research-article

MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models (Extended Version)

Authors:

Lucky Onwuzurike,

Enrico Mariconti,

Panagiotis Andriotis,

Emiliano De Cristofaro,

Gianluca StringhiniAuthors Info & Claims

ACM Transactions on Privacy and Security (TOPS), Volume 22, Issue 2

Article No.: 14, Pages 1 - 34

https://doi.org/10.1145/3313391

Published: 09 April 2019 Publication History

Abstract

As Android has become increasingly popular, so has malware targeting it, thus motivating the research community to propose different detection techniques. However, the constant evolution of the Android ecosystem, and of malware itself, makes it hard to design robust tools that can operate for long periods of time without the need for modifications or costly re-training. Aiming to address this issue, we set to detect malware from a behavioral point of view, modeled as the sequence of abstracted API calls. We introduce MAMADROID, a static-analysis-based system that abstracts app’s API calls to their class, package, or family, and builds a model from their sequences obtained from the call graph of an app as Markov chains. This ensures that the model is more resilient to API changes and the features set is of manageable size. We evaluate MAMADROID using a dataset of 8.5K benign and 35.5K malicious apps collected over a period of 6 years, showing that it effectively detects malware (with up to 0.99 F-measure) and keeps its detection capabilities for long periods of time (up to 0.87 F-measure 2 years after training). We also show that MAMADROID remarkably overperforms DROIDAPIMINER, a state-of-the-art detection system that relies on the frequency of (raw) API calls. Aiming to assess whether MAMADROID’s effectiveness mainly stems from the API abstraction or from the sequencing modeling, we also evaluate a variant of it that uses frequency (instead of sequences), of abstracted API calls. We find that it is not as accurate, failing to capture maliciousness when trained on malware samples that include API calls that are equally or more frequently used by benign apps.

References

[1]

Yousra Aafer, Wenliang Du, and Heng Yin. 2013. DroidAPIMiner: Mining API-level features for robust malware detection in Android. In SecureComm.

[2]

Saswat Anand, Mayur Naik, Mary Jean Harrold, and Hongseok Yang. 2012. Automated concolic testing of smartphone apps. In ACM Symposium on the Foundations of Software Engineering (FSE). Article 59.

Digital Library

[3]

Panagiotis Andriotis, Martina Angela Sasse, and Gianluca Stringhini. 2016. Permissions snapshots: Assessing users’ adaptation to the Android runtime permission model. In IEEE Workshop on Information Forensics and Security (WIFS).

[4]

Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon, and Konrad Rieck. 2014. DREBIN: Effective and explainable detection of Android malware in your pocket. In Annual Symposium on Network and Distributed System Security (NDSS).

[5]

Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel. 2014. FlowDroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. In ACM SIGPLAN Conference on Programming Language Design and Implementation.

Digital Library

[6]

Simon Bernard, Sébastien Adam, and Laurent Heutte. 2007. Using random forests for handwritten digit recognition. In Ninth International Conference on Document Analysis and Recognition (ICDAR).

Digital Library

[7]

Ravi Bhoraskar, Seungyeop Han, Jinseong Jeon, Tanzirul Azim, Shuo Chen, Jaeyeon Jung, Suman Nath, Rui Wang, and David Wetherall. 2014. Brahmastra: Driving apps to test the security of third-party components. In USENIX Security Symposium.

Digital Library

[8]

Iker Burguera, Urko Zurutuza, and Simin Nadjm-Tehrani. 2011. Crowdroid: Behavior-based malware detection system for Android. In ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM).

Digital Library

[9]

Gerardo Canfora, Eric Medvet, Francesco Mercaldo, and Corrado Aaron Visaggio. 2015. Detecting Android malware using sequences of system calls. In Workshop on Software Development Lifecycle for Mobile.

Digital Library

[10]

Gerardo Canfora, Eric Medvet, Francesco Mercaldo, and Corrado Aaron Visaggio. 2016. Acquiring and analyzing app metrics for effective mobile malware detection. In IWSPA.

Digital Library

[11]

Gerardo Canfora, Francesco Mercaldo, and Corrado Aaron Visaggio. 2016. An HMM and structural entropy based detector for Android malware: An empirical study. Computers 8 Security 61 (2016).

Digital Library

[12]

Saurabh Chakradeo, Bradley Reaves, Patrick Traynor, and William Enck. 2013. MAST: Triage for market-scale mobile malware analysis. In ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec).

