{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,17]],"date-time":"2025-10-17T14:04:50Z","timestamp":1760709890605,"version":"3.37.3"},"reference-count":65,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2019,4,29]],"date-time":"2019-04-29T00:00:00Z","timestamp":1556496000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100000266","name":"Engineering and Physical Sciences Research Council","doi-asserted-by":"publisher","award":["CSIT-2 EP\/N508664\/1"],"award-info":[{"award-number":["CSIT-2 EP\/N508664\/1"]}],"id":[{"id":"10.13039\/501100000266","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["EURASIP J. on Info. Security"],"published-print":{"date-parts":[[2019,12]]},"DOI":"10.1186\/s13635-019-0087-1","type":"journal-article","created":{"date-parts":[[2019,4,29]],"date-time":"2019-04-29T18:13:16Z","timestamp":1556561596000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":26,"title":["Machine learning-based dynamic analysis of Android apps with improved code coverage"],"prefix":"10.1186","volume":"2019","author":[{"given":"Suleiman Y.","family":"Yerima","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3791-3458","authenticated-orcid":false,"given":"Mohammed K.","family":"Alzaylaee","sequence":"additional","affiliation":[]},{"given":"Sakir","family":"Sezer","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,4,29]]},"reference":[{"key":"87_CR1","unstructured":"Google Play: number of downloads 2010-2016 | Statistic. \n https:\/\/www.statista.com\/statistics\/281106\/number-of-android-app-downloads-from-google-play\/\n \n . Accessed Jan 2019."},{"key":"87_CR2","unstructured":"Global smartphone shipments by OS 2016-2021 | Statistic. \n https:\/\/www.statista.com\/statistics\/309448\/global-smartphone-shipments-forecast-operating-system\/\n \n . Accessed Feb 2019."},{"key":"87_CR3","unstructured":"McAfee Labs Threats Predictions Report | McAfee Labs. \n https:\/\/www.mcafee.com\/uk\/resources\/reports\/rp-quarterly-threats-mar-2016.pdf\n \n . Accessed Feb 2019."},{"key":"87_CR4","unstructured":"J. Oberheide, C. Miller. Dissecting the Android Bouncer. SummerCon2012 (New York, 2012), p. 110."},{"key":"87_CR5","doi-asserted-by":"publisher","unstructured":"M. Linares-V\u00e0squez, K. Moran, D. Poshyvanyk, in 2017 IEEE International Conference on Software Maintenance and Evolution (ICSME). Continuous, evolutionary and large-scale: A new perspective for automated mobile app testing, (2017), pp. 399\u2013410. \n https:\/\/doi.org\/10.1109\/ICSME.2017.27\n \n .","DOI":"10.1109\/ICSME.2017.27"},{"key":"87_CR6","doi-asserted-by":"crossref","unstructured":"S. R. Choudhary, A. Gorla, A. Orso, in In 2015 30th IEEE\/ACM International Conference on Automated Software Engineering (ASE). Automated test input generation for android: Are we there yet? (IEEE, 2015), pp. 429\u2013440.","DOI":"10.1109\/ASE.2015.89"},{"key":"87_CR7","doi-asserted-by":"publisher","unstructured":"M. K. Alzaylaee, S. Y. Yerima, S. Sezer, in 2017 International Conference on Cyber Security And Protection Of Digital Services (Cyber Security). Improving dynamic analysis of android apps using hybrid test input generation, (2017), pp. 1\u20138. \n https:\/\/doi.org\/10.1109\/CyberSecPODS.2017.8074845\n \n .","DOI":"10.1109\/CyberSecPODS.2017.8074845"},{"key":"87_CR8","doi-asserted-by":"publisher","unstructured":"M. K. Alzaylaee, S. Y. Yerima, S. Sezer, in 2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security). Dynalog: an automated dynamic analysis framework for characterizing android applications, (2016), pp. 1\u20138. \n https:\/\/doi.org\/10.1109\/CyberSecPODS.2016.7502337\n \n .","DOI":"10.1109\/CyberSecPODS.2016.7502337"},{"key":"87_CR9","unstructured":"APIMonitor. \n https:\/\/github.com\/pjlantz\/droidbox\/wiki\/APIMonitor\n \n . Accessed Sept 2018."