{"id":"https://openalex.org/W2550598937","doi":"https://doi.org/10.1109/apnoms.2016.7737204","title":"Mobile malware detection in sandbox with live event feeding and log pattern analysis","display_name":"Mobile malware detection in sandbox with live event feeding and log pattern analysis","publication_year":2016,"publication_date":"2016-10-01","ids":{"openalex":"https://openalex.org/W2550598937","doi":"https://doi.org/10.1109/apnoms.2016.7737204","mag":"2550598937"},"language":"en","primary_location":{"id":"doi:10.1109/apnoms.2016.7737204","is_oa":false,"landing_page_url":"https://doi.org/10.1109/apnoms.2016.7737204","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2016 18th Asia-Pacific Network Operations and Management Symposium (APNOMS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5010548636","display_name":"Wei\u2010Ting Lin","orcid":"https://orcid.org/0000-0002-9915-1719"},"institutions":[{"id":"https://openalex.org/I148099254","display_name":"National Chung Cheng University","ror":"https://ror.org/0028v3876","country_code":"TW","type":"education","lineage":["https://openalex.org/I148099254"]}],"countries":["TW"],"is_corresponding":true,"raw_author_name":"Wei-Ting Lin","raw_affiliation_strings":["Department of Communications Engineering, National Chung Cheng University, Chia-Yi, Taiwan, R.O.C"],"affiliations":[{"raw_affiliation_string":"Department of Communications Engineering, National Chung Cheng University, Chia-Yi, Taiwan, R.O.C","institution_ids":["https://openalex.org/I148099254"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5088072867","display_name":"Jen\u2010Yi Pan","orcid":"https://orcid.org/0000-0003-0365-5996"},"institutions":[{"id":"https://openalex.org/I148099254","display_name":"National Chung Cheng University","ror":"https://ror.org/0028v3876","country_code":"TW","type":"education","lineage":["https://openalex.org/I148099254"]}],"countries":["TW"],"is_corresponding":false,"raw_author_name":"Jen-Yi Pan","raw_affiliation_strings":["Department of Communications Engineering, National Chung Cheng University, Chia-Yi, Taiwan, R.O.C"],"affiliations":[{"raw_affiliation_string":"Department of Communications Engineering, National Chung Cheng University, Chia-Yi, Taiwan, R.O.C","institution_ids":["https://openalex.org/I148099254"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5010548636"],"corresponding_institution_ids":["https://openalex.org/I148099254"],"apc_list":null,"apc_paid":null,"fwci":0.2522,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.55114922,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":"22","issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9916999936103821,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/sandbox","display_name":"Sandbox (software development)","score":0.9343635439872742},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9200071692466736},{"id":"https://openalex.org/keywords/mobile-malware","display_name":"Mobile malware","score":0.7665473222732544},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7361205816268921},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.5169122219085693},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4860577881336212},{"id":"https://openalex.org/keywords/mobile-apps","display_name":"Mobile apps","score":0.4684852361679077},{"id":"https://openalex.org/keywords/event","display_name":"Event (particle physics)","score":0.41101184487342834},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.16366463899612427},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.16050079464912415}],"concepts":[{"id":"https://openalex.org/C167981075","wikidata":"https://www.wikidata.org/wiki/Q2667186","display_name":"Sandbox (software development)","level":2,"score":0.9343635439872742},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9200071692466736},{"id":"https://openalex.org/C2780967490","wikidata":"https://www.wikidata.org/wiki/Q1291200","display_name":"Mobile malware","level":3,"score":0.7665473222732544},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7361205816268921},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.5169122219085693},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4860577881336212},{"id":"https://openalex.org/C2988145974","wikidata":"https://www.wikidata.org/wiki/Q620615","display_name":"Mobile apps","level":2,"score":0.4684852361679077},{"id":"https://openalex.org/C2779662365","wikidata":"https://www.wikidata.org/wiki/Q5416694","display_name":"Event (particle physics)","level":2,"score":0.41101184487342834},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.16366463899612427},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.16050079464912415},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/apnoms.2016.7737204","is_oa":false,"landing_page_url":"https://doi.org/10.1109/apnoms.2016.7737204","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2016 18th Asia-Pacific Network Operations and Management Symposium (APNOMS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":11,"referenced_works":["https://openalex.org/W90790289","https://openalex.org/W1524472272","https://openalex.org/W1763578379","https://openalex.org/W1968381253","https://openalex.org/W2056388267","https://openalex.org/W2074023167","https://openalex.org/W2086133020","https://openalex.org/W2319116011","https://openalex.org/W2395145357","https://openalex.org/W2850599306","https://openalex.org/W2879006377"],"related_works":["https://openalex.org/W2034129977","https://openalex.org/W1745773915","https://openalex.org/W4367595269","https://openalex.org/W2538622067","https://openalex.org/W2469507153","https://openalex.org/W2008790809","https://openalex.org/W2765820957","https://openalex.org/W2067547021","https://openalex.org/W2968504645","https://openalex.org/W2810666735"],"abstract_inverted_index":{"In":[0,19],"recent":[1,148],"years,":[2],"the":[3,22,35,84,96,133,159,162,176],"use":[4],"of":[5,14,41,58,78,135,161],"smart":[6],"devices":[7],"is":[8,88,112],"becoming":[9],"increasingly":[10],"popular.":[11],"All":[12],"kinds":[13],"mobile":[15,36],"applications":[16],"are":[17,26,81,142],"emerging.":[18],"addition":[20],"to":[21,30,33,95,114,153],"official":[23],"market,":[24],"there":[25],"also":[27],"many":[28],"ways":[29],"allow":[31],"users":[32,91],"download":[34],"app.":[37],"As":[38],"unidentified":[39],"instances":[40],"malware":[42,48,141],"grow":[43],"day":[44],"by":[45,106],"day,":[46],"off-the-shelf":[47],"detection":[49,104],"methods":[50],"identify":[51,64],"malicious":[52],"programs":[53,152],"mainly":[54],"with":[55,166],"extracted":[56],"signatures":[57],"codes,":[59],"which":[60],"only":[61],"can":[62,127],"effectively":[63],"already":[65],"known":[66],"malwares,":[67],"but":[68],"not":[69,89],"new":[70,103],"malwares":[71,80,130,149],"in":[72,168,180],"initial":[73],"spread.":[74],"If":[75],"no":[76],"samples":[77],"these":[79,124,140],"reported":[82],"and":[83,118,131,150,156,184],"virus":[85],"code":[86],"library":[87],"patched,":[90],"won't":[92],"be":[93],"alerted":[94],"malwares.":[97],"Therefore,":[98],"this":[99],"paper":[100],"proposed":[101,163,177],"a":[102],"method":[105,164,178],"live":[107],"log":[108,136],"analysis.":[109],"A":[110],"sandbox":[111],"conducted":[113],"mimic":[115],"human":[116],"operations":[117],"monitor":[119],"responses":[120],"from":[121],"APPs.":[122],"Feeding":[123],"manual":[125],"events":[126],"excite":[128],"deactivated":[129],"improve":[132],"accuracy":[134],"analysis,":[137],"even":[138],"though":[139],"unknown":[143],"yet.":[144],"This":[145],"study":[146],"takes":[147],"benign":[151],"conduct":[154],"experiments,":[155],"then":[157],"verifies":[158],"effectiveness":[160],"comparing":[165],"those":[167],"other":[169],"papers.":[170],"The":[171],"experimental":[172],"results":[173],"show":[174],"that":[175],"outperforms":[179],"both":[181],"hit":[182],"rate":[183],"pass":[185],"rate.":[186]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":1},{"year":2019,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}