Digital Library

[13]

Check Point. 2017. ExpensiveWall: A Dangerous ’Packed’ Malware on Google Play that Will Hit Your Wallet. https://blog.checkpoint.com/2017/09/14/expensivewall-dangerous-packed-malware-google-play-will-hit-wallet/.

[14]

Check Point. 2017. FalseGuide misleads users on GooglePlay. https://blog.checkpoint.com/2017/04/24/falaseguide-misleads-users-googleplay/.

[15]

Sen Chen, Minhui Xue, Lingling Fan, Shuang Hao, Lihua Xu, Haojin Zhu, and Bo Li. 2018. Automated poisoning attacks and defenses in malware detection systems: An adversarial machine learning approach. Computers 8 Security 73 (2018), 326--344.

[16]

Sen Chen, Minhui Xue, Zhushou Tang, Lihua Xu, and Haojin Zhu. 2016. StormDroid: A streaminglized machine learning-based system for detecting Android malware. In AsiaCCS.

Digital Library

[17]

Yang Chen, Mo Ghorbanzadeh, Kevin Ma, Charles Clancy, and Robert McGwier. 2014. A hidden Markov model detection of malicious Android applications at runtime. In Wireless and Optical Communication Conference (WOCC).

[18]

Jon Clay. 2016. Continued Rise in Mobile Threats for 2016. http://blog.trendmicro.com/continued-rise-in-mobile-threats-for-2016/.

[19]

S. Dai, A. Tongaonkar, X. Wang, A. Nucci, and D. Song. 2013. NetworkProfiler: Towards automatic fingerprinting of Android apps. In IEEE INFOCOM.

[20]

William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth. 2014. TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. 32, 2, Article 5 (2014).

Digital Library

[21]

William Enck, Machigar Ongtang, and Patrick McDaniel. 2009. On lightweight mobile phone application certification. In ACM CCS.

Digital Library

[22]

Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, and David Wagner. 2011. Android permissions demystified. In ACM CCS.

Digital Library

[23]

Yu Feng, Osbert Bastani, Ruben Martins, Isil Dillig, and Saswat Anand. 2017. Automated synthesis of semantic malware signatures using maximum satisfiability. In Annual Symposium on Network and Distributed System Security (NDSS).

[24]

Joshua Garcia, Mahmoud Hammad, Bahman Pedrood, Ali Bagheri-Khaligh, and Sam Malek. 2015. Obfuscation-resilient, Efficient, and Accurate Detection and Family Identification of Android Malware. Department of Computer Science, George Mason University, Tech. Rep (2015).

[25]

Hugo Gascon, Fabian Yamaguchi, Daniel Arp, and Konrad Rieck. 2013. Structural detection of Android malware using embedded call graphs. In ACM Workshop on Artificial Intelligence and Security (AISec).

Digital Library

[26]

Xi Ge, Kunal Taneja, Tao Xie, and Nikolai Tillmann. 2011. DyTa: Dynamic symbolic execution guided with static verification results. In International Conference on Software Engineering (ICSE).

Digital Library

[27]

Patrice Godefroid, Nils Klarlund, and Koushik Sen. 2005. DART: Directed automated random testing. SIGPLAN Not. 40, 6 (2005).

Digital Library

[28]

Google. 2018. Android Security 2017 Year in Review. https://source.android.com/security/reports/Google_Android_Security_2017_Report_Final.pdf.

[29]

Michael I. Gordon, Deokhwan Kim, Jeff H. Perkins, Limei Gilham, Nguyen Nguyen, and Martin C. Rinard. 2015. Information flow analysis of Android applications in DroidSafe. In Annual Symposium on Network and Distributed System Security (NDSS).

[30]

Michael Grace, Yajin Zhou, Qiang Zhang, Shihong Zou, and Xuxian Jiang. 2012. RiskRanker: Scalable and accurate zero-day Android malware detection. In International Conference on Mobile Systems, Applications, and Services (MobiSys).

Digital Library

[31]

Steven A. Hofmeyr, Stephanie Forrest, and Anil Somayaji. 1998. Intrusion detection using sequences of system calls. Journal of Computer Security 6, 3 (1998).

Digital Library

[32]

Shifu Hou, Yanfang Ye, Yanggiu Song, and Melih Abdulhayoglu. 2017. HinDroid: An intelligent Android malware detection system based on structured heterogeneous information network. (2017).

