{"id":"https://openalex.org/W2490191290","doi":"https://doi.org/10.1109/cybersecpods.2016.7502343","title":"N-opcode analysis for android malware classification and categorization","display_name":"N-opcode analysis for android malware classification and categorization","publication_year":2016,"publication_date":"2016-06-01","ids":{"openalex":"https://openalex.org/W2490191290","doi":"https://doi.org/10.1109/cybersecpods.2016.7502343","mag":"2490191290"},"language":"en","primary_location":{"id":"doi:10.1109/cybersecpods.2016.7502343","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cybersecpods.2016.7502343","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security)","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/1607.08149","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5007577685","display_name":"BooJoong Kang","orcid":"https://orcid.org/0000-0001-5984-9867"},"institutions":[{"id":"https://openalex.org/I126231945","display_name":"Queen's University Belfast","ror":"https://ror.org/00hswnk62","country_code":"GB","type":"education","lineage":["https://openalex.org/I126231945"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Boojoong Kang","raw_affiliation_strings":["Centre for Secure Information Technologies (CSIT), Queen's University Belfast, Belfast, Northern Ireland, United Kingdom"],"affiliations":[{"raw_affiliation_string":"Centre for Secure Information Technologies (CSIT), Queen's University Belfast, Belfast, Northern Ireland, United Kingdom","institution_ids":["https://openalex.org/I126231945"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072809002","display_name":"Suleiman Y. Yerima","orcid":"https://orcid.org/0000-0003-0346-1219"},"institutions":[{"id":"https://openalex.org/I126231945","display_name":"Queen's University Belfast","ror":"https://ror.org/00hswnk62","country_code":"GB","type":"education","lineage":["https://openalex.org/I126231945"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Suleiman Y. Yerima","raw_affiliation_strings":["Centre for Secure Information Technologies (CSIT), Queen's University Belfast, Belfast, Northern Ireland, United Kingdom"],"affiliations":[{"raw_affiliation_string":"Centre for Secure Information Technologies (CSIT), Queen's University Belfast, Belfast, Northern Ireland, United Kingdom","institution_ids":["https://openalex.org/I126231945"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5027789250","display_name":"Kieran McLaughlin","orcid":"https://orcid.org/0000-0002-1299-2364"},"institutions":[{"id":"https://openalex.org/I126231945","display_name":"Queen's University Belfast","ror":"https://ror.org/00hswnk62","country_code":"GB","type":"education","lineage":["https://openalex.org/I126231945"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Kieran Mclaughlin","raw_affiliation_strings":["Centre for Secure Information Technologies (CSIT), Queen's University Belfast, Belfast, Northern Ireland, United Kingdom"],"affiliations":[{"raw_affiliation_string":"Centre for Secure Information Technologies (CSIT), Queen's University Belfast, Belfast, Northern Ireland, United Kingdom","institution_ids":["https://openalex.org/I126231945"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5103020013","display_name":"Sakir Sezer","orcid":"https://orcid.org/0000-0003-2857-616X"},"institutions":[{"id":"https://openalex.org/I126231945","display_name":"Queen's University Belfast","ror":"https://ror.org/00hswnk62","country_code":"GB","type":"education","lineage":["https://openalex.org/I126231945"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Sakir Sezer","raw_affiliation_strings":["Centre for Secure Information Technologies (CSIT), Queen's University Belfast, Belfast, Northern Ireland, United Kingdom"],"affiliations":[{"raw_affiliation_string":"Centre for Secure Information Technologies (CSIT), Queen's University Belfast, Belfast, Northern Ireland, United Kingdom","institution_ids":["https://openalex.org/I126231945"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5007577685"],"corresponding_institution_ids":["https://openalex.org/I126231945"],"apc_list":null,"apc_paid":null,"fwci":6.6193,"has_fulltext":true,"cited_by_count":103,"citation_normalized_percentile":{"value":0.97419695,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"7"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9930999875068665,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9706000089645386,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/opcode","display_name":"Opcode","score":0.9826828241348267},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8837727308273315},{"id":"https://openalex.org/keywords/android-malware","display_name":"Android malware","score":0.8113017082214355},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.7993031144142151},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7920688986778259},{"id":"https://openalex.org/keywords/categorization","display_name":"Categorization","score":0.6314562559127808},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5260539054870605},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5218876004219055},{"id":"https://openalex.org/keywords/popularity","display_name":"Popularity","score":0.46209800243377686},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3213402032852173},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2598206698894501},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.15122684836387634}],"concepts":[{"id":"https://openalex.org/C52173422","wikidata":"https://www.wikidata.org/wiki/Q766483","display_name":"Opcode","level":2,"score":0.9826828241348267},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8837727308273315},{"id":"https://openalex.org/C2989133298","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android