{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,14]],"date-time":"2026-05-14T20:05:02Z","timestamp":1778789102273,"version":"3.51.4"},"reference-count":74,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2022,5,26]],"date-time":"2022-05-26T00:00:00Z","timestamp":1653523200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["Proc. ACM Meas. Anal. Comput. Syst."],"published-print":{"date-parts":[[2022,5,26]]},"abstract":"<jats:p>Mobile malware detection has attracted massive research effort in our community. A reliable and up-to-date malware dataset is critical to evaluate the effectiveness of malware detection approaches. Essentially, the malware ground truth should be manually verified by security experts, and their malicious behaviors should be carefully labelled. Although there are several widely-used malware benchmarks in our community (e.g., MalGenome, Drebin, Piggybacking and AMD, etc.), these benchmarks face several limitations including out-of-date, size, coverage, and reliability issues, etc. In this paper, we first make efforts to create MalRadar, a growing and up-to-date Android malware dataset using the most reliable way, i.e., by collecting malware based on the analysis reports of security experts. We have crawled all the mobile security related reports released by ten leading security companies, and used an automated approach to extract and label the useful ones describing new Android malware and containing Indicators of Compromise (IoC) information. We have successfully compiled MalRadar, a dataset that contains 4,534 unique Android malware samples (including both apks and metadata) released from 2014 to April 2021 by the time of this paper, all of which were manually verified by security experts with detailed behavior analysis. Then we characterize the MalRadar dataset from malware distribution channels, app installation methods, malware activation, malicious behaviors and anti-analysis techniques. We further investigate the malware evolution over the last decade. At last, we measure the effectiveness of commercial anti-virus engines and malware detection techniques on detecting malware in MalRadar. Our dataset can be served as the representative Android malware benchmark in the new era, and our observations can positively contribute to the community and boost a series of research studies on mobile security.<\/jats:p>","DOI":"10.1145\/3530906","type":"journal-article","created":{"date-parts":[[2022,6,6]],"date-time":"2022-06-06T17:16:18Z","timestamp":1654535778000},"page":"1-27","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":22,"title":["MalRadar"],"prefix":"10.1145","volume":"6","author":[{"given":"Liu","family":"Wang","sequence":"first","affiliation":[{"name":"Beijing University of Posts and Telecommunications, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Haoyu","family":"Wang","sequence":"additional","affiliation":[{"name":"Huazhong University of Science and Technology, Wuhan, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ren","family":"He","sequence":"additional","affiliation":[{"name":"Beijing University of Posts and Telecommunications, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ran","family":"Tao","sequence":"additional","affiliation":[{"name":"Beijing University of Posts and Telecommunications, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Guozhu","family":"Meng","sequence":"additional","affiliation":[{"name":"SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiapu","family":"Luo","sequence":"additional","affiliation":[{"name":"The Hong Kong Polytechnic University, Hong Kong, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xuanzhe","family":"Liu","sequence":"additional","affiliation":[{"name":"Peking University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2022,6,6]]},"reference":[{"key":"e_1_2_1_1_1","unstructured":"2016. Android banking trojan masquerades as Flash Player and bypasses 2FA. https:\/\/www.welivesecurity.com\/2016\/ 03\/09\/android-trojan-targets-online-banking-users\/.  