[33]

Yajin Zhou and Xuxian Jiang. 2013. Detecting passive content leaks and pollution in android applications. In Annual Symposium on Network and Distributed System Security (NDSS).

[34]

Ian Jolliffe. 2002. Principal Component Analysis. John Wiley 8 Sons, Ltd.

[35]

Roberto Jordaney, Kumar Sharad, Santanu Kumar Dash, Zhi Wang, Davide Papini, Ilia Nouretdinov, and Lorenzo Cavallaro. 2017. Transcend: Detecting concept drift in malware classification models. In Proceedings of the 26th USENIX Security Symposium (USENIX Security 2017).

Digital Library

[36]

ElMouatez Billah Karbab, Mourad Debbabi, Abdelouahid Derhab, and Djedjiga Mouheb. 2018. MalDozer: Automatic framework for android malware detection using deep learning. Digital Investigation 24 (2018), S48--S59.

[37]

Michael J. Kearns. 1990. The Computational Complexity of Machine Learning. MIT press.

Digital Library

[38]

Jinyung Kim, Yongho Yoon, Kwangkeun Yi, Junbum Shin, and SWRD Center. 2012. ScanDal: Static analyzer for detecting privacy leaks in android applications. In MoST.

[39]

William Klieber, Lori Flynn, Amar Bhosale, Limin Jia, and Lujo Bauer. 2014. Android taint flow analysis for app sets. In SOAP.

Digital Library

[40]

Clemens Kolbitsch, Paolo Milani Comparetti, Christopher Kruegel, Engin Kirda, Xiao-yong Zhou, and XiaoFeng Wang. 2009. Effective and efficient malware detection at the end host. In USENIX Security Symposium.

Digital Library

[41]

Martina Lindorfer, Stamatis Volanis, Alessandro Sisto, Matthias Neugschwandtner, Elias Athanasopoulos, Federico Maggi, Christian Platzer, Stefano Zanero, and Sotiris Ioannidis. 2014. AndRadar: Fast discovery of Android applications in alternative markets. In Proceedings of the 11th Conference on Detection of Intrusions and Malware 8 Vulnerability Assessment (DIMVA).

[42]

Long Lu, Zhichun Li, Zhenyu Wu, Wenke Lee, and Guofei Jiang. 2012. CHEX: Statically vetting Android apps for component hijacking vulnerabilities. In ACM CCS.

Digital Library

[43]

Aravind Machiry, Rohan Tahiliani, and Mayur Naik. 2013. Dynodroid: An input generation system for Android apps. In Joint Meeting on Foundations of Software Engineering (ESEC/FSE).

Digital Library

[44]

Enrico Mariconti. 2019. TESSERACT’s evaluation framework and its use of MaMaDroid. https://www.benthamsgaze.org/2019/02/12/tesseracts-evaluation-framework-and-its-use-of-mamadroid/.

[45]

Enrico Mariconti, Lucky Onwuzurike, Panagiotis Andriotis, Emiliano De Cristofaro, Gordon Ross, and Gianluca Stringhini. 2017. MaMaDroid: Detecting Android malware by building Markov chains of behavioral models. In Annual Symposium on Network and Distributed System Security (NDSS).

[46]

Omid Mirzaei, Guillermo Suarez-Tangil, Juan Tapiador, and Jose M. de Fuentes. 2017. TriFlow: Triaging Android applications using speculative information flows. In Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security. ACM, 640--651.

Digital Library

[47]

David Morris. 2017. An Extremely Convincing WhatsApp Fake Was Downloaded More Than 1 Million Times From Google Play. http://fortune.com/2017/11/04/whatsapp-fake-google-play/.

[48]

James R. Norris. 1998. Markov Chains. Cambridge University Press.

[49]

Jon Oberheide and Charlie Miller. 2012. Dissecting the Android bouncer. In SummerCon.

[50]

Damien Octeau, Somesh Jha, and Patrick McDaniel. 2012. Retargeting Android applications to Java bytecode. In ACM Symposium on the Foundations of Software Engineering (FSE).

Digital Library

[51]

Lucky Onwuzurike, Mario Almeida, Enrico Mariconti, Jeremy Blackburn, Gianluca Stringhini, and Emiliano De Cristofaro. 2018. A family of Droids -- Android malware detection via behavioral modeling: Static vs. dynamic analysis. In Proceedings of the 16th IEEE Annual Conference on Privacy, Security and Trust (PST).

