{"id":"https://openalex.org/W4321612960","doi":"https://doi.org/10.1007/s10664-022-10281-9","title":"Android decompiler performance on benign and malicious apps: an empirical study","display_name":"Android decompiler performance on benign and malicious apps: an empirical study","publication_year":2023,"publication_date":"2023-02-20","ids":{"openalex":"https://openalex.org/W4321612960","doi":"https://doi.org/10.1007/s10664-022-10281-9"},"language":"en","primary_location":{"id":"doi:10.1007/s10664-022-10281-9","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10664-022-10281-9","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10664-022-10281-9.pdf","source":{"id":"https://openalex.org/S109852484","display_name":"Empirical Software Engineering","issn_l":"1382-3256","issn":["1382-3256","1573-7616"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Empirical Software Engineering","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://link.springer.com/content/pdf/10.1007/s10664-022-10281-9.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5082932780","display_name":"Ulf Karg\u00e9n","orcid":"https://orcid.org/0000-0002-3009-4314"},"institutions":[{"id":"https://openalex.org/I102134673","display_name":"Link\u00f6ping University","ror":"https://ror.org/05ynxx418","country_code":"SE","type":"education","lineage":["https://openalex.org/I102134673"]}],"countries":["SE"],"is_corresponding":true,"raw_author_name":"Ulf Karg\u00e9n","raw_affiliation_strings":["Link\u00f6ping University, Link\u00f6ping, Sweden"],"raw_orcid":"https://orcid.org/0000-0002-3009-4314","affiliations":[{"raw_affiliation_string":"Link\u00f6ping University, Link\u00f6ping, Sweden","institution_ids":["https://openalex.org/I102134673"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086727618","display_name":"Noah Mauthe","orcid":"https://orcid.org/0009-0006-9443-6455"},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Noah Mauthe","raw_affiliation_strings":["CISPA, Saarbr\u00fccken, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"CISPA, Saarbr\u00fccken, Germany","institution_ids":["https://openalex.org/I4210128801"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5048152442","display_name":"Nahid Shahmehri","orcid":"https://orcid.org/0000-0002-0920-2157"},"institutions":[{"id":"https://openalex.org/I102134673","display_name":"Link\u00f6ping University","ror":"https://ror.org/05ynxx418","country_code":"SE","type":"education","lineage":["https://openalex.org/I102134673"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Nahid Shahmehri","raw_affiliation_strings":["Link\u00f6ping University, Link\u00f6ping, Sweden"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Link\u00f6ping University, Link\u00f6ping, Sweden","institution_ids":["https://openalex.org/I102134673"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5082932780"],"corresponding_institution_ids":["https://openalex.org/I102134673"],"apc_list":{"value":2290,"currency":"EUR","value_usd":2890},"apc_paid":{"value":2290,"currency":"EUR","value_usd":2890},"fwci":0.6959,"has_fulltext":true,"cited_by_count":4,"citation_normalized_percentile":{"value":0.65747348,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":97},"biblio":{"volume":"28","issue":"2","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9954000115394592,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9890999794006348,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/bytecode","display_name":"Bytecode","score":0.8962516188621521},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.7987394332885742},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.7927522659301758},{"id":"https://openalex.org/keywords/obfuscation","display_name":"Obfuscation","score":0.7785046100616455},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.721069872379303},{"id":"https://openalex.org/keywords/mobile-malware","display_name":"Mobile malware","score":0.7036800980567932},{"id":"https://openalex.org/keywords/cryptovirology","display_name":"Cryptovirology","score":0.6592215299606323},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.5288088321685791},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4975891411304474},{"id":"https://openalex.org/keywords/android-malware","display_name":"Android