2016. Android banking trojan masquerades as Flash Player and bypasses 2FA. https:\/\/www.welivesecurity.com\/2016\/ 03\/09\/android-trojan-targets-online-banking-users\/."},{"key":"e_1_2_1_2_1","unstructured":"2016. RuMMS: The Latest Family of Android Malware Attacking Users in Russia Via SMS Phishing. https:\/\/www. fireeye.com\/blog\/threat-research\/2016\/04\/rumms-android-malware.html.  2016. RuMMS: The Latest Family of Android Malware Attacking Users in Russia Via SMS Phishing. https:\/\/www. fireeye.com\/blog\/threat-research\/2016\/04\/rumms-android-malware.html."},{"key":"e_1_2_1_3_1","unstructured":"2017. Analyzing Xavier: An Information-Stealing Ad Library on Android. https:\/\/blog.trendmicro.com\/trendlabssecurity-intelligence\/analyzing-xavier-information-stealing-ad-library-android\/.  2017. Analyzing Xavier: An Information-Stealing Ad Library on Android. https:\/\/blog.trendmicro.com\/trendlabssecurity-intelligence\/analyzing-xavier-information-stealing-ad-library-android\/."},{"key":"e_1_2_1_4_1","unstructured":"2017. Coin Miner Mobile Malware Returns Hits Google Play. https:\/\/blog.trendmicro.com\/trendlabs-securityintelligence\/coin-miner-mobile-malware-returns-hits-google-play\/.  2017. Coin Miner Mobile Malware Returns Hits Google Play. https:\/\/blog.trendmicro.com\/trendlabs-securityintelligence\/coin-miner-mobile-malware-returns-hits-google-play\/."},{"key":"e_1_2_1_5_1","unstructured":"2017. Dvmap: the first Android malware with code injection. https:\/\/securelist.com\/dvmap-the-first-android-malwarewith-code-injection\/78648\/.  2017. Dvmap: the first Android malware with code injection. https:\/\/securelist.com\/dvmap-the-first-android-malwarewith-code-injection\/78648\/."},{"key":"e_1_2_1_6_1","unstructured":"2017. Exobot - Android banking Trojan on the rise. https:\/\/www.threatfabric.com\/blogs\/exobot_android_banking_ trojan_on_the_rise.html.  2017. Exobot - Android banking Trojan on the rise. https:\/\/www.threatfabric.com\/blogs\/exobot_android_banking_ trojan_on_the_rise.html."},{"key":"e_1_2_1_7_1","unstructured":"2017. GhostClicker Adware is a Phantomlike Android Click Fraud. https:\/\/blog.trendmicro.com\/trendlabs-securityintelligence\/ghostclicker-adware-is-a-phantomlike-android-click-fraud\/.  2017. GhostClicker Adware is a Phantomlike Android Click Fraud. https:\/\/blog.trendmicro.com\/trendlabs-securityintelligence\/ghostclicker-adware-is-a-phantomlike-android-click-fraud\/."},{"key":"e_1_2_1_8_1","unstructured":"2017. New WannaCry-Mimicking SLocker Abuses QQ Services. https:\/\/blog.trendmicro.com\/trendlabs-securityintelligence\/new-wannacry-mimicking-slocker-abuses-qq-services\/.  2017. New WannaCry-Mimicking SLocker Abuses QQ Services. https:\/\/blog.trendmicro.com\/trendlabs-securityintelligence\/new-wannacry-mimicking-slocker-abuses-qq-services\/."},{"key":"e_1_2_1_9_1","unstructured":"2017. The Strange Case of Play Policy for Copyright and Security. https:\/\/www.fortinet.com\/blog\/threat-research\/thestrange-case-of-play-policy-for-copyright-and-security.  2017. The Strange Case of Play Policy for Copyright and Security. https:\/\/www.fortinet.com\/blog\/threat-research\/thestrange-case-of-play-policy-for-copyright-and-security."},{"key":"e_1_2_1_10_1","unstructured":"2017. Toast Overlay Weaponized to Install Several Android Malware. https:\/\/blog.trendmicro.com\/trendlabs-securityintelligence\/toast-overlay-weaponized-install-android-malware-single-attack-chain\/.  2017. Toast Overlay Weaponized to Install Several Android Malware. https:\/\/blog.trendmicro.com\/trendlabs-securityintelligence\/toast-overlay-weaponized-install-android-malware-single-attack-chain\/."