{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T17:12:58Z","timestamp":1772039578617,"version":"3.50.1"},"reference-count":49,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2018,6,5]],"date-time":"2018-06-05T00:00:00Z","timestamp":1528156800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cybersecur"],"published-print":{"date-parts":[[2018,12]]},"DOI":"10.1186\/s42400-018-0006-7","type":"journal-article","created":{"date-parts":[[2018,5,28]],"date-time":"2018-05-28T06:36:46Z","timestamp":1527489406000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":14,"title":["DroidEcho: an in-depth dissection of malicious behaviors in Android applications"],"prefix":"10.1186","volume":"1","author":[{"given":"Guozhu","family":"Meng","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ruitao","family":"Feng","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Guangdong","family":"Bai","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kai","family":"Chen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yang","family":"Liu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,6,5]]},"reference":[{"key":"6_CR1","doi-asserted-by":"crossref","unstructured":"Arzt, S, Bodden E (2016) StubDroid: Automatic Inference of Precise Data-flow Summaries for the Android Framework In: Proceedings of the 38th International Conference on Software Engineering, 725\u2013735.","DOI":"10.1145\/2884781.2884816"},{"key":"6_CR2","doi-asserted-by":"crossref","unstructured":"Arzt, S, Rasthofer S, Fritz C, Bodden E, Bartel A, Klein J, Le Traon Y, Octeau D, McDaniel P (2014) FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps In: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, 259\u2013269, Edinburgh.","DOI":"10.1145\/2666356.2594299"},{"key":"6_CR3","doi-asserted-by":"crossref","first-page":"259","DOI":"10.1145\/2594291.2594299","volume-title":"Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI \u201914","author":"S Arzt","year":"2014","unstructured":"Arzt, S, Rasthofer S, Fritz C, Bodden E, Bartel A, Klein J, Le Traon Y, Octeau D, McDaniel P (2014) Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps In: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI \u201914, 259\u2013269.. ACM, New York."},{"key":"6_CR4","first-page":"217","volume-title":"Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS \u201912","author":"KWY Au","year":"2012","unstructured":"Au, KWY, Zhou Y, Huang Z, Lie D (2012) PScout: Analyzing the Android Permission Specification In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS \u201912, 217\u2013228.. ACM, New York."},{"key":"6_CR5","doi-asserted-by":"crossref","unstructured":"Bosu, A, Liu F, Yao DD, Wang G (2017) Collusive Data Leak and More: Large-scale Threat Analysis of Inter-app Communications In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, 71\u201385, Abu Dhabi.","DOI":"10.1145\/3052973.3053004"},{"key":"6_CR6","unstructured":"Chen, KZ, Johnson NM, D\u2019Silva V, Dai S, MacNamara K, Magrino TR, Wu EX, Rinard M, Song DX (2013) Contextual Policy Enforcement in Android Applications with Permission Event Graphs In: 20th Annual Network and Distributed System Security Symposium, NDSS \u201913, San Diego. http:\/\/internetsociety.org\/doc\/contextual-policy-enforcement-android-applications-permission-event-graphs ."},{"key":"6_CR7","first-page":"1037","volume-title":"Proceedings of the 23rd USENIX Conference on Security Symposium, SEC\u201914","author":"QA Chen","year":"2014","unstructured":"Chen, QA, Qian Z, Mao ZM (2014) Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks In: Proceedings of the 23rd USENIX Conference on Security Symposium, SEC\u201914, 1037\u20131052.. USENIX Association, Berkeley."