malware","score":0.4766013026237488},{"id":"https://openalex.org/keywords/commit","display_name":"Commit","score":0.4437847435474396},{"id":"https://openalex.org/keywords/open-source","display_name":"Open source","score":0.41927406191825867},{"id":"https://openalex.org/keywords/hacker","display_name":"Hacker","score":0.4138343036174774},{"id":"https://openalex.org/keywords/java","display_name":"Java","score":0.35284197330474854},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.29478582739830017},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.26371291279792786},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.1118287444114685}],"concepts":[{"id":"https://openalex.org/C2779818221","wikidata":"https://www.wikidata.org/wiki/Q837330","display_name":"Bytecode","level":3,"score":0.8962516188621521},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.7987394332885742},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.7927522659301758},{"id":"https://openalex.org/C40305131","wikidata":"https://www.wikidata.org/wiki/Q2616305","display_name":"Obfuscation","level":2,"score":0.7785046100616455},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.721069872379303},{"id":"https://openalex.org/C2780967490","wikidata":"https://www.wikidata.org/wiki/Q1291200","display_name":"Mobile malware","level":3,"score":0.7036800980567932},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.6592215299606323},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.5288088321685791},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4975891411304474},{"id":"https://openalex.org/C2989133298","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android malware","level":3,"score":0.4766013026237488},{"id":"https://openalex.org/C153180980","wikidata":"https://www.wikidata.org/wiki/Q19776675","display_name":"Commit","level":2,"score":0.4437847435474396},{"id":"https://openalex.org/C3018397939","wikidata":"https://www.wikidata.org/wiki/Q3644502","display_name":"Open source","level":3,"score":0.41927406191825867},{"id":"https://openalex.org/C86844869","wikidata":"https://www.wikidata.org/wiki/Q2798820","display_name":"Hacker","level":2,"score":0.4138343036174774},{"id":"https://openalex.org/C548217200","wikidata":"https://www.wikidata.org/wiki/Q251","display_name":"Java","level":2,"score":0.35284197330474854},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.29478582739830017},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.26371291279792786},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.1118287444114685}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1007/s10664-022-10281-9","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10664-022-10281-9","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10664-022-10281-9.pdf","source":{"id":"https://openalex.org/S109852484","display_name":"Empirical Software Engineering","issn_l":"1382-3256","issn":["1382-3256","1573-7616"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Empirical Software Engineering","raw_type":"journal-article"},{"id":"pmh:oai:DiVA.org:liu-192307","is_oa":true,"landing_page_url":"http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-192307","pdf_url":"https://liu.diva-portal.org/smash/get/diva2:1743022/FULLTEXT01","source":{"id":"https://openalex.org/S4306401559","display_name":"KTH Publication Database DiVA (KTH Royal Institute of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/article"}],"best_oa_location":{"id":"doi:10.1007/s10664-022-10281-9","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10664-022-10281-9","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10664-022-10281-9.pdf","source":{"id":"https://openalex.org/S109852484","display_name":"Empirical Software Engineering","issn_l":"1382-3256","issn":["1382-3256","1573-7616"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Empirical Software Engineering","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320322225","display_name":"Link\u00f6pings Universitet","ror":"https://ror.org/05ynxx418"},{"id":"https://openalex.org/F4320326619","display_name":"National Graduate School in Computer