},{"key":"e_1_2_1_11_1","volume-title":"User Beware: Rooting Malware Found in 3rd Party App Stores. https:\/\/blog.trendmicro.com\/trendlabs-securityintelligence\/user-beware-rooting-malware-found-in-3rd-party-app-stores\/","unstructured":"2017. User Beware: Rooting Malware Found in 3rd Party App Stores. https:\/\/blog.trendmicro.com\/trendlabs-securityintelligence\/user-beware-rooting-malware-found-in-3rd-party-app-stores\/ . 2017. User Beware: Rooting Malware Found in 3rd Party App Stores. https:\/\/blog.trendmicro.com\/trendlabs-securityintelligence\/user-beware-rooting-malware-found-in-3rd-party-app-stores\/."},{"key":"e_1_2_1_12_1","unstructured":"2017. ZNIU: First Android Malware to Exploit Dirty COW. https:\/\/www.trendmicro.com\/en_us\/research\/17\/i\/zniufirst-android-malware-exploit-dirty-cow-vulnerability.html.  2017. ZNIU: First Android Malware to Exploit Dirty COW. https:\/\/www.trendmicro.com\/en_us\/research\/17\/i\/zniufirst-android-malware-exploit-dirty-cow-vulnerability.html."},{"key":"e_1_2_1_13_1","unstructured":"2018. Analysis of Smoke Loader in New Tsunami Campaign. https:\/\/unit42.paloaltonetworks.com\/analysis-of-smokeloader-in-new-tsunami-campaign\/.  2018. Analysis of Smoke Loader in New Tsunami Campaign. https:\/\/unit42.paloaltonetworks.com\/analysis-of-smokeloader-in-new-tsunami-campaign\/."},{"key":"e_1_2_1_14_1","unstructured":"2018. Fake Banking App Found on Google Play Used in SMiShing. https:\/\/www.trendmicro.com\/en_us\/research\/18\/k\/ fake-banking-app-found-on-google-play-used-in-smishing-scheme.html.  2018. Fake Banking App Found on Google Play Used in SMiShing. https:\/\/www.trendmicro.com\/en_us\/research\/18\/k\/ fake-banking-app-found-on-google-play-used-in-smishing-scheme.html."},{"key":"e_1_2_1_15_1","unstructured":"2018. Monero-Mining HiddenMiner Android Malware Can Potentially Cause Device Failure. https: \/\/blog.trendmicro.com\/trendlabs-security-intelligence\/monero-mining-hiddenminer-android-malware-canpotentially-cause-device-failure\/.  2018. Monero-Mining HiddenMiner Android Malware Can Potentially Cause Device Failure. https: \/\/blog.trendmicro.com\/trendlabs-security-intelligence\/monero-mining-hiddenminer-android-malware-canpotentially-cause-device-failure\/."},{"key":"e_1_2_1_16_1","unstructured":"2018. Windows Android Users Targeted by Maikspy Spyware. https:\/\/www.trendmicro.com\/en_us\/research\/18\/e\/ maikspy-spyware-poses-as-adult-game-targets-windows-and-android-users.html.  2018. Windows Android Users Targeted by Maikspy Spyware. https:\/\/www.trendmicro.com\/en_us\/research\/18\/e\/ maikspy-spyware-poses-as-adult-game-targets-windows-and-android-users.html."},{"key":"e_1_2_1_17_1","unstructured":"2018. XLoader Android Spyware and Banking Trojan Distributed via DNS Spoofing. https:\/\/blog.trendmicro.com\/ trendlabs-security-intelligence\/new-wannacry-mimicking-slocker-abuses-qq-services\/.  2018. XLoader Android Spyware and Banking Trojan Distributed via DNS Spoofing. https:\/\/blog.trendmicro.com\/ trendlabs-security-intelligence\/new-wannacry-mimicking-slocker-abuses-qq-services\/."},{"key":"e_1_2_1_18_1","unstructured":"2019. Adware Campaign Identified From 182 Game and Camera Apps on Google Play and Third-Party Stores Like 9Apps. https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/adware-campaign-identified-from-182-gameand-camera-apps-on-google-play-and-third-party-stores-like-9apps\/. Proc. ACM Meas. Anal. Comput. Syst. Vol. 6 No. 2 Article 40. Publication date: June 2022. MalRadar: Demystifying Android Malware in the New Era 40:25  2019. Adware Campaign Identified From 182 Game and Camera Apps on Google Play and Third-Party Stores Like 9Apps. https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/adware-campaign-identified-from-182-gameand-camera-apps-on-google-play-and-third-party-stores-like-9apps\/. Proc. ACM Meas. Anal. Comput. Syst. Vol. 6 No. 2 Article 40. Publication date: June 2022. MalRadar: Demystifying Android Malware in the New Era 40:25"},{"key":"e_1_2_1_19_1","unstructured":"2019. Google Play Apps Drop Anubis Banking Malware Use Motion-based Evasion Tactics. https: \/\/blog.trendmicro.com\/trendlabs-security-intelligence\/google-play-apps-drop-anubis-banking-malware-usemotion-based-evasion-tactics\/.  