{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:28:15Z","timestamp":1750220895203,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":48,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,11,12]],"date-time":"2019-11-12T00:00:00Z","timestamp":1573516800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"IMEC"},{"name":"EU","award":["H2020-SU-ICT-03-2018, 830929 CyberSec4Europe"],"award-info":[{"award-number":["H2020-SU-ICT-03-2018, 830929 CyberSec4Europe"]}]},{"name":"KU Leuven"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,11,12]]},"DOI":"10.1145\/3360774.3360805","type":"proceedings-article","created":{"date-parts":[[2020,2,3]],"date-time":"2020-02-03T14:56:00Z","timestamp":1580741760000},"page":"200-209","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["Detecting malicious applications using system services request behavior"],"prefix":"10.1145","author":[{"given":"Majid","family":"Salehi","sequence":"first","affiliation":[{"name":"KU Leuven"}]},{"given":"Morteza","family":"Amini","sequence":"additional","affiliation":[{"name":"Sharif University of Technology"}]},{"given":"Bruno","family":"Crispo","sequence":"additional","affiliation":[{"name":"KU Leuven and Trento University, Italy"}]}],"member":"320","published-online":{"date-parts":[[2020,2,3]]},"reference":[{"volume-title":"Global mobile OS market share","year":"2018","key":"e_1_3_2_1_1_1"},{"volume-title":"Accessed: 2019-04-23.","year":"2018","key":"e_1_3_2_1_2_1"},{"key":"e_1_3_2_1_3_1","unstructured":"Google. Android-Google Play Protect. https:\/\/www.android.com\/play-protect\/ Accessed: 2019-04-23.  Google. Android-Google Play Protect. https:\/\/www.android.com\/play-protect\/ Accessed: 2019-04-23."},{"volume-title":"Mamadroid: Detecting android malware by building markov chains of behavioral models,\" in Proceedings of the 24th Annual Network and Distributed System Security Symposium (NDSS)","year":"2017","author":"Mariconti E.","key":"e_1_3_2_1_4_1"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2018.11.021"},{"volume-title":"Drebin: Effective and explainable detection of android malware in your pocket\" in Proceedings of the Network and Distributed System Security Symposium (NDSS)","year":"2014","author":"Arp D.","key":"e_1_3_2_1_6_1"},{"key":"e_1_3_2_1_7_1","first-page":"377","volume-title":"ACM","author":"Chen S.","year":"2016"},{"key":"e_1_3_2_1_8_1","first-page":"309","volume-title":"ACM","author":"Suarez-Tangil G.","year":"2017"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/tifs.2016.2523912"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.neucom.2017.07.030"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2016.2536605"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2016.2646641"},{"key":"e_1_3_2_1_13_1","first-page":"226","volume-title":"ACM","author":"Sun M.","year":"2014"},{"key":"e_1_3_2_1_14_1","first-page":"329","volume-title":"Computer and Communications Security. ACM","author":"Rastogi V.","year":"2013"},{"key":"e_1_3_2_1_15_1","first-page":"1247","volume-title":"Tackling runtime-based obfuscation in android with TIRO,\" in Proceedings of the 27th USENIX Security Symposium (USENIX Security 18)","author":"Wong M. Y.","year":"2018"},{"volume-title":"Going native: Using a large-scale analysis of android apps to create a practical native-code sandboxing policy,\" in Proceedings of the Network and Distributed System Security Symposium (NDSS)","year":"2016","author":"Afonso V. M.","key":"e_1_3_2_1_16_1"},{"volume-title":"Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications,\" in Proceedings of the Network and Distributed System Security Symposium (NDSS)","year":"2014","author":"Poeplau S.","key":"e_1_3_2_1_17_1"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2014.2347206"},{"volume-title":"Copperdroid: Automatic reconstruction of android malware behaviors.\" in Proceedings of the Network and Distributed System Security Symposium (NDSS)","year":"2015","author":"Tam K.","key":"e_1_3_2_1_19_1"},{"key":"e_1_3_2_1_20_1","first-page":"252","volume-title":"Mobile Security Technologies (MoST)","author":"Dash S. K.","year":"2016"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2018.07.003"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1049\/iet-ifs.2015.0211"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jpdc.2016.10.012"},{"key":"e_1_3_2_1_24_1","first-page":"13","volume-title":"ACM","author":"Canfora G.","year":"2015"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/3017427"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2014.2386139"},{"key":"e_1_3_2_1_27_1","first-page":"95","volume-title":"IEEE","author":"Zhou Y.","year":"2012"},{"key":"e_1_3_2_1_28_1","unstructured":"M. Parkour. Mobile malware sharing site. http:\/\/contagiominidump.blogspot.com Accessed: 2019-04-23.  