},{"key":"6_CR8","first-page":"393","volume-title":"Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, OSDI\u201910","author":"W Enck","year":"2010","unstructured":"Enck, W, Gilbert P, Chun B-G, Cox LP, Jung J, McDaniel P, Sheth AN (2010) TaintDroid: An Information-flow Tracking System for Realtime Privacy Monitoring on Smartphones In: Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, OSDI\u201910, 393\u2013407.. USENIX Association, Berkeley."},{"key":"6_CR9","first-page":"21","volume-title":"Proceedings of the 20th USENIX Conference on Security, SEC\u201911","author":"W Enck","year":"2011","unstructured":"Enck, W, Octeau D, McDaniel P, Chaudhuri S (2011) A Study of Android Application Security In: Proceedings of the 20th USENIX Conference on Security, SEC\u201911, 21\u201321.. USENIX Association, Berkeley."},{"issue":"1","key":"6_CR10","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1109\/MSP.2009.26","volume":"7","author":"W Enck","year":"2009","unstructured":"Enck, W, Ongtang M, McDaniel PD (2009) Understanding Android Security. IEEE Secur Priv 7(1):50\u201357.","journal-title":"IEEE Secur Priv"},{"key":"6_CR11","unstructured":"F-Secure Lab (2013) Mobile Threat Report, January - March 2013. Technical report."},{"key":"6_CR12","doi-asserted-by":"publisher","unstructured":"Feng, Y, Anand S, Dillig I, Aiken A2014. Apposcopy: Semantics-Based Detection of Android Malware Through Static Analysis. ACM, New Year. https:\/\/doi.org\/10.1145\/2635868.2635869 .","DOI":"10.1145\/2635868.2635869"},{"key":"6_CR13","unstructured":"Grace, MC, Zhou Y, Wang Z, Jiang X (2012) Systematic Detection of Capability Leaks in Stock Android Smartphones In: 19th Annual Network & Distributed System Security Symposium. http:\/\/dblp.uni-trier.de\/rec\/bib\/conf\/ndss\/GraceZWJ12 ."},{"key":"6_CR14","unstructured":"Gunadi, H, Tiu A (2013) Efficient runtime monitoring with metric temporal logic: A case study in the android operating system. CoRR abs\/1311.2362. http:\/\/arxiv.org\/abs\/1311.2362."},{"key":"6_CR15","first-page":"92","volume-title":"Proceedings of the 2013 International Conference on Software Engineering, ICSE \u201913","author":"S Hao","year":"2013","unstructured":"Hao, S, Li D, Halfond WGJ, Govindan R (2013) Estimating Mobile Application Energy Consumption Using Program Analysis In: Proceedings of the 2013 International Conference on Software Engineering, ICSE \u201913, 92\u2013101.. IEEE Press, Piscataway."},{"key":"6_CR16","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1109\/IMF.2014.8","volume-title":"Proceedings of the 2014 Eighth International Conference on IT Security Incident Management & IT Forensics, IMF \u201914","author":"C Hilgers","year":"2014","unstructured":"Hilgers, C, Macht H, M\u00fcller T, Spreitzenbarth M (2014) Post-Mortem Memory Analysis of Cold-Booted Android Devices In: Proceedings of the 2014 Eighth International Conference on IT Security Incident Management & IT Forensics, IMF \u201914, 62\u201375.. IEEE Computer Society, Washington."},{"key":"6_CR17","doi-asserted-by":"publisher","first-page":"153","DOI":"10.1007\/3-540-36579-6_12","volume-title":"Proceedings of the 12th International Conference on Compiler Construction, CC\u201903","author":"O Lhot\u00e1k","year":"2003","unstructured":"Lhot\u00e1k, O, Hendren L (2003) Scaling Java Points-to Analysis Using SPARK In: Proceedings of the 12th International Conference on Compiler Construction, CC\u201903, 153\u2013169.. Springer-Verlag, Berlin."},{"key":"6_CR18","doi-asserted-by":"crossref","unstructured":"Li, L, Bartel A, Bissyand\u00e9 TF, Klein J, Traon YL, Arzt S, Rasthofer S, Bodden E, Octeau D, McDaniel PD (2015) IccTA: Detecting Inter-Component Privacy Leaks in Android Apps In: 37th IEEE\/ACM International Conference on Software Engineering, ICSE 2015, Florence, Italy, May 16-24, 2015, Volume 1, 280\u2013291.","DOI":"10.1109\/ICSE.2015.48"},{"key":"6_CR19","volume-title":"Proceedings of the First International Workshop on Security in Embedded Systems and Smartphones, SESP \u201913","author":"W Luo","year":"2013","unstructured":"Luo, W, Xu S, Jiang X (2013) Real-time Detection and Prevention of Android SMS Permission Abuses In: Proceedings of the First International Workshop on Security in Embedded Systems and Smartphones, SESP \u201913.. ACM, New York."