},{"key":"87_CR10","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1145\/3041008.3041010","volume-title":"Proceedings of the 3rd ACM on International Workshop on Security And Privacy Analytics. IWSPA \u201917","author":"M. K. Alzaylaee","year":"2017","unstructured":"M. K. Alzaylaee, S. Y. Yerima, S. Sezer, in Proceedings of the 3rd ACM on International Workshop on Security And Privacy Analytics. IWSPA \u201917. Emulator vs real phone: Android malware detection using machine learning (ACMScottsdale, 2017), pp. 65\u201372. \n https:\/\/doi.org\/10.1145\/3041008.3041010\n \n . \n http:\/\/doi.acm.org\/10.1145\/3041008.3041010\n \n ."},{"key":"87_CR11","doi-asserted-by":"publisher","unstructured":"T. Bl\u00e4sing, L. Batyuk, A. D. Schmidt, S. A. Camtepe, S. Albayrak, in 2010 5th International Conference on Malicious and Unwanted Software. An android application sandbox system for suspicious software detection, (2010), pp. 55\u201362. \n https:\/\/doi.org\/10.1109\/MALWARE.2010.5665792\n \n .","DOI":"10.1109\/MALWARE.2010.5665792"},{"key":"87_CR12","doi-asserted-by":"publisher","unstructured":"T. Eder, M. Rodler, D. Vymazal, M. Zeilinger, in 2013 International Conference on Availability, Reliability and Security. Ananas - a framework for analyzing android applications, (2013), pp. 711\u2013719. \n https:\/\/doi.org\/10.1109\/ARES.2013.93\n \n .","DOI":"10.1109\/ARES.2013.93"},{"key":"87_CR13","doi-asserted-by":"publisher","first-page":"1808","DOI":"10.1145\/2480362.2480701","volume-title":"Proceedings of the 28th Annual ACM Symposium on Applied Computing. SAC \u201913","author":"M. Spreitzenbarth","year":"2013","unstructured":"M. Spreitzenbarth, F. Freiling, F. Echtler, T. Schreck, J. Hoffmann, in Proceedings of the 28th Annual ACM Symposium on Applied Computing. SAC \u201913. Mobile-sandbox: having a deeper look into android applications (ACMNew York, 2013), pp. 1808\u20131815. \n https:\/\/doi.org\/10.1145\/2480362.2480701\n \n ."},{"key":"87_CR14","doi-asserted-by":"publisher","first-page":"611","DOI":"10.1145\/2508859.2516689","volume-title":"Proceedings of the 2013 ACM SIGSAC Conference on Computer; Communications Security. CCS \u201913","author":"Y. Zhang","year":"2013","unstructured":"Y. Zhang, M. Yang, B. Xu, Z. Yang, G. Gu, P. Ning, X. S. Wang, B. Zang, in Proceedings of the 2013 ACM SIGSAC Conference on Computer; Communications Security. CCS \u201913. Vetting undesirable behaviors in android apps with permission use analysis (ACMNew York, 2013), pp. 611\u2013622. \n https:\/\/doi.org\/10.1145\/2508859.2516689\n \n ."},{"key":"87_CR15","unstructured":"UI\/Application Exerciser Monkey (2017). \n https:\/\/developer.android.com\/studio\/test\/monkey.html\n \n . Accessed Sept 2018."