{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,29]],"date-time":"2025-09-29T08:16:37Z","timestamp":1759133797203,"version":"3.37.3"},"reference-count":38,"publisher":"Wiley","license":[{"start":{"date-parts":[[2021,4,17]],"date-time":"2021-04-17T00:00:00Z","timestamp":1618617600000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Sichuan Science and Technology Program","award":["2021JDRC0075","2020NZD02","2021-GH03-00001-HZ"],"award-info":[{"award-number":["2021JDRC0075","2020NZD02","2021-GH03-00001-HZ"]}]},{"DOI":"10.13039\/501100012226","name":"Fundamental Research Funds for the Central Universities","doi-asserted-by":"publisher","award":["2021JDRC0075","2020NZD02","2021-GH03-00001-HZ"],"award-info":[{"award-number":["2021JDRC0075","2020NZD02","2021-GH03-00001-HZ"]}],"id":[{"id":"10.13039\/501100012226","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Chengdu Science and Technology Program","award":["2021JDRC0075","2020NZD02","2021-GH03-00001-HZ"],"award-info":[{"award-number":["2021JDRC0075","2020NZD02","2021-GH03-00001-HZ"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security and Communication Networks"],"published-print":{"date-parts":[[2021,4,17]]},"abstract":"<jats:p>As mobile phone is widely used in social network communication, it attracts numerous malicious attacks, which seriously threaten users\u2019 personal privacy and data security. To improve the resilience to attack technologies, structural information analysis has been widely applied in mobile malware detection. However, the rapid improvement of mobile applications has brought an impressive growth of their internal structure in scale and attack technologies. It makes the timely analysis of structural information and malicious feature generation a heavy burden. In this paper, we propose a new Android malware identification approach based on malicious subgraph mining to improve the detection performance of large-scale graph structure analysis. Firstly, function call graphs (FCGs), sensitive permissions, and application programming interfaces (APIs) are generated from the decompiled files of malware. Secondly, two kinds of malicious subgraphs are generated from malware\u2019s decompiled files and put into the feature set. At last, test applications\u2019 safety can be automatically identified and classified into malware families by matching their FCGs with malicious structural features. To evaluate our approach, a dataset of 11,520 malware and benign applications is established. Experimental results indicate that our approach has better performance than three previous works and Androguard.<\/jats:p>","DOI":"10.1155\/2021\/5593178","type":"journal-article","created":{"date-parts":[[2021,4,19]],"date-time":"2021-04-19T19:53:07Z","timestamp":1618861987000},"page":"1-11","source":"Crossref","is-referenced-by-count":3,"title":["A Mobile Malware Detection Method Based on Malicious Subgraphs Mining"],"prefix":"10.1155","volume":"2021","author":[{"given":"Yao","family":"Du","sequence":"first","affiliation":[{"name":"Key Laboratory of Computer System, State Ethnic Affairs Commission, Southwest Minzu University, Chengdu 610041, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7167-8300","authenticated-orcid":true,"given":"Mengtian","family":"Cui","sequence":"additional","affiliation":[{"name":"Key Laboratory of Computer System, State Ethnic Affairs Commission, Southwest Minzu University, Chengdu 610041, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0371-9646","authenticated-orcid":true,"given":"Xiaochun","family":"Cheng","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Middlesex University, London NW44BE, UK"}]}],"member":"311","reference":[{"year":"2019","key":"1","article-title":"Google play store"},{"article-title":"Report: 97% of mobile malware is on android. this is the easy way you stay safe","year":"2014","author":"G. Kelly","key":"2"},{"year":"2015","key":"3","article-title":"Kaspersky report"},{"year":"2019","key":"4","article-title":"Nokia threat intelligence report"},{"issue":"1","key":"5","first-page":"33","article-title":"Efficient signature based malware detection on mobile devices","volume":"4","author":"V. Deepak","year":"2014","journal-title":"Mobile Information Systems"},{"first-page":"44","article-title":"Signature-based detection of privilege-escalation attacks on Android","author":"R. H. Niazi","key":"6"},{"issue":"4","key":"7","doi-asserted-by":"crossref","first-page":"427","DOI":"10.1142\/S0218194020500175","article-title":"AppPerm analyzer: malware detection system based on android permissions and permission groups","volume":"30","author":"\u0130. A. Do\u011fru","year":"2020","journal-title":"International Journal of Software Engineering and Knowledge Engineering"},{"key":"8","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.06.004"},{"key":"9","doi-asserted-by":"publisher","DOI":"10.1142\/s0218194019500116"},{"key":"10","doi-asserted-by":"publisher","DOI":"10.1007\/s13042-018-0838-1"},{"first-page":"1105","article-title":"Semantics-aware