},{"key":"6_CR20","first-page":"04433","volume":"abs\/1612","author":"E Mariconti","year":"2016","unstructured":"Mariconti, E, Onwuzurike L, Andriotis P, Cristofaro ED, Ross GJ, Stringhini G (2016) Mamadroid: Detecting android malware by building markov chains of behavioral models. CoRR abs\/1612:04433.","journal-title":"CoRR"},{"key":"6_CR21","first-page":"543","volume-title":"Proceedings of the 22Nd USENIX Conference on Security, SEC\u201913","author":"D Octeau","year":"2013","unstructured":"Octeau, D, McDaniel P, Jha S, Bartel A, Bodden E, Klein J, Traon YL (2013) Effective Inter-Component Communication Mapping in Android: An Essential Step Towards Holistic Security Analysis In: Proceedings of the 22Nd USENIX Conference on Security, SEC\u201913, 543\u2013558.. USENIX Association, Berkeley."},{"key":"6_CR22","volume-title":"the 8th Workshop on Hot Topics in System Dependability","author":"AJ Oliner","year":"2012","unstructured":"Oliner, AJ, Iyer A, Lagerspetz E, Tarkoma S (2012) Collaborative Energy Debugging for Mobile Devices In: the 8th Workshop on Hot Topics in System Dependability.. USENIX, Berkeley."},{"key":"6_CR23","first-page":"40","volume-title":"Security and Privacy in Mobile Information and Communication Systems","author":"C Orthacker","year":"2011","unstructured":"Orthacker, C, Teufl P, Kraxberger S, Lackner G, Gissing M, Marsalek A, Leibetseder J, Prevenhueber O (2011) Android Security Permissions - Can We Trust Them? In: Security and Privacy in Mobile Information and Communication Systems, 40\u201351.. Springer Berlin Heidelberg, Berlin."},{"key":"6_CR24","doi-asserted-by":"publisher","unstructured":"Pathak, A, Hu YC, Zhang MBootstrapping Energy Debugging on Smartphones: A First Look at Energy Bugs in Mobile Devices In: Proceedings of the 10th ACM Workshop on Hot Topics in Networks, HotNets-X, 5:1\u20135:6.. ACM, New York. https:\/\/doi.org\/10.1145\/2070562.2070567 .","DOI":"10.1145\/2070562.2070567"},{"key":"6_CR25","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1145\/2168836.2168841","volume-title":"Proceedings of the 7th ACM European Conference on Computer Systems, EuroSys \u201912","author":"A Pathak","year":"2012","unstructured":"Pathak, A, Hu YC, Zhang M (2012) Where is the energy spent inside my app? Fine-grained Energy Accounting on Smartphones with Eprof In: Proceedings of the 7th ACM European Conference on Computer Systems, EuroSys \u201912, 29\u201342.. ACM, New York. https:\/\/doi.org\/10.1145\/2168836.2168841 ."},{"key":"6_CR26","unstructured":"Prince, BNew Android Malware Targets Banking Apps, Phone Information: Fireeye. http:\/\/www.securityweek.com\/new-android-malware-targets-banking-apps-phone-information-fireeye . Accessed 05 Oct 2017."},{"key":"6_CR27","unstructured":"ProGuard (2017). http:\/\/developer.android.com\/tools\/help\/proguard.html . Accessed 03 Dec 2017."},{"key":"6_CR28","doi-asserted-by":"crossref","unstructured":"Qu, Z, Rastogi V, Zhang X, Chen Y, Zhu T, Chen Z (2014) AutoCog: Measuring the Description-to-permission Fidelity in Android Applications In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 1354\u20131365.","DOI":"10.1145\/2660267.2660287"},{"key":"6_CR29","first-page":"329","volume-title":"Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, ASIA CCS \u201913","author":"V Rastogi","year":"2013","unstructured":"Rastogi, V, Chen Y, Jiang X (2013) DroidChameleon: Evaluating Android Anti-malware Against Transformation Attacks In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, ASIA CCS \u201913, 329\u2013334.. ACM, New York."