},{"key":"87_CR16","doi-asserted-by":"publisher","first-page":"258","DOI":"10.1145\/2351676.2351717","volume-title":"Proceedings of the 27th IEEE\/ACM International Conference on Automated Software Engineering. ASE 2012","author":"D. Amalfitano","year":"2012","unstructured":"D. Amalfitano, A. R. Fasolino, P. Tramontana, S. De Carmine, A. M. Memon, in Proceedings of the 27th IEEE\/ACM International Conference on Automated Software Engineering. ASE 2012. Using GUI ripping for automated testing of android applications (ACMNew York, 2012), pp. 258\u2013261. \n https:\/\/doi.org\/10.1145\/2351676.2351717\n \n ."},{"key":"87_CR17","unstructured":"W. Yang, M. R. Prasad, T. Xie, in Fundamental Approaches to Software Engineering. FASE 2013. Lecture Notes in Computer Science, Vol. 7793, ed. by Cortellessa V., Varr\u00f3 D.A grey-box approach for automated GUI-model generation of mobile applications (SpringerBerlin, 2013), pp. 250\u2013265."},{"issue":"10","key":"87_CR18","doi-asserted-by":"publisher","first-page":"641","DOI":"10.1145\/2544173.2509549","volume":"48","author":"T. Azim","year":"2013","unstructured":"T. Azim, I. Neamtiu, Targeted and depth-first exploration for systematic testing of android apps. SIGPLAN Not.48(10), 641\u2013660 (2013). \n https:\/\/doi.org\/10.1145\/2544173.2509549\n \n .","journal-title":"SIGPLAN Not."},{"key":"87_CR19","doi-asserted-by":"publisher","first-page":"623","DOI":"10.1145\/2509136.2509552","volume-title":"Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications (OOPSLA \u201913)","author":"W. Choi","year":"2013","unstructured":"W. Choi, G. Necula, K. Sen, in Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications (OOPSLA \u201913), 48. Guided GUI testing of android apps with minimal restart and approximate learning (ACMNew York, 2013), pp. 623\u2013640. \n https:\/\/doi.org\/10.1145\/2509136.2509552\n \n ."},{"key":"87_CR20","doi-asserted-by":"publisher","first-page":"204","DOI":"10.1145\/2594368.2594390","volume-title":"Proceedings of the 12th Annual International Conference on Mobile Systems, Applications, and Services (MobiSys \u201914)","author":"S. Hao","year":"2014","unstructured":"S. Hao, B. Liu, S. Nath, W. G. Halfond, R. Govindan, in Proceedings of the 12th Annual International Conference on Mobile Systems, Applications, and Services (MobiSys \u201914). Puma: Programmable UI-automation for large-scale dynamic analysis of mobile apps (ACMNew York, 2014), pp. 204\u2013217. \n https:\/\/doi.org\/10.1145\/2594368.2594390\n \n . \n http:\/\/doi.acm.org\/10.1145\/2594368.2594390\n \n ."},{"key":"87_CR21","doi-asserted-by":"publisher","unstructured":"Y. Li, Z. Yang, Y. Guo, X. Chen, in 2017 IEEE\/ACM 39th International Conference on Software Engineering Companion (ICSE-C). Droidbot: a lightweight UI-guided test input generator for android, (2017), pp. 23\u201326. \n https:\/\/doi.org\/10.1109\/ICSE-C.2017.8\n \n .","DOI":"10.1109\/ICSE-C.2017.8"},{"key":"87_CR22","unstructured":"Z. Yajin, J. Xuxian, Android Malware Genome Project. \n http:\/\/www.malgenomeproject.org\/\n \n . Accessed Sept 2018."},{"key":"87_CR23","unstructured":"L. Santoku. \n https:\/\/santoku-linux.com\/\n \n . Accessed July 2018."