{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,5]],"date-time":"2026-06-05T04:29:32Z","timestamp":1780633772499,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":65,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,10,5]],"date-time":"2020-10-05T00:00:00Z","timestamp":1601856000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,10,5]]},"DOI":"10.1145\/3320269.3384745","type":"proceedings-article","created":{"date-parts":[[2020,10,5]],"date-time":"2020-10-05T16:33:22Z","timestamp":1601915602000},"page":"694-707","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":18,"title":["Hidden in Plain Sight: Obfuscated Strings Threatening Your Privacy"],"prefix":"10.1145","author":[{"given":"Leonid","family":"Glanz","sequence":"first","affiliation":[{"name":"Technical University of Darmstadt, Darmstadt, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Patrick","family":"M\u00fcller","sequence":"additional","affiliation":[{"name":"Technical University of Darmstadt, Darmstadt, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Lars","family":"Baumg\u00e4rtner","sequence":"additional","affiliation":[{"name":"Technical University of Darmstadt, Darmstadt, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Michael","family":"Reif","sequence":"additional","affiliation":[{"name":"Technical University of Darmstadt, Darmstadt, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Sven","family":"Amann","sequence":"additional","affiliation":[{"name":"CQSE GmbH, Darmstadt, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Pauline","family":"Anthonysamy","sequence":"additional","affiliation":[{"name":"Google Inc., Zurich, Switzerland"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Mira","family":"Mezini","sequence":"additional","affiliation":[{"name":"Technical University of Darmstadt, Darmstadt, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2020,10,5]]},"reference":[{"key":"e_1_3_2_2_1_1","volume-title":"Compilers: principles, techniques, and tools","author":"Alfred V Aho","year":"1986"},{"key":"e_1_3_2_2_2_1","unstructured":"Androidrank. Accessed: 2019-05--15. https:\/\/www.androidrank.org\/.  Androidrank. Accessed: 2019-05--15. https:\/\/www.androidrank.org\/."},{"key":"e_1_3_2_2_3_1","unstructured":"App Brain's Ad Networks. Accessed: 2019-05--15. https:\/\/www.appbrain.com\/stats\/libraries\/ad-networks.  App Brain's Ad Networks. Accessed: 2019-05--15. https:\/\/www.appbrain.com\/stats\/libraries\/ad-networks."},{"key":"e_1_3_2_2_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978333"},{"key":"e_1_3_2_2_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3197231.3197239"},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0065-2458(08)60641-5"},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134009"},{"key":"e_1_3_2_2_8_1","unstructured":"Shield4J A Java class shrinker Android APK obfuscator encrypter and merger. Accessed: 2020-02--12.. https:\/\/dzone.com\/articles\/shield4j-java-class-and  Shield4J A Java class shrinker Android APK obfuscator encrypter and merger. Accessed: 2020-02--12.. https:\/\/dzone.com\/articles\/shield4j-java-class-and"},{"key":"e_1_3_2_2_9_1","unstructured":"Contagio Mobile Dump. Accessed: 2019-05--15. http:\/\/contagiominidump.blogspot.com\/.  Contagio Mobile Dump. Accessed: 2019-05--15. http:\/\/contagiominidump.blogspot.com\/."},{"key":"e_1_3_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23465"},{"key":"e_1_3_2_2_11_1","volume-title":"Naming Conventions. Accessed: 2019-04--26","author":"Oracle"},{"key":"e_1_3_2_2_12_1","unstructured":"DashO. Accessed: 2019-05--15. https:\/\/www.preemptive.com\/.  DashO. Accessed: 2019-05--15. https:\/\/www.preemptive.com\/."},{"key":"e_1_3_2_2_13_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23082"},{"key":"e_1_3_2_2_14_1","unstructured":"Dex Oracle. Accessed: 2019-05--15. https:\/\/github.com\/CalebFenton\/dex-oracle.  Dex Oracle. Accessed: 2019-05--15. https:\/\/github.com\/CalebFenton\/dex-oracle."},{"key":"e_1_3_2_2_15_1","unstructured":"Dex2Jar Decrypt Strings. Accessed: 2019-05--15. https:\/\/sourceforge.net\/p\/dex2jar\/wiki\/DecryptStrings\/.  Dex2Jar Decrypt Strings. Accessed: 2019-05--15. https:\/\/sourceforge.net\/p\/dex2jar\/wiki\/DecryptStrings\/."