[52]

Feargus Pendlebury, Fabio Pierazzi, Roberto Jordaney, Johannes Kinder, and Lorenzo Cavallaro. 2018. TESSERACT: Eliminating experimental bias in malware classification across space and time. arXiv:1807.07838 (2018).

[53]

Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, and Giovanni Vigna. 2014. Execute this&excl; Analyzing unsafe and malicious dynamic code loading in Android applications. In Annual Symposium on Network and Distributed System Security (NDSS).

[54]

Iasonas Polakis, Michalis Diamantaris, Thanasis Petsas, Federico Maggi, and Sotiris Ioannidis. 2015. Powerslave: Analyzing the energy consumption of mobile antivirus software. In DIMVA.

Digital Library

[55]

Georgios Portokalidis, Philip Homburg, Kostas Anagnostakis, and Herbert Bos. 2010. Paranoid Android: Versatile protection for smartphones. In Annual Computer Security Applications Conference (ACSAC).

Digital Library

[56]

Siegfried Rasthofer, Steven Arzt, and Eric Bodden. 2014. A machine-learning approach for classifying and categorizing Android sources and sinks. In Annual Symposium on Network and Distributed System Security (NDSS).

[57]

Vaibhav Rastogi, Yan Chen, and Xuxian Jiang. 2013. DroidChameleon: Evaluating Android anti-malware against transformation attacks. In AsiaCCS.

Digital Library

[58]

Andrea Saracino, Daniele Sgandurra, Gianluca Dini, and Fabio Martinelli. 2016. Madam: Effective and efficient behavior-based android malware detection and prevention. IEEE Transactions on Dependable and Secure Computing (2016).

[59]

Bhaskar Pratim Sarma, Ninghui Li, Chris Gates, Rahul Potharaju, Cristina Nita-Rotaru, and Ian Molloy. 2012. Android permissions: A perspective combining risks and benefits. In ACM Symposium on Access Control Models and Technologies.

Digital Library

[60]

Madhu K. Shankarapani, Subbu Ramamoorthy, Ram S. Movva, and Srinivas Mukkamala. 2011. Malware detection using assembly and API call sequences. Journal in Computer Virology 7, 2 (2011).

Digital Library

[61]

Kimberly Tam, Salahuddin J. Khan, Aristide Fattori, and Lorenzo Cavallaro. 2015. CopperDroid: Automatic reconstruction of Android malware behaviors. In Annual Symposium on Network and Distributed System Security (NDSS).

[62]

May Ying Tee and Martin Zhang. 2018. Hidden App Malware Found on Google Play. https://www.symantec.com/blogs/threat-intelligence/hidden-app-malware-google-play.

[63]

Peter Teufl, Michaela Ferk, Andreas Fitzek, Daniel Hein, Stefan Kraxberger, and Clemens Orthacker. 2016. Malware detection by applying knowledge discovery processes to application metadata on the Android Market (Google Play). Security and Communication Networks 9, 5 (2016), 389--419.

Digital Library

[64]

Raja Vallée-Rai, Phong Co, Etienne Gagnon, Laurie Hendren, Patrick Lam, and Vijay Sundaresan. 1999. Soot - A Java bytecode optimization framework. In Conference of the Centre for Advanced Studies on Collaborative Research.

Digital Library

[65]

Dinesh Venkatesan. 2016. Android.Bankosy: All ears on voice call-based 2FA. http://www.symantec.com/connect/blogs/androidbankosy-all-ears-voice-call-based-2fa.

[66]

Timothy Vidas and Nicolas Christin. 2014. Evading Android runtime analysis via sandbox detection. In AsiaCCS.

Digital Library

[67]

Nicolas Viennot, Edward Garcia, and Jason Nieh. 2014. A measurement study of google play. ACM SIGMETRICS Performance Evaluation Review 42, 1 (2014).

Digital Library

[68]

Antonio Villas-Boas. 2018. More than 500,000 People Downloaded Games on the Google Play Store that were Infected with Nasty Malware -- Here are the 13 Apps Affected. https://www.businessinsider.com/google-play-store-game-apps-removed-malware-2018-11?r=US8IR=T.

[69]

Michelle Y. Wong and David Lie. 2016. IntelliDroid: A targeted input generator for the dynamic analysis of Android malware. In Annual Symposium on Network and Distributed System Security (NDSS).