},{"key":"87_CR24","doi-asserted-by":"publisher","unstructured":"D. Arp, M. Spreitzenbarth, H. Malte, H. Gascon, K. Rieck, Drebin: effective and explainable detection of Android malware in your pocket. Symposium on Network and Distributed System Security (NDSS) (February), 23\u201326 (2014). \n https:\/\/doi.org\/10.14722\/ndss.2014.23247\n \n .","DOI":"10.14722\/ndss.2014.23247"},{"key":"87_CR25","doi-asserted-by":"publisher","first-page":"86","DOI":"10.1007\/978-3-319-04283-1_6","volume":"127","author":"Y. Aafer","year":"2013","unstructured":"Y. Aafer, W. Du, H. Yin, DroidAPIMiner: mining API-level features for robust malware detection in Android. Security and Privacy in Communication Networks. 127:, 86\u2013103 (2013). \n https:\/\/doi.org\/10.1007\/978-3-319-04283-1_6\n \n .","journal-title":"Security and Privacy in Communication Networks"},{"key":"87_CR26","doi-asserted-by":"publisher","first-page":"1236","DOI":"10.1109\/SAI.2015.7237302","volume-title":"Science and Information Conference (SAI), 2015","author":"S. Y. Yerima","year":"2015","unstructured":"S. Y. Yerima, S. Sezer, I. Muttik, in Science and Information Conference (SAI), 2015. Android malware detection: an eigenspace analysis approach (IEEELondon, 2015), pp. 1236\u20131242. \n https:\/\/doi.org\/10.1109\/SAI.2015.7237302\n \n ."},{"issue":"8","key":"87_CR27","doi-asserted-by":"publisher","first-page":"1772","DOI":"10.1109\/TIFS.2017.2687880","volume":"12","author":"M. Fan","year":"2017","unstructured":"M. Fan, J. Liu, W. Wang, H. Li, Z. Tian, T. Liu, Dapasa: detecting android piggybacked apps through sensitive subgraph analysis. IEEE Trans. Inf. Forensics Secur.12(8), 1772\u20131785 (2017). \n https:\/\/doi.org\/10.1109\/TIFS.2017.2687880\n \n .","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"issue":"6","key":"87_CR28","doi-asserted-by":"publisher","first-page":"313","DOI":"10.1049\/iet-ifs.2014.0099","volume":"9","author":"S. Y. Yerima","year":"2015","unstructured":"S. Y. Yerima, S. Sezer, I. Muttik, High accuracy android malware detection using ensemble learning. IET Inf. Secur.9(6), 313\u2013320 (2015). \n https:\/\/doi.org\/10.1049\/iet-ifs.2014.0099\n \n .","journal-title":"IET Inf. Secur."},{"key":"87_CR29","unstructured":"B. Kang, S. Y. Yerima, S. Sezer, K. McLaughlin, N-gram opcode analysis for android malware detection. CoRR. abs\/1612.01445: (2016). http:\/\/arxiv.org\/abs\/1612.01445."},{"issue":"4","key":"87_CR30","doi-asserted-by":"publisher","first-page":"400","DOI":"10.1109\/TDSC.2014.2355839","volume":"12","author":"L. Cen","year":"2015","unstructured":"L. Cen, C. S. Gates, L. Si, N. Li, A probabilistic discriminative model for android malware detection with decompiled source code. IEEE Trans. Dependable Secure Comput.12(4), 400\u2013412 (2015). \n https:\/\/doi.org\/10.1109\/TDSC.2014.2355839\n \n .","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"87_CR31","doi-asserted-by":"publisher","unstructured":"Westyarian, Y. Rosmansyah, B. Dabarsyah, in 2015 International Conference on Electrical Engineering and Informatics (ICEEI). Malware detection on android smartphones using api class and machine learning, (2015), pp. 294\u2013297. \n https:\/\/doi.org\/10.1109\/ICEEI.2015.7352513\n \n .","DOI":"10.1109\/ICEEI.2015.7352513"},{"key":"87_CR32","doi-asserted-by":"publisher","unstructured":"B. Kang, S. Y. Yerima, K. Mclaughlin, S. Sezer, in 2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security). N-opcode analysis for android malware classification and categorization, (2016), pp. 