},{"key":"e_1_3_2_2_16_1","unstructured":"DexGuard. Accessed: 2017--10--23. https:\/\/www.guardsquare.com\/en\/dexguard.  DexGuard. Accessed: 2017--10--23. https:\/\/www.guardsquare.com\/en\/dexguard."},{"key":"e_1_3_2_2_17_1","volume-title":"Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild","author":"Li Shuaike","year":"2018"},{"key":"e_1_3_2_2_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2614628.2614630"},{"key":"e_1_3_2_2_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSR.2009.5069482"},{"key":"e_1_3_2_2_20_1","unstructured":"F-Droid. Accessed: 2019-05--15. https:\/\/f-droid.org\/.  F-Droid. Accessed: 2019-05--15. https:\/\/f-droid.org\/."},{"key":"e_1_3_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.30"},{"key":"e_1_3_2_2_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/3106237.3106305"},{"key":"e_1_3_2_2_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2307636.2307663"},{"key":"e_1_3_2_2_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2480362.2480706"},{"key":"e_1_3_2_2_25_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-40667-1_8"},{"key":"e_1_3_2_2_26_1","unstructured":"Java bytecode analysis\/deobfuscation tool. Accessed: 2019-05--15. https:\/\/github.com\/contra\/JMD.  Java bytecode analysis\/deobfuscation tool. Accessed: 2019-05--15. https:\/\/github.com\/contra\/JMD."},{"key":"e_1_3_2_2_27_1","volume-title":"The Codebreakers: The comprehensive history of secret communication from ancient times to the internet","author":"Kahn David","year":"1996"},{"key":"e_1_3_2_2_28_1","volume-title":"Android malware classification through analysis of string literals. Text Analytics for Cybersecurity and Online Safety (TA-COS)","author":"Killam Richard","year":"2016"},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1155\/2015\/379682"},{"key":"e_1_3_2_2_30_1","doi-asserted-by":"crossref","unstructured":"Li Li Tegawend\u00e9 F. Bissyand\u00e9 Jacques Klein and Yves Le Traon. 2015. An Investigation into the Use of Common Libraries in Android Apps. In Technique Report .  Li Li Tegawend\u00e9 F. Bissyand\u00e9 Jacques Klein and Yves Le Traon. 2015. An Investigation into the Use of Common Libraries in Android Apps. In Technique Report .","DOI":"10.1109\/SANER.2016.52"},{"key":"e_1_3_2_2_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSME.2017.46"},{"key":"e_1_3_2_2_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2017.38"},{"key":"e_1_3_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.48"},{"key":"e_1_3_2_2_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/2889160.2889178"},{"key":"e_1_3_2_2_35_1","volume-title":"Gordon Ross, and Gianluca Stringhini.","author":"Mariconti Enrico","year":"2016"},{"key":"e_1_3_2_2_36_1","doi-asserted-by":"crossref","unstructured":"Michael Meli Matthew R McNiece and Bradley Reaves. 2019. How Bad Can It Git? Characterizing Secret Leakage in Public GitHub Repositories.. In NDSS .  Michael Meli Matthew R McNiece and Bradley Reaves. 2019. How Bad Can It Git? Characterizing Secret Leakage in Public GitHub Repositories.. In NDSS .","DOI":"10.14722\/ndss.2019.23418"},{"key":"e_1_3_2_2_37_1","volume-title":"Security Technology (ICCST)","author":"Menezes Luis"},{"key":"e_1_3_2_2_38_1","volume-title":"AndrODet: An adaptive android obfuscation detector. Future Generation Computer Systems (","author":"de Fuentes O","year":"2018"},{"key":"e_1_3_2_2_39_1","volume-title":"Spearman correlation coefficients, differences between. Encyclopedia of statistical sciences","author":"Myers Leann","year":"2004"},{"key":"e_1_3_2_2_40_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23092"},{"key":"e_1_3_2_2_41_1","unstructured":"Allatori Java Obfuscator. Accessed: 2019-05--15. http:\/\/www.atori.com\/.  Allatori Java Obfuscator. Accessed: 2019-05--15. http:\/\/www.atori.com\/."},{"key":"e_1_3_2_2_42_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23265"},{"key":"e_1_3_2_2_43_1","unstructured":"Practical Cryptography. Accessed: 2019-05--15. http:\/\/practicalcryptography.com\/cryptanalysis\/.  Practical Cryptography. Accessed: 2019-05--15. http:\/\/practicalcryptography.com\/cryptanalysis\/."