[70]

Ben Woods. 2016. Google Play has hundreds of Android apps that contain malware. http://www.trustedreviews.com/news/malware-apps-downloaded-google-play.

[71]

Dong-Jie Wu, Ching-Hao Mao, Te-En Wei, Hahn-Ming Lee, and Kuo-Ping Wu. 2012. DroidMat: Android malware detection through manifest and API calls tracing. In Asia JCIS.

Digital Library

[72]

Mingyuan Xia, Lu Gong, Yuanhao Lyu, Zhengwei Qi, and Xue Liu. 2015. Effective real-time Android application auditing. In IEEE Symposium on Security and Privacy.

Digital Library

[73]

Lok Kwong Yan and Heng Yin. 2012. DroidScope: Seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis. In USENIX Security Symposium.

Digital Library

[74]

Chao Yang, Zhaoyan Xu, Guofei Gu, Vinod Yegneswaran, and Phillip Porras. 2014. Droidminer: Automated mining and characterization of fine-grained malicious behaviors in Android applications. In ESORICS.

[75]

Wei Yang, Xusheng Xiao, Benjamin Andow, Sihan Li, Tao Xie, and William Enck. 2015. AppContext: Differentiating malicious and benign mobile app behaviors using context. In International Conference on Software Engineering (ICSE).

Digital Library

[76]

Zhemin Yang, Min Yang, Yuan Zhang, Guofei Gu, Peng Ning, and X. Sean Wang. 2013. AppIntent: Analyzing sensitive data transmission in Android for privacy leakage detection. In ACM CCS.

Digital Library

[77]

Hui Ye, Shaoyin Cheng, Lanbo Zhang, and Fan Jiang. 2013. DroidFuzzer: Fuzzing the Android apps with intent-filter tag. In International Conference on Advances in Mobile Computing and Multimedia (MoMM).

Digital Library

[78]

Hanlin Zhang, Yevgeniy Cole, Linqiang Ge, Sixiao Wei, Wei Yu, Chao Lu, Genshe Chen, Dan Shen, Erik Blasch, and Khanh D. Pham. 2016. ScanMe mobile: A cloud-based Android malware analysis service. SIGAPP Appl. Comput. Rev. 16, 1 (2016).

Digital Library

[79]

Nan Zhang, Kan Yuan, Muhammad Naveed, Xiaoyong Zhou, and XiaoFeng Wang. 2015. Leave me alone: App-level protection against runtime information gathering on Android. In IEEE Symposium on Security and Privacy.

Digital Library

[80]

Yajin Zhou and Xuxian Jiang. 2012. Dissecting Android malware: Characterization and evolution. In IEEE Symposium on Security and Privacy.

Digital Library

[81]

Yajin Zhou, Zhi Wang, Wu Zhou, and Xuxian Jiang. 2012. Hey, you, get off of my market: Detecting malicious apps in official and alternative Android markets. In Annual Symposium on Network and Distributed System Security (NDSS).

Cited By

Zhao WWu JMeng Z(2025)AppPoet: Large language model based android malware detection via multi-view prompt engineeringExpert Systems with Applications10.1016/j.eswa.2024.125546262(125546)Online publication date: Mar-2025
https://doi.org/10.1016/j.eswa.2024.125546
Wajahat AHe JZhu NMahmood TNazir AUllah FQureshi SOsman M(2024)An effective deep learning scheme for android malware detection leveraging performance metrics and computational resourcesIntelligent Decision Technologies10.3233/IDT-23028418:1(33-55)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.3233/IDT-230284
Xu XJiang SZhao JWang X(2024)DCEL: Classifier Fusion Model for Android Malware DetectionJournal of Systems Engineering and Electronics10.23919/JSEE.2024.00001835:1(163-177)Online publication date: Feb-2024
https://doi.org/10.23919/JSEE.2024.000018
Show More Cited By

Index Terms

MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models (Extended Version)
1. Security and privacy
  1. Intrusion/anomaly detection and malware mitigation
    1. Malware and its mitigation

Recommendations

DroidLegacy: Automated Familial Classification of Android Malware
PPREW'14: Proceedings of ACM SIGPLAN on Program Protection and Reverse Engineering Workshop 2014

We present an automated method for extracting familial signatures for Android malware, i.e., signatures that identify malware produced by piggybacking potentially different benign applications with the same (or similar) malicious code. The APK classes ...
A New Android Malware Detection Approach Using Bayesian Classification
AINA '13: Proceedings of the 2013 IEEE 27th International Conference on Advanced Information Networking and Applications