Science","ror":null}],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4321612960.pdf"},"referenced_works_count":38,"referenced_works":["https://openalex.org/W124941384","https://openalex.org/W1976596267","https://openalex.org/W1981033991","https://openalex.org/W2008453980","https://openalex.org/W2010256880","https://openalex.org/W2048120145","https://openalex.org/W2108379022","https://openalex.org/W2123834080","https://openalex.org/W2128133205","https://openalex.org/W2166462894","https://openalex.org/W2264131323","https://openalex.org/W2296128045","https://openalex.org/W2401561631","https://openalex.org/W2407313496","https://openalex.org/W2491218167","https://openalex.org/W2532717356","https://openalex.org/W2617476279","https://openalex.org/W2618014206","https://openalex.org/W2620844046","https://openalex.org/W2770369345","https://openalex.org/W2792393499","https://openalex.org/W2794652108","https://openalex.org/W2794840863","https://openalex.org/W2796301966","https://openalex.org/W2797009188","https://openalex.org/W2909472615","https://openalex.org/W2962909855","https://openalex.org/W2962992787","https://openalex.org/W2988876786","https://openalex.org/W2996686204","https://openalex.org/W3027836659","https://openalex.org/W3043236449","https://openalex.org/W3102504333","https://openalex.org/W3103798145","https://openalex.org/W3104008133","https://openalex.org/W3156018547","https://openalex.org/W3161919463","https://openalex.org/W4247464060"],"related_works":["https://openalex.org/W2508974395","https://openalex.org/W2286416179","https://openalex.org/W2292240422","https://openalex.org/W2128389850","https://openalex.org/W3135174262","https://openalex.org/W2183925834","https://openalex.org/W3199551743","https://openalex.org/W2395100307","https://openalex.org/W2731848812","https://openalex.org/W4321612960"],"abstract_inverted_index":{"Abstract":[0],"Decompilers":[1],"are":[2],"indispensable":[3],"tools":[4],"in":[5,25,41,74],"Android":[6,19,123],"malware":[7,148,182],"analysis":[8,28,85,189],"and":[9,101,142,207],"app":[10],"security":[11],"auditing.":[12],"Numerous":[13],"academic":[14],"works":[15],"also":[16,160,172],"employ":[17],"an":[18,55,143,188,246],"decompiler":[20,157],"as":[21,37],"the":[22,58,94,113,118,153,162,174,191,234],"first":[23,119],"step":[24],"a":[26,38,70,177,227],"program":[27],"pipeline.":[29],"In":[30,150],"such":[31],"settings,":[32],"decompilation":[33,124,194],"is":[34,44,62,90],"frequently":[35],"regarded":[36],"\u201csolved\u201d":[39],"problem,":[40],"that":[42,47,199,208],"it":[43,61,89],"simply":[45],"expected":[46],"source":[48],"code":[49],"can":[50,67],"be":[51,216,226,242],"accurately":[52],"recovered":[53],"from":[54,139,176],"app.":[56],"On":[57,220],"other":[59],"hand,":[60],"known":[63],"that,":[64],"e.g,":[65],"obfuscation":[66,223],"negatively":[68],"impact":[69],"decompiler\u2019s":[71],"effectiveness.":[72],"Therefore,":[73],"order":[75],"to":[76,92,112,152,215,218,225],"better":[77],"understand":[78],"potential":[79],"failure":[80,125,205],"modes":[81],"of,":[82],"e.g.,":[83],"automated":[84],"pipelines":[86],"involving":[87],"decompilation,":[88],"important":[91],"characterize":[93],"performance":[95,163],"of":[96,115,122,130,146,164,190,231,237,248],"decompilers":[97,200],"on":[98,180,211],"both":[99],"benign":[100,212],"malicious":[102,238],"apps.":[103],"To":[104],"this":[105,170],"end,":[106],"we":[107,159,185],"have":[108,202],"performed":[109,187],"what":[110],"is,":[111],"best":[114],"our":[116],"knowledge,":[117],"large-scale":[120],"study":[121,179,197],"rates,":[126,206],"using":[127],"three":[128,165],"sets":[129],"apps;":[131],"namely,":[132],"3,018":[133],"open-source":[134],"apps,":[135,183],"13,601":[136],"apps":[137,213,239],"crawled":[138],"Google":[140],"Play,":[141],"existing":[144],"collection":[145],"24,553":[147],"samples.":[149],"addition":[151],"state-of-the-art":[154],"Dalvik":[155],"bytecode":[156],"Jadx,":[158],"studied":[161],"popular":[166],"Java":[167],"decompilers.":[168,249],"Furthermore,":[169],"paper":[171],"presents":[173],"findings":[175],"follow-up":[178],"54,945":[181],"where":[184],"additionally":[186],"reasons":[192],"for":[193],"failures.":[195],"Our":[196],"revealed":[198],"generally":[201],"very":[203],"low":[204],"few":[209],"failures":[210],"appear":[214],"related":[217],"obfuscation.":[219],"malware,":[221],"however,":[222],"appears":[224],"more":[228],"prominent":[229],"cause":[230],"failures,":[232],"although":[233],"vast":[235],"majority":[236],"could":[240],"still":[241],"fully":[243],"decompiled":[244],"by":[245],"ensemble":[247]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":3}],"updated_date":"2026-06-13T06:13:01.061226","created_date":"2025-10-10T00:00:00"}