2019. Google Play Apps Drop Anubis Banking Malware Use Motion-based Evasion Tactics. https: \/\/blog.trendmicro.com\/trendlabs-security-intelligence\/google-play-apps-drop-anubis-banking-malware-usemotion-based-evasion-tactics\/."},{"key":"e_1_2_1_20_1","unstructured":"2019. Tracking down the developer of Android adware affecting millions of users. https:\/\/www.welivesecurity.com\/ 2019\/10\/24\/tracking-down-developer-android-adware\/.  2019. Tracking down the developer of Android adware affecting millions of users. https:\/\/www.welivesecurity.com\/ 2019\/10\/24\/tracking-down-developer-android-adware\/."},{"key":"e_1_2_1_21_1","unstructured":"2020. 1Mobile. https:\/\/www.1mobile.com.  2020. 1Mobile. https:\/\/www.1mobile.com."},{"key":"e_1_2_1_22_1","unstructured":"2020. APKiD. https:\/\/github.com\/rednaga\/APKiD.  2020. APKiD. https:\/\/github.com\/rednaga\/APKiD."},{"key":"e_1_2_1_23_1","unstructured":"2020. ApkPure. https:\/\/apkpure.com.  2020. ApkPure. https:\/\/apkpure.com."},{"key":"e_1_2_1_24_1","unstructured":"2020. Aptoide. https:\/\/www.aptoide.com.  2020. Aptoide. https:\/\/www.aptoide.com."},{"key":"e_1_2_1_25_1","unstructured":"2020. List of Mobile Security Vendors (Android). https:\/\/www.av-comparatives.org\/list-of-mobile-security-vendorsandroid\/.  2020. List of Mobile Security Vendors (Android). https:\/\/www.av-comparatives.org\/list-of-mobile-security-vendorsandroid\/."},{"key":"e_1_2_1_26_1","unstructured":"2020. Publication Trends. https:\/\/app.dimensions.ai\/discover\/publication.  2020. Publication Trends. https:\/\/app.dimensions.ai\/discover\/publication."},{"key":"e_1_2_1_27_1","unstructured":"2020. Smartphone shopaholic. https:\/\/securelist.com\/smartphone-shopaholic\/95544\/.  2020. Smartphone shopaholic. https:\/\/securelist.com\/smartphone-shopaholic\/95544\/."},{"key":"e_1_2_1_28_1","unstructured":"2021. Android malware found on Huawei's official app store. https:\/\/therecord.media\/android-malware-found-onhuaweis-official-app-store\/.  2021. Android malware found on Huawei's official app store. https:\/\/therecord.media\/android-malware-found-onhuaweis-official-app-store\/."},{"key":"e_1_2_1_29_1","unstructured":"2021. Check Point. https:\/\/research.checkpoint.com\/.  2021. Check Point. https:\/\/research.checkpoint.com\/."},{"key":"e_1_2_1_30_1","unstructured":"2021. ESET. https:\/\/www.welivesecurity.com\/.  2021. ESET. https:\/\/www.welivesecurity.com\/."},{"key":"e_1_2_1_31_1","unstructured":"2021. FireEye. https:\/\/www.fireeye.com\/blog.  2021. FireEye. https:\/\/www.fireeye.com\/blog."},{"key":"e_1_2_1_32_1","unstructured":"2021. Fortinet. https:\/\/www.fortinet.com.  2021. Fortinet. https:\/\/www.fortinet.com."},{"key":"e_1_2_1_33_1","unstructured":"2021. GBHackers. https:\/\/gbhackers.com\/.  2021. GBHackers. https:\/\/gbhackers.com\/."},{"key":"e_1_2_1_34_1","unstructured":"2021. Kaspersky. https:\/\/securelist.com\/.  2021. Kaspersky. https:\/\/securelist.com\/."},{"key":"e_1_2_1_35_1","unstructured":"2021. Koodous. https:\/\/koodous.com.  2021. Koodous. https:\/\/koodous.com."},{"key":"e_1_2_1_36_1","unstructured":"2021. Malwarebytes. https:\/\/blog.malwarebytes.com.  2021. Malwarebytes. https:\/\/blog.malwarebytes.com."},{"key":"e_1_2_1_37_1","unstructured":"2021. McAfee. https:\/\/www.mcafee.com\/blogs\/.  2021. McAfee. https:\/\/www.mcafee.com\/blogs\/."},{"key":"e_1_2_1_38_1","unstructured":"2021. Qihoo. https:\/\/ti.360.net\/blog\/.  