1\u20137. \n https:\/\/doi.org\/10.1109\/CyberSecPODS.2016.7502343\n \n .","DOI":"10.1109\/CyberSecPODS.2016.7502343"},{"key":"87_CR33","doi-asserted-by":"crossref","unstructured":"G. Suarez-Tangil, S. K. Dash, M. Ahmadi, J. Kinder, G. Giacinto, L. Cavallaro, in Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy. Droidsieve: fast and accurate classification of obfuscated android malware (ACM, 2017), pp. 309\u2013320.","DOI":"10.1145\/3029806.3029825"},{"issue":"2","key":"87_CR34","doi-asserted-by":"publisher","first-page":"453","DOI":"10.1109\/TCYB.2017.2777960","volume":"49","author":"S. Y. Yerima","year":"2018","unstructured":"S. Y. Yerima, S. Sezer, Droidfusion: A novel multilevel classifier fusion approach for android malware detection. IEEE Trans. Cybern.49(2), 453\u2013466 (2018). Feb 2019, \n https:\/\/doi.org\/10.1109\/TCYB.2017.2777960\n \n .","journal-title":"IEEE Trans. Cybern."},{"key":"87_CR35","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2494522","volume":"49","author":"W. Enck","year":"2010","unstructured":"W. Enck, P. Gilbert, B. -G. Chun, L. P. Cox, J. Jung, P. McDaniel, A. N. Sheth, TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. Osdi \u201910. 49:, 1\u20136 (2010). \n https:\/\/doi.org\/10.1145\/2494522\n \n .","journal-title":"Osdi \u201910"},{"key":"87_CR36","unstructured":"GoogleArchive DroidBox. \n https:\/\/code.google.com\/archive\/p\/droidbox\/\n \n . Accessed Jan 2019."},{"key":"87_CR37","doi-asserted-by":"publisher","unstructured":"K. Tam, S. J. Khan, A. Fattori, L. Cavallaro, CopperDroid: automatic reconstruction of android malware behaviors. Ndss (February), 8\u201311 (2015). \n https:\/\/doi.org\/10.14722\/ndss.2015.23145\n \n .","DOI":"10.14722\/ndss.2015.23145"},{"key":"87_CR38","doi-asserted-by":"publisher","unstructured":"V. Rastogi, Y. Chen, W. Enck, AppsPlayground : automatic security analysis of smartphone applications. CODASPY \u201913 (3rd ACM conference on Data and Application Security and Privac), 209\u2013220 (2013). \n https:\/\/doi.org\/10.1145\/2435349.2435379\n \n .","DOI":"10.1145\/2435349.2435379"},{"key":"87_CR39","unstructured":"Tracedroid. \n http:\/\/tracedroid.few.vu.nl\/\n \n . Accessed Feb 2019."},{"key":"87_CR40","unstructured":"NVISO ApkScan - Scan Android applications for malware. \n https:\/\/apkscan.nviso.be\/\n \n . Accessed Feb 2019."},{"key":"87_CR41","doi-asserted-by":"publisher","first-page":"599","DOI":"10.1145\/2635868.2635896","volume-title":"Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE 2014)","author":"R. Mahmood","year":"2014","unstructured":"R. Mahmood, N. Mirzaei, S. Malek, in Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE 2014). Evodroid: segmented evolutionary testing of android apps (ACMNew York, 2014), pp. 599\u2013609. \n https:\/\/doi.org\/10.1145\/2635868.2635896\n \n ."},{"key":"87_CR42","doi-asserted-by":"publisher","first-page":"94","DOI":"10.1145\/2931037.2931054","volume-title":"Proceedings of the 25th International Symposium on Software Testing and Analysis. ISSTA 2016","author":"K. Mao","year":"2016","unstructured":"K. Mao, M. Harman, Y. Jia, in Proceedings of the 25th International Symposium on Software Testing and Analysis. ISSTA 2016. Sapienz: multi-objective automated testing for android applications (ACMNew York, 2016), pp. 94\u2013105. \n https:\/\/doi.org\/10.1145\/2931037.2931054\n \n . \n http:\/\/doi.acm.org\/10.1145\/2931037.2931054\n \n ."