Mobile malware has been growing in scale and complexity as smartphone usage continues to rise. Android has surpassed other mobile platforms as the most popular whilst also witnessing a dramatic increase in malware targeting the platform. A worrying ...
Detecting Android malicious apps and categorizing benign apps with ensemble of classifiers

Android platform has dominated the markets of smart mobile devices in recent years. The number of Android applications (apps) has seen a massive surge. Unsurprisingly, Android platform has also become the primary target of attackers. The management of ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Privacy and Security

ACM Transactions on Privacy and Security Volume 22, Issue 2

May 2019

214 pages

ISSN:2471-2566

EISSN:2471-2574

DOI:10.1145/3316298

Editor:
David Basin
ETH Zurich, Switzerland

Issue’s Table of Contents

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 April 2019

Accepted: 01 February 2019

Revised: 01 November 2018

Received: 01 November 2017

Published in TOPS Volume 22, Issue 2

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

EPSRC-funded “Future Leaders in Engineering and Physical Sciences”
GCHQ
Petroleum Technology Development Fund (PTDF)
EPSRC

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

187
Total Citations
View Citations
1,682
Total Downloads

Downloads (Last 12 months)180
Downloads (Last 6 weeks)18

Reflects downloads up to 10 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Zhao WWu JMeng Z(2025)AppPoet: Large language model based android malware detection via multi-view prompt engineeringExpert Systems with Applications10.1016/j.eswa.2024.125546262(125546)Online publication date: Mar-2025
https://doi.org/10.1016/j.eswa.2024.125546
Wajahat AHe JZhu NMahmood TNazir AUllah FQureshi SOsman M(2024)An effective deep learning scheme for android malware detection leveraging performance metrics and computational resourcesIntelligent Decision Technologies10.3233/IDT-23028418:1(33-55)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.3233/IDT-230284
Xu XJiang SZhao JWang X(2024)DCEL: Classifier Fusion Model for Android Malware DetectionJournal of Systems Engineering and Electronics10.23919/JSEE.2024.00001835:1(163-177)Online publication date: Feb-2024
https://doi.org/10.23919/JSEE.2024.000018
He ZFernandes CSayadi H(2024)ObfusGate: Representation Learning-Based Gatekeeper for Hardware-Level Obfuscated Malware Detection2024 Design, Automation & Test in Europe Conference & Exhibition (DATE)10.23919/DATE58400.2024.10546665(1-2)Online publication date: 25-Mar-2024
https://doi.org/10.23919/DATE58400.2024.10546665
Wang YKezierbieke HChen Q(2024)Research and implementation of Android malware detection algorithm based on Graph Convolutional NetworksProceedings of the International Conference on Algorithms, Software Engineering, and Network Security10.1145/3677182.3677279(548-553)Online publication date: 26-Apr-2024
https://dl.acm.org/doi/10.1145/3677182.3677279
Li YYuan DZhang TCai HLo DGao CLuo XJiang H(2024)Meta-Learning for Multi-Family Android Malware ClassificationACM Transactions on Software Engineering and Methodology10.1145/366480633:7(1-27)Online publication date: 26-Aug-2024
https://dl.acm.org/doi/10.1145/3664806
Wang JWang HChristakis MPradel M(2024)NativeSummary: Summarizing Native Binary Code for Inter-language Static Analysis of Android AppsProceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3650212.3680335(971-982)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1145/3650212.3680335
Samhi JJust RBissyandé TErnst MKlein JChristakis MPradel M(2024)Call Graph Soundness in Android Static AnalysisProceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3650212.3680333(945-957)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1145/3650212.3680333
Sun CGong YLi MXu LHan JHan Y(2024)Detecting Inconsistencies in Microservice-Based Systems: An Annotation-Assisted Scenario-Oriented ApproachIEEE Transactions on Services Computing10.1109/TSC.2024.339965217:5(2194-2209)Online publication date: Sep-2024
https://doi.org/10.1109/TSC.2024.3399652
Deng XWang ZPei XXue K(2024)TransMalDE: An Effective Transformer Based Hierarchical Framework for IoT Malware DetectionIEEE Transactions on Network Science and Engineering10.1109/TNSE.2023.329285511:1(140-151)Online publication date: Jan-2024
https://doi.org/10.1109/TNSE.2023.3292855
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View Issue’s Table of Contents