2021. Qihoo. https:\/\/ti.360.net\/blog\/."},{"key":"e_1_2_1_39_1","unstructured":"2021. TrendMicro. https:\/\/blog.trendmicro.com\/.  2021. TrendMicro. https:\/\/blog.trendmicro.com\/."},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-014-9352-6"},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/2901739.2903508"},{"key":"e_1_2_1_42_1","first-page":"23","article-title":"Drebin: Effective and explainable detection of android malware in your pocket","volume":"14","author":"Arp Daniel","year":"2014","unstructured":"Daniel Arp , Michael Spreitzenbarth , Malte Hubner , Hugo Gascon , Konrad Rieck , and CERT Siemens . 2014 . Drebin: Effective and explainable detection of android malware in your pocket .. In Ndss , Vol. 14. 23 -- 26 . Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon, Konrad Rieck, and CERT Siemens. 2014. Drebin: Effective and explainable detection of android malware in your pocket.. In Ndss, Vol. 14. 23--26.","journal-title":"Ndss"},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046614.2046619"},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897845.2897860"},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/SPW.2016.25"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3236024.3236045"},{"key":"e_1_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/2523514.2523539"},{"key":"e_1_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/2635868.2635869"},{"key":"e_1_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/3366423.3380243"},{"key":"e_1_2_1_50_1","volume-title":"Transcend: Detecting concept drift in malware classification models. In 26th {USENIX} Security Symposium ({USENIX} Security 17). 625--642.","author":"Jordaney Roberto","year":"2017","unstructured":"Roberto Jordaney , Kumar Sharad , Santanu K Dash , Zhi Wang , Davide Papini , Ilia Nouretdinov , and Lorenzo Cavallaro . 2017 . Transcend: Detecting concept drift in malware classification models. In 26th {USENIX} Security Symposium ({USENIX} Security 17). 625--642. Roberto Jordaney, Kumar Sharad, Santanu K Dash, Zhi Wang, Davide Papini, Ilia Nouretdinov, and Lorenzo Cavallaro. 2017. Transcend: Detecting concept drift in malware classification models. In 26th {USENIX} Security Symposium ({USENIX} Security 17). 625--642."},{"key":"e_1_2_1_51_1","volume-title":"Proc. ACM Meas. Anal. Comput. Syst.","volume":"6","author":"Kiss Nicolas","year":"2016","unstructured":"Nicolas Kiss , Jean-Fran\u00e7ois Lalande , Mourad Leslous , and Val\u00e9rie Viet Triem Tong . 2016 . Kharon dataset: Android malware under a microscope. In The {LASER} Workshop: Learning from Authoritative Security Experiment Results ({LASER} 2016). 1--12 . Proc. ACM Meas. Anal. Comput. Syst. , Vol. 6 , No. 2, Article 40. Publication date: June 2022. 40:26 Liu Wang et al. Nicolas Kiss, Jean-Fran\u00e7ois Lalande, Mourad Leslous, and Val\u00e9rie Viet Triem Tong. 2016. Kharon dataset: Android malware under a microscope. In The {LASER} Workshop: Learning from Authoritative Security Experiment Results ({LASER} 2016). 1--12. Proc. ACM Meas. Anal. Comput. Syst., Vol. 6, No. 2, Article 40. Publication date: June 2022. 40:26 Liu Wang et al."},{"key":"e_1_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2656460"},{"key":"e_1_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1109\/BADGERS.2014.7"},{"key":"e_1_2_1_54_1","volume-title":"DaPanda: Detecting Aggressive Push Notifications in Android Apps. In 2019 34th IEEE\/ACM International Conference on Automated Software Engineering (ASE). IEEE, 66--78","author":"Liu Tianming","year":"2019","unstructured":"Tianming Liu , Haoyu Wang , Li Li , Guangdong Bai , Yao Guo , and Guoai Xu . 