},{"key":"6_CR30","doi-asserted-by":"publisher","unstructured":"Reps, TW, Horwitz S, Sagiv S (1995) Precise Interprocedural Dataflow Analysis via Graph Reachability In: Conference Record of POPL\u201995: 22nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, San Francisco. https:\/\/doi.org\/10.1145\/199448.199462 .","DOI":"10.1145\/199448.199462"},{"key":"6_CR31","unstructured":"Schlegel, R, Zhang K, Zhou X, Intwala M, Kapadia A, Wang X (2011) Soundcomber: A Stealthy and Context-Aware Sound Trojan for Smartphones In: 18th Annual Network and Distributed System Security Symposium."},{"issue":"2","key":"6_CR32","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1109\/MSP.2010.2","volume":"8","author":"A Shabtai","year":"2010","unstructured":"Shabtai, A, Fledel Y, Kanonov U, Elovici Y, Dolev S, Glezer C (2010) Google Android: A Comprehensive Security Assessment. IEEE Secur Priv 8(2):35\u201344.","journal-title":"IEEE Secur Priv"},{"key":"6_CR33","unstructured":"Symantec Inc. (2017) Internet Security Threat Report. Technical report."},{"key":"6_CR34","unstructured":"Vall\u00e9e-Rai, R, Co P, Gagnon E, Hendren L, Lam P, Sundaresan V (1999) Soot - a Java Bytecode Optimization Framework In: Proceedings of the 1999 Conference of the Centre for Advanced Studies on Collaborative Research, CASCON \u201999, 13.. IBM Press. http:\/\/dl.acm.org\/citation.cfm?id=781995.782008 ."},{"key":"6_CR35","first-page":"3","volume-title":"Proceedings of the 2012 USENIX Conference on Power-Aware Computing and Systems, HotPower\u201912","author":"P Vekris","year":"2012","unstructured":"Vekris, P, Jhala R, Lerner S, Agarwal Y (2012) Towards Verifying Android Apps for the Absence of No-Sleep Energy Bugs In: Proceedings of the 2012 USENIX Conference on Power-Aware Computing and Systems, HotPower\u201912, 3\u20133.. USENIX Association, Berkeley."},{"key":"6_CR36","doi-asserted-by":"crossref","unstructured":"Wei, F, Roy S, Ou X, Robby (2014) Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 1329\u20131341.","DOI":"10.1145\/2660267.2660357"},{"key":"6_CR37","doi-asserted-by":"crossref","unstructured":"Wong, MY, Lie D (2016) IntelliDroid: A Targeted Input Generator for the Dynamic Analysis of Android Malware In: 23rd Annual Network & Distributed System Security Symposium.","DOI":"10.14722\/ndss.2016.23118"},{"key":"6_CR38","doi-asserted-by":"crossref","unstructured":"Xing, L, Pan X, Wang R, Yuan K, Wang X (2014) Upgrading Your Android, Elevating My Malware: Privilege Escalation Through Mobile OS Updating In: IEEE Security & Privacy.","DOI":"10.1109\/SP.2014.32"},{"issue":"6","key":"6_CR39","doi-asserted-by":"publisher","first-page":"1252","DOI":"10.1109\/TIFS.2016.2523912","volume":"11","author":"K Xu","year":"2016","unstructured":"Xu, K, Li Y, Deng RH (2016) ICCDetector: ICC-Based Malware Detection on Android. IEEE Trans Inf Forensics Secur 11(6):1252\u20131264.","journal-title":"IEEE Trans Inf Forensics Secur"},{"key":"6_CR40","unstructured":"Xuxian, J, Yajin Z (2013) Android Malware. SpringerBriefs in Computer Science."},{"key":"6_CR41","first-page":"29","volume-title":"USENIX Security","author":"LK Yan","year":"2012","unstructured":"Yan, LK, Yin H (2012) DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis In: USENIX Security, 29\u201329.. USENIX Association, Berkeley."