Android malware classification using weighted contextual API dependency graphs","author":"M. Zhang","key":"11"},{"article-title":"Extensible android malware detection and family classification using network-flows and API-calls","author":"L. Taheri","key":"12","doi-asserted-by":"crossref","DOI":"10.1109\/CCST.2019.8888430"},{"key":"13","doi-asserted-by":"publisher","DOI":"10.1155\/2018\/7064131"},{"key":"14","doi-asserted-by":"publisher","DOI":"10.1016\/j.patcog.2014.07.015"},{"issue":"13","key":"15","first-page":"2454","article-title":"Attack of the clones: detecting cloned applications on android markets","volume":"81","author":"J. Crussell","year":"2012","journal-title":"European Symposium on Research in Computer Security"},{"key":"16","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-012-0175-y"},{"year":"2019","key":"17","article-title":"Soot: a java optimization framework"},{"key":"18","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2013.07.106"},{"first-page":"1","article-title":"MIGDroid: detecting APP-Repackaging Android malware via method invocation graph","author":"W. Hu","key":"19"},{"key":"20","doi-asserted-by":"publisher","DOI":"10.3390\/s20133645"},{"key":"21","doi-asserted-by":"publisher","DOI":"10.1109\/tmc.2018.2880731"},{"key":"22","doi-asserted-by":"crossref","first-page":"142","DOI":"10.1007\/978-3-642-55415-5_12","article-title":"Detecting code reuse in android applications using component-based control flow graph","volume":"428","author":"X. Sun","year":"2016","journal-title":"IFIP Advances in Information & Communication Technology"},{"author":"M. A. Atici","key":"23","article-title":"Android malware analysis approach based on control flow graphs and machine learning algorithms"},{"author":"T. S. John","key":"24","article-title":"Graph convolutional networks for android malware detection with system call graphs"},{"key":"25","doi-asserted-by":"publisher","DOI":"10.1109\/tr.2019.2924677"},{"issue":"2","key":"26","doi-asserted-by":"crossref","first-page":"1027","DOI":"10.1007\/s00500-019-03940-5","article-title":"Deep learning for effective Android malware detection using API call graph embeddings","volume":"24","author":"P. Abdurrahman","year":"2020","journal-title":"Soft Computing"},{"key":"27","article-title":"Machine learning-based dynamic analysis of Android apps with improved code coverage","volume":"4","author":"S. Y. Yerima","year":"2019","journal-title":"EURASIP Journal on Information Security"},{"author":"Z. Lin","key":"28","article-title":"Classifying android malware with dynamic behavior dependency graphs"},{"author":"L. Xu","key":"29","article-title":"Dynamic android malware classification using graph-based representations"},{"author":"S. Hou","key":"30","article-title":"Deep4MalDroid: a deep learning framework for android malware detection based on linux kernel system call graphs"},{"year":"2016","key":"31","article-title":"Androguard project"},{"first-page":"2147","article-title":"A sort method to enhance significant spectral components of test set","author":"Y. Zhou","key":"32"},{"first-page":"95","article-title":"Dissecting android malware: characterization and evolution","author":"X. Jiang","key":"33"},{"author":"D. Arp","key":"34","article-title":"DREBIN: effective and explainable detection of android malware in your pocket"},{"key":"35","doi-asserted-by":"publisher","DOI":"10.1145\/2666356.2594299"},{"first-page":"281","article-title":"RiskRanker: scalable and accurate zero-day android malware detection","author":"M. Grace","key":"36"},{"issue":"1","key":"37","doi-asserted-by":"crossref","first-page":"99","DOI":"10.1109\/TIFS.2013.2290431","article-title":"Catch me if you can: evaluating android anti-malware against transformation attacks","volume":"9","author":"V. Rastogi","year":"2013","journal-title":"IEEE Transactions on Information Forensics & Security"},{"article-title":"Toward developing a systematic approach to generate Benchmark android malware datasets and classification","author":"A. H. Lashkari","key":"38","doi-asserted-by":"crossref","DOI":"10.1109\/CCST.2018.8585560"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2021\/5593178.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2021\/5593178.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2021\/5593178.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,19]],"date-time":"2021-04-19T19:53:20Z","timestamp":1618862000000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.hindawi.com\/journals\/scn\/2021\/5593178\/"}},"subtitle":[],"editor":[{"given":"Zhe-Li","family":"Liu","sequence":"additional","affiliation":[]}],"short-title":[],"issued":{"date-parts":[[2021,4,17]]},"references-count":38,"alternative-id":["5593178","5593178"],"URL":"https:\/\/doi.org\/10.1155\/2021\/5593178","relation":{},"ISSN":["1939-0122","1939-0114"],"issn-type":[{"type":"electronic","value":"1939-0122"},{"type":"print","value":"1939-0114"}],"subject":[],"published":{"date-parts":[[2021,4,17]]}}}