2019 . DaPanda: Detecting Aggressive Push Notifications in Android Apps. In 2019 34th IEEE\/ACM International Conference on Automated Software Engineering (ASE). IEEE, 66--78 . Tianming Liu, Haoyu Wang, Li Li, Guangdong Bai, Yao Guo, and Guoai Xu. 2019. DaPanda: Detecting Aggressive Push Notifications in Android Apps. In 2019 34th IEEE\/ACM International Conference on Automated Software Engineering (ASE). IEEE, 66--78."},{"key":"e_1_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/3366423.3380242"},{"key":"e_1_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23353"},{"key":"e_1_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/3029806.3029823"},{"key":"e_1_2_1_58_1","volume-title":"28th {USENIX} Security Symposium ({USENIX} Security 19). 729--746.","author":"Pendlebury Feargus","unstructured":"Feargus Pendlebury , Fabio Pierazzi , Roberto Jordaney , Johannes Kinder , and Lorenzo Cavallaro . 2019. {TESSERACT} : Eliminating experimental bias in malware classification across space and time . In 28th {USENIX} Security Symposium ({USENIX} Security 19). 729--746. Feargus Pendlebury, Fabio Pierazzi, Roberto Jordaney, Johannes Kinder, and Lorenzo Cavallaro. 2019. {TESSERACT}: Eliminating experimental bias in malware classification across space and time. In 28th {USENIX} Security Symposium ({USENIX} Security 19). 729--746."},{"key":"e_1_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1109\/EISIC.2012.34"},{"key":"e_1_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2016.2536605"},{"key":"e_1_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45719-2_11"},{"key":"e_1_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2016.2646641"},{"key":"e_1_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1145\/3308558.3313611"},{"key":"e_1_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1145\/3196398.3196412"},{"key":"e_1_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/3038912.3052712"},{"key":"e_1_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1145\/3278532.3278558"},{"key":"e_1_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSR.2019.00067"},{"key":"e_1_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-020-09910-y"},{"key":"e_1_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-60876-1_12"},{"key":"e_1_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1145\/2619239.2631434"},{"key":"e_1_2_1_71_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660359"},{"key":"e_1_2_1_72_1","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom.2013.25"},{"key":"e_1_2_1_73_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.16"},{"key":"e_1_2_1_74_1","volume-title":"Proceedings of USENIX Security","author":"Zhu Shuofei","year":"2020","unstructured":"Shuofei Zhu , Jianjun Shi , Limin Yang , Boqin Qin , Ziyi Zhang , Linhai Song , and Gang Wang . 2020 . Measuring and Modeling the Label Dynamics of Online Anti-Malware Engines . In Proceedings of USENIX Security 2020. Shuofei Zhu, Jianjun Shi, Limin Yang, Boqin Qin, Ziyi Zhang, Linhai Song, and Gang Wang. 2020. Measuring and Modeling the Label Dynamics of Online Anti-Malware Engines. In Proceedings of USENIX Security 2020."}],"container-title":["Proceedings of the ACM on Measurement and Analysis of Computing Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3530906","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3530906","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T18:09:27Z","timestamp":1750183767000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3530906"}},"subtitle":["Demystifying Android Malware in the New Era"],"short-title":[],"issued":{"date-parts":[[2022,5,26]]},"references-count":74,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2022,5,26]]}},"alternative-id":["10.1145\/3530906"],"URL":"https:\/\/doi.org\/10.1145\/3530906","relation":{},"ISSN":["2476-1249"],"issn-type":[{"value":"2476-1249","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,5,26]]},"assertion":[{"value":"2022-06-06","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}