},{"key":"e_1_3_2_2_44_1","volume-title":"DexGuard applies multiple layers of encryption and obfuscation","author":"ProGuard","year":"2017"},{"key":"e_1_3_2_2_45_1","volume-title":"Induction of decision trees. Machine learning","author":"Quinlan J. Ross","year":"1986"},{"key":"e_1_3_2_2_46_1","doi-asserted-by":"crossref","unstructured":"Siegfried Rasthofer Steven Arzt Marc Miltenberger and Eric Bodden. 2016. Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques. In NDSS .  Siegfried Rasthofer Steven Arzt Marc Miltenberger and Eric Bodden. 2016. Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques. In NDSS .","DOI":"10.14722\/ndss.2016.23066"},{"key":"e_1_3_2_2_47_1","volume-title":"25th Annual Network and Distributed System Security Symposium, NDSS","volume":"2018","author":"Razaghpanah Abbas","year":"2018"},{"key":"e_1_3_2_2_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/2886012"},{"key":"e_1_3_2_2_49_1","unstructured":"Simplify. Accessed: 2019-05--15. https:\/\/github.com\/CalebFenton\/simplify.  Simplify. Accessed: 2019-05--15. https:\/\/github.com\/CalebFenton\/simplify."},{"key":"e_1_3_2_2_50_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23407"},{"key":"e_1_3_2_2_51_1","volume-title":"Workshop on Mobile Security Technologies (MoST'12)","volume":"10","author":"Stevens Ryan","year":"2012"},{"key":"e_1_3_2_2_52_1","unstructured":"Stringer Java Obfuscator. Accessed: 2019-05--15. https:\/\/jfxstore.com\/.  Stringer Java Obfuscator. Accessed: 2019-05--15. https:\/\/jfxstore.com\/."},{"key":"e_1_3_2_2_53_1","unstructured":"Protecting users with TLS by default in Android P. Accessed: 2019--11--22.. https:\/\/android-developers.googleblog.com\/2018\/04\/protecting-users-with-tls-by-default-in.html  Protecting users with TLS by default in Android P. Accessed: 2019--11--22.. https:\/\/android-developers.googleblog.com\/2018\/04\/protecting-users-with-tls-by-default-in.html"},{"key":"e_1_3_2_2_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/2590296.2590325"},{"key":"e_1_3_2_2_55_1","unstructured":"VirusTotal. Accessed: 2019-05--15. https:\/\/www.virustotal.com\/.  VirusTotal. Accessed: 2019-05--15. https:\/\/www.virustotal.com\/."},{"key":"e_1_3_2_2_56_1","doi-asserted-by":"publisher","DOI":"10.1109\/MOBILESoft.2017.18"},{"key":"e_1_3_2_2_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/3197231.3197248"},{"key":"e_1_3_2_2_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274726"},{"key":"e_1_3_2_2_59_1","unstructured":"WhatsApp. Accessed: 2019-05--15. https:\/\/play.google.com\/store\/apps\/details?id=com.whatsapp.  WhatsApp. Accessed: 2019-05--15. https:\/\/play.google.com\/store\/apps\/details?id=com.whatsapp."},{"key":"e_1_3_2_2_60_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23118"},{"key":"e_1_3_2_2_61_1","volume-title":"27th USENIX Security Symposium (USENIX Security'18)","author":"Wong Michelle Y","year":"2018"},{"key":"e_1_3_2_2_62_1","unstructured":"Zelix KlassMaster. Accessed: 2019-05--15. http:\/\/www.zelix.com\/.  Zelix KlassMaster. Accessed: 2019-05--15. http:\/\/www.zelix.com\/."},{"key":"e_1_3_2_2_63_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23052"},{"key":"e_1_3_2_2_64_1","doi-asserted-by":"publisher","DOI":"10.1145\/2766498.2766499"},{"key":"e_1_3_2_2_65_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00009"}],"event":{"name":"ASIA CCS '20: The 15th ACM Asia Conference on Computer and Communications Security","location":"Taipei Taiwan","acronym":"ASIA CCS '20","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 15th ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3320269.3384745","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3320269.3384745","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:41:27Z","timestamp":1750200087000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3320269.3384745"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,10,5]]},"references-count":65,"alternative-id":["10.1145\/3320269.3384745","10.1145\/3320269"],"URL":"https:\/\/doi.org\/10.1145\/3320269.3384745","relation":{},"subject":[],"published":{"date-parts":[[2020,10,5]]},"assertion":[{"value":"2020-10-05","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}