},{"key":"87_CR43","doi-asserted-by":"publisher","unstructured":"N. Mirzaei, H. Bagheri, R. Mahmood, S. Malek, in 2015 IEEE 26th International Symposium on Software Reliability Engineering (ISSRE). Sig-droid: automated system input generation for android applications (IEEE, 2015), pp. 461\u2013471. Gaithersbury, MD, \n https:\/\/doi.org\/10.1109\/ISSRE.2015.7381839\n \n .","DOI":"10.1109\/ISSRE.2015.7381839"},{"key":"87_CR44","doi-asserted-by":"crossref","unstructured":"S. K. Dash, G. Suarez-Tangil, S. Khan, K. Tam, M. Ahmadi, J. Kinder, L. Cavallaro, in 2016 IEEE Security and Privacy Workshops (SPW). Droidscribe: classifying android malware based on runtime behavior (IEEE, 2016), pp. 252\u2013261.","DOI":"10.1109\/SPW.2016.25"},{"key":"87_CR45","doi-asserted-by":"publisher","first-page":"224","DOI":"10.1145\/2491411.2491450","volume-title":"Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering (ESEC\/FSE 2013)","author":"A. Machiry","year":"2013","unstructured":"A. Machiry, R. Tahiliani, M. Naik, in Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering (ESEC\/FSE 2013). Dynodroid: an input generation system for android apps (ACMNew York, 2013), pp. 224\u2013234. \n https:\/\/doi.org\/10.1145\/2491411.2491450\n \n ."},{"issue":"5","key":"87_CR46","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1109\/MS.2014.55","volume":"32","author":"D. Amalfitano","year":"2015","unstructured":"D. Amalfitano, A. R. Fasolino, P. Tramontana, B. D. Ta, A. M. Memon, Mobiguitar: automated model-based testing of mobile apps. IEEE Softw.32(5), 53\u201359 (2015). \n https:\/\/doi.org\/10.1109\/MS.2014.55\n \n .","journal-title":"IEEE Softw."},{"key":"87_CR47","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1145\/2393596.2393666","volume-title":"Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering (FSE \u201912)","author":"S. Anand","year":"2012","unstructured":"S. Anand, M. Naik, M. J. Harrold, H. Yang, in Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering (FSE \u201912). Automated concolic testing of smartphone apps (ACMNew York, 2012), p. 11. \n https:\/\/doi.org\/10.1145\/2393596.2393666\n \n ."},{"key":"87_CR48","unstructured":"V. Van Der Veen, H. Bos, C. Rossow, Dynamic analysis of android malware (2013)."},{"key":"87_CR49","unstructured":"L. Weichselbaum, M. Neugschwandtner, M. Lindorfer, Y. Fratantonio, V van der Veen, C. Platzer. Andrubis: Android malware under the magnifying glass, (2014). Vienna University of Technology, Tech. Rep. TR-ISECLAB-0414- 001."},{"key":"87_CR50","doi-asserted-by":"crossref","unstructured":"L. Xu, D. Zhang, N. Jayasena, J. Cavazos, in Proceedings of SAI Intelligent Systems Conference (IntelliSys), ed. by Bi Y., Kapoor S., and Bhatia R.Hadm: Hybrid analysis for detection of malware (Springer, Cham, 2016). IntelliSys 2016. Lecture Notes in Networks and Systems, vol 16.","DOI":"10.1007\/978-3-319-56991-8_51"},{"key":"87_CR51","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2875475.2875487","volume-title":"Proceedings of the 2016 ACM on International Workshop on Security And Privacy Analytics. IWSPA \u201916","author":"M. Dimja\u0161evi\u0107","year":"2016","unstructured":"M. Dimja\u0161evi\u0107, S. Atzeni, I. Ugrina, Z. Rakamaric, in Proceedings of the 2016 ACM on International Workshop on Security And Privacy Analytics. IWSPA \u201916. Evaluation of android malware detection based on system calls (ACMNew York, 2016), pp. 1\u20138. \n https:\/\/doi.org\/10.1145\/2875475.2875487\n \n . \n http:\/\/doi.acm.org\/10.1145\/2875475.2875487\n \n ."