M. Parkour. Mobile malware sharing site. http:\/\/contagiominidump.blogspot.com Accessed: 2019-04-23."},{"volume-title":"Android developers","year":"2019","key":"e_1_3_2_1_29_1"},{"volume-title":"Man in the binder: He who controls ipc, controls the droid","year":"2014","author":"Artenstein N.","key":"e_1_3_2_1_30_1"},{"key":"e_1_3_2_1_31_1","first-page":"156","volume-title":"IEEE","author":"Salehi M.","year":"2016"},{"volume-title":"Android platform based linux kernel rootkit","author":"You D.-H.","key":"e_1_3_2_1_32_1"},{"volume-title":"R: A language and environment for statistical computing","year":"2014","author":"Core Team R","key":"e_1_3_2_1_33_1"},{"key":"e_1_3_2_1_34_1","unstructured":"Oracle vm virtualbox. http:\/\/www.qemu.org Accessed: 2019-04-23.  Oracle vm virtualbox. http:\/\/www.qemu.org Accessed: 2019-04-23."},{"key":"e_1_3_2_1_35_1","unstructured":"Monkey runner. http:\/\/developer.android.com\/tools\/help\/monkey.html Accessed: 2019-04-23.  Monkey runner. http:\/\/developer.android.com\/tools\/help\/monkey.html Accessed: 2019-04-23."},{"key":"e_1_3_2_1_36_1","first-page":"468","volume-title":"IEEE","author":"Allix K.","year":"2016"},{"volume-title":"Accessed: 2019-04-23.","year":"2019","key":"e_1_3_2_1_37_1"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1010933404324"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/5254.708428"},{"volume-title":"Principal component analysis","author":"Jolliffe I.","key":"e_1_3_2_1_41_1"},{"volume-title":"Passmark performancetest","year":"2019","author":"Software P.","key":"e_1_3_2_1_42_1"},{"key":"e_1_3_2_1_43_1","first-page":"447","volume-title":"ACM","author":"Vidas T.","year":"2014"},{"key":"e_1_3_2_1_44_1","unstructured":"FireEye. Android.hehe. https:\/\/www.fireeye.com\/blog\/threat-research\/2014\/01\/android-hehe-malware-now-disconnects-phone-calls.htm Accessed: 2019-04-23.  FireEye. Android.hehe. https:\/\/www.fireeye.com\/blog\/threat-research\/2014\/01\/android-hehe-malware-now-disconnects-phone-calls.htm Accessed: 2019-04-23."},{"volume-title":"mobile mini dump. Obad","author":"C.","key":"e_1_3_2_1_45_1"},{"key":"e_1_3_2_1_46_1","unstructured":"M. K. Alzaylaee S. Y. Yerima and S. Sezer \"Dynalog: an automated dynamic analysis framework for characterizing android applications \" in Proceedings of the 2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security) 2016 pp. 1--8.  M. K. Alzaylaee S. Y. Yerima and S. Sezer \"Dynalog: an automated dynamic analysis framework for characterizing android applications \" in Proceedings of the 2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security) 2016 pp. 1--8."},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134601"},{"volume-title":"Limits of learning-based signature generation with adversaries,\" in Proceedings of the Network and Distributed System Security Symposium (NDSS)","year":"2008","author":"Venkataraman S.","key":"e_1_3_2_1_48_1"},{"key":"e_1_3_2_1_49_1","article-title":"Yes, machine learning can be more secure! a case study on android malware detection","author":"Demontis A.","year":"2017","journal-title":"IEEE Transactions on Dependable and Secure Computing"}],"event":{"name":"MobiQuitous: Computing, Networking and Services","acronym":"MobiQuitous","location":"Houston Texas USA"},"container-title":["Proceedings of the 16th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3360774.3360805","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3360774.3360805","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:44:36Z","timestamp":1750203876000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3360774.3360805"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,11,12]]},"references-count":48,"alternative-id":["10.1145\/3360774.3360805","10.1145\/3360774"],"URL":"https:\/\/doi.org\/10.1145\/3360774.3360805","relation":{},"subject":[],"published":{"date-parts":[[2019,11,12]]},"assertion":[{"value":"2020-02-03","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}