on Software Engineering","location":"Gothenburg Sweden","acronym":"ICSE '18","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering","IEEE-CS Computer Society"]},"container-title":["Proceedings of the 40th International Conference on Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3180155.3180223","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3180155.3180223","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3180155.3180223","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T01:08:19Z","timestamp":1750208899000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3180155.3180223"}},"subtitle":["entity-based characterization and analysis of mobile malware"],"short-title":[],"issued":{"date-parts":[[2018,5,27]]},"references-count":52,"alternative-id":["10.1145\/3180155.3180223","10.1145\/3180155"],"URL":"https:\/\/doi.org\/10.1145\/3180155.3180223","relation":{},"subject":[],"published":{"date-parts":[[2018,5,27]]},"assertion":[{"value":"2018-05-27","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}