},{"key":"87_CR52","unstructured":"P. Irolla, E. Filiol, Glassbox: dynamic analysis platform for malware android applications on real devices. CoRR. abs\/1609.04718: (2016). http:\/\/arxiv.org\/abs\/1609.04718."},{"key":"87_CR53","doi-asserted-by":"publisher","unstructured":"S. Dai, A. Tongaonkar, X. Wang, A. Nucci, D. Song, in 2013 Proceedings IEEE INFOCOM. Networkprofiler: towards automatic fingerprinting of android apps, (2013), pp. 809\u2013817. \n https:\/\/doi.org\/10.1109\/INFCOM.2013.6566868\n \n .","DOI":"10.1109\/INFCOM.2013.6566868"},{"key":"87_CR54","unstructured":"M. Bierma, E. Gustafson, J. Erickson, D. Fritz, Y. R. Choe, Andlantis: large-scale android dynamic analysis. CoRR. abs\/1410.7751: (2014). http:\/\/arxiv.org\/abs\/1410.7751."},{"key":"87_CR55","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1145\/1982595.1982612","volume-title":"Proceedings of the 6th International Workshop on Automation of Software Test. AST \u201911","author":"C. Hu","year":"2011","unstructured":"C. Hu, I. Neamtiu, in Proceedings of the 6th International Workshop on Automation of Software Test. AST \u201911. Automating gui testing for android applications (ACMNew York, 2011), pp. 77\u201383. \n https:\/\/doi.org\/10.1145\/1982595.1982612\n \n . \n http:\/\/doi.acm.org\/10.1145\/1982595.1982612\n \n ."},{"key":"87_CR56","doi-asserted-by":"publisher","unstructured":"H. Cai, B. G. Ryder, V. Tech, Understanding Android application programming and security: a dynamic study. 1:, 1\u201312 (2017). \n https:\/\/doi.org\/10.1109\/ICSME.2017.31\n \n .","DOI":"10.1109\/ICSME.2017.31"},{"key":"87_CR57","doi-asserted-by":"publisher","unstructured":"M. Lindorfer, M. Neugschwandtner, in 2015 IEEE 39th Annual Computer Software and Applications Conference. Marvin: efficient and comprehensive mobile app classification through static and dynamic analysis (Taichung, 2015), pp. 422\u2013433. \n https:\/\/doi.org\/10.1109\/COMPSAC.2015.103\n \n .","DOI":"10.1109\/COMPSAC.2015.103"},{"issue":"1","key":"87_CR58","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1007\/s10844-010-0148-x","volume":"38","author":"A. Shabtai","year":"2012","unstructured":"A. Shabtai, U. Kanonov, Y. Elovici, C. Glezer, Y. Weiss, \u201cAndromaly\u201d: a behavioral malware detection framework for android devices. J. Intell. Inf. Syst.38(1), 161\u2013190 (2012). \n https:\/\/doi.org\/10.1007\/s10844-010-0148-x\n \n .","journal-title":"J. Intell. Inf. Syst."},{"key":"87_CR59","doi-asserted-by":"publisher","first-page":"240","DOI":"10.1007\/978-3-642-33704-8-21","volume":"7531 LNCS","author":"G. Dini","year":"2012","unstructured":"G. Dini, F. Martinelli, A. Saracino, D. Sgandurra, MADAM: a multi-level anomaly detector for android malware. Lect. Notes Comput. Sci (Incl. subseries Lect. Notes Artif. Intell. Lect. Notes Bioinforma.)7531 LNCS:, 240\u2013253 (2012). \n https:\/\/doi.org\/10.1007\/978-3-642-33704-8-21\n \n .","journal-title":"Lect. Notes Comput. Sci (Incl. subseries Lect. Notes Artif. Intell. Lect. Notes Bioinforma.)"