},{"key":"6_CR42","doi-asserted-by":"crossref","unstructured":"Yang, C, Xu Z, Gu G, Yegneswaran V, Porras PA (2014) DroidMiner: Automated Mining and Characterization of Fine-grained Malicious Behaviors in Android Applications In: 19th European Symposium on Research in Computer Security, 163\u2013182.. Springer International Publishing.","DOI":"10.1007\/978-3-319-11203-9_10"},{"key":"6_CR43","doi-asserted-by":"crossref","unstructured":"Yang, W, Xiao X, Andow B, Li S, Xie T, Enck W (2015) AppContext: Differentiating Malicious and Benign Mobile App Behaviors Using Context. Proceedings of the 37th International Conference on Software Engineering. pp. 303\u2013313.","DOI":"10.1109\/ICSE.2015.50"},{"key":"6_CR44","first-page":"1043","volume-title":"Proceedings of the 2013 ACM SIGSAC conference on Computer and Communications Security, CCS \u201913","author":"Z Yang","year":"2013","unstructured":"Yang, Z, Yang M, Zhang Y, Gu G, Ning P, Wang XS (2013) AppIntent: Analyzing Sensitive Data Transmission in Android for Privacy Leakage Detection In: Proceedings of the 2013 ACM SIGSAC conference on Computer and Communications Security, CCS \u201913, 1043\u20131054.. ACM, New York."},{"key":"6_CR45","doi-asserted-by":"crossref","unstructured":"Zhang, M, Duan Y, Yin H, Zhao Z (2014) Semantics-Aware Android Malware Classification Using Weighted Contextual API Dependency Graphs In: Proceedings of the 21th ACM Conference on Computer and Communications Security, CCS \u201914, Scottsdale.","DOI":"10.1145\/2660267.2660359"},{"key":"6_CR46","doi-asserted-by":"crossref","unstructured":"Zhang, M, Yin H (2014) Efficient, Context-aware Privacy Leakage Confinement for Android Applications Without Firmware Modding In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS\u201914), Kyoto.","DOI":"10.1145\/2590296.2590312"},{"key":"6_CR47","doi-asserted-by":"publisher","first-page":"611","DOI":"10.1145\/2508859.2516689","volume-title":"Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS \u201913","author":"Y Zhang","year":"2013","unstructured":"Zhang, Y, Yang M, Xu B, Yang Z, Gu G, Ning P, Wang XS, Zang B (2013) Vetting Undesirable Behaviors in Android Apps with Permission Use Analysis In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS \u201913, 611\u2013622.. ACM, New York. https:\/\/doi.org\/10.1145\/2508859.2516689 ."},{"key":"6_CR48","unstructured":"Zhou, Y, Jiang X (2011) An Analysis of the AnserverBot Trojan. Technical report. http:\/\/www.csc.ncsu.edu\/faculty\/jiang\/pubs\/AnserverBot_Analysis.pdf ."},{"key":"6_CR49","doi-asserted-by":"publisher","first-page":"95","DOI":"10.1109\/SP.2012.16","volume-title":"Proceedings of the 2012 IEEE Symposium on Security and Privacy, SP \u201912","author":"Y Zhou","year":"2012","unstructured":"Zhou, Y, Jiang X (2012) Dissecting Android Malware: Characterization and Evolution In: Proceedings of the 2012 IEEE Symposium on Security and Privacy, SP \u201912, 95\u2013109.. IEEE Computer Society, Washington."}],"container-title":["Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-018-0006-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1186\/s42400-018-0006-7\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-018-0006-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,8,24]],"date-time":"2022-08-24T10:04:56Z","timestamp":1661335496000},"score":1,"resource":{"primary":{"URL":"https:\/\/cybersecurity.springeropen.com\/articles\/10.1186\/s42400-018-0006-7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,6,5]]},"references-count":49,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2018,12]]}},"alternative-id":["6"],"URL":"https:\/\/doi.org\/10.1186\/s42400-018-0006-7","relation":{},"ISSN":["2523-3246"],"issn-type":[{"value":"2523-3246","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,6,5]]},"assertion":[{"value":"4 January 2018","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"17 April 2018","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"5 June 2018","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"The authors declare that they have no competing interests.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}},{"value":"Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Publisher\u2019s Note"}}],"article-number":"4"}}