},{"key":"87_CR60","unstructured":"H. Cai, N. Meng, B. Ryder, D. Yao, Droidcat : unified dynamic detection of android malware (2017)."},{"key":"87_CR61","doi-asserted-by":"publisher","unstructured":"B. Amos, H. Turner, J. White, Applying machine learning classifiers to dynamic android malware detection at scale, (2013). \n https:\/\/doi.org\/10.1109\/IWCMC.2013.6583806\n \n .","DOI":"10.1109\/IWCMC.2013.6583806"},{"issue":"2","key":"87_CR62","doi-asserted-by":"publisher","first-page":"141","DOI":"10.1007\/s10207-014-0250-0","volume":"14","author":"M. Spreitzenbarth","year":"2015","unstructured":"M. Spreitzenbarth, T. Schreck, F. Echtler, D. Arp, J. Hoffmann, Mobile-sandbox: combining static and dynamic analysis with machine-learning techniques. Int. J. Inf. Secur.14(2), 141\u2013153 (2015).","journal-title":"Int. J. Inf. Secur."},{"key":"87_CR63","doi-asserted-by":"publisher","unstructured":"E. B. Karbab, M. Debbabi, S. Alrabaee, D. Mouheb, in 2016 11th International Conference on Malicious and Unwanted Software (MALWARE). Dysign: dynamic fingerprinting for the automatic detection of android malware, (2016), pp. 1\u20138. \n https:\/\/doi.org\/10.1109\/MALWARE.2016.7888739\n \n .","DOI":"10.1109\/MALWARE.2016.7888739"},{"key":"87_CR64","unstructured":"L. Massarelli, L. Aniello, C. Ciccotelli, L. Querzoni, D. Ucci, R. Baldoni, Android malware family classification based on resource consumption over time (2017). ArXiv e-prints. http:\/\/arxiv.org\/abs\/1709.00875."},{"issue":"1","key":"87_CR65","doi-asserted-by":"publisher","first-page":"9","DOI":"10.1007\/s11416-014-0226-7","volume":"11","author":"V. M. Afonso","year":"2015","unstructured":"V. M. Afonso, M. F. de Amorim, A. R. A. Gr\u00e9gio, G. B. Junquera, P. L. de Geus, Identifying android malware using dynamically obtained features. J. Comput. Virol. Hacking Tech.11(1), 9\u201317 (2015).","journal-title":"J. Comput. Virol. Hacking Tech."}],"container-title":["EURASIP Journal on Information Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13635-019-0087-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1186\/s13635-019-0087-1\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13635-019-0087-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,4,27]],"date-time":"2020-04-27T23:08:22Z","timestamp":1588028902000},"score":1,"resource":{"primary":{"URL":"https:\/\/jis-eurasipjournals.springeropen.com\/articles\/10.1186\/s13635-019-0087-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,4,29]]},"references-count":65,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2019,12]]}},"alternative-id":["87"],"URL":"https:\/\/doi.org\/10.1186\/s13635-019-0087-1","relation":{},"ISSN":["2510-523X"],"issn-type":[{"type":"electronic","value":"2510-523X"}],"subject":[],"published":{"date-parts":[[2019,4,29]]},"assertion":[{"value":"17 April 2018","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"4 April 2019","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"29 April 2019","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"The authors declare that they have no competing interests.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}},{"value":"Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Publisher\u2019s Note"}}],"article-number":"4"}}