malware","level":3,"score":0.8113017082214355},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.7993031144142151},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7920688986778259},{"id":"https://openalex.org/C94124525","wikidata":"https://www.wikidata.org/wiki/Q912550","display_name":"Categorization","level":2,"score":0.6314562559127808},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5260539054870605},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5218876004219055},{"id":"https://openalex.org/C2780586970","wikidata":"https://www.wikidata.org/wiki/Q1357284","display_name":"Popularity","level":2,"score":0.46209800243377686},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3213402032852173},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2598206698894501},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.15122684836387634},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C77805123","wikidata":"https://www.wikidata.org/wiki/Q161272","display_name":"Social psychology","level":1,"score":0.0}],"mesh":[],"locations_count":5,"locations":[{"id":"doi:10.1109/cybersecpods.2016.7502343","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cybersecpods.2016.7502343","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security)","raw_type":"proceedings-article"},{"id":"pmh:oai:www.dora.dmu.ac.uk:2086/16949","is_oa":false,"landing_page_url":"https://pure.qub.ac.uk/portal/en/publications/nopcode-analysis-for-android-malware-classification-and-categorization(6fe45281-f302-4df8-9ccc-2acfe0059b38).html","pdf_url":null,"source":{"id":"https://openalex.org/S4306400394","display_name":"DMU Open Research Archive (De Montfort University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I66943878","host_organization_name":"De Montfort University","host_organization_lineage":["https://openalex.org/I66943878"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":"","raw_type":"Conference"},{"id":"pmh:oai:arXiv.org:1607.08149","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1607.08149","pdf_url":"https://arxiv.org/pdf/1607.08149","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"pmh:oai:pure.qub.ac.uk/portal:publications/6fe45281-f302-4df8-9ccc-2acfe0059b38","is_oa":true,"landing_page_url":"https://pure.qub.ac.uk/en/publications/6fe45281-f302-4df8-9ccc-2acfe0059b38","pdf_url":"https://pureadmin.qub.ac.uk/ws/files/89315586/N_opcode_Analysis_for_Android_Malware_Classification_and_Categorization.pdf","source":{"id":"https://openalex.org/S4306402319","display_name":"Research Portal (Queen's University Belfast)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I126231945","host_organization_name":"Queen's University Belfast","host_organization_lineage":["https://openalex.org/I126231945"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Kang , B , Yerima , S Y , McLaughlin , K &amp; Sezer , S 2016 , N-opcode analysis for android malware classification and categorization . in Cyber Security: Proceedings of the 2016 International Conference on Cyber Security and Protection of Digital Services . Institute of Electrical and Electronics Engineers Inc. , United Kingdom , Cyber Security and Protection of Digital Services , London , United Kingdom , 13/06/2016 . https://doi.org/10.1109/CyberSecPODS.2016.7502343","raw_type":"contributionToPeriodical"},{"id":"pmh:oai:dora.dmu.ac.uk:2086/16949","is_oa":true,"landing_page_url":"http://hdl.handle.net/2086/16949","pdf_url":null,"source":{"id":"https://openalex.org/S4306400394","display_name":"DMU Open Research Archive (De Montfort University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I66943878","host_organization_name":"De Montfort University","host_organization_lineage":["https://openalex.org/I66943878"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc","license_id":"https://openalex.org/licenses/cc-by-nc","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Conference"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:1607.08149","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1607.08149","pdf_url":"https://arxiv.org/pdf/1607.08149","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3737606294","display_name":null,"funder_award_id":"EP/K003445/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G5445011987","display_name":null,"funder_award_id":"EP/K004379/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G6577499357","display_name":null,"funder_award_id":"EP/N508664/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"}],"funders":[{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":27,"referenced_works":["https://openalex.org/W6736853","https://openalex.org/W7469215","https://openalex.org/W79549259","https://openalex.org/W90790289","https://openalex.org/W1508584952","https://openalex.org/W1647869403","https://openalex.org/W1947535385","https://openalex.org/W1964241047","https://openalex.org/W1982730827","https://openalex.org/W1987375341","https://openalex.org/W1990649188","https://openalex.org/W1999728176","https://openalex.org/W2007857904","https://openalex.org/W2026875669","https://openalex.org/W2059043756","https://openalex.org/W2092898274","https://openalex.org/W2122672392","https://openalex.org/W2125011234","https://openalex.org/W2125055259","https://openalex.org/W2133990480","https://openalex.org/W2141198770","https://openalex.org/W2152660559","https://openalex.org/W2185711674","https://openalex.org/W2294381999","https://openalex.org/W2804326144","https://openalex.org/W6678449394","https://openalex.org/W6686814135"],"related_works":["https://openalex.org/W36091977","https://openalex.org/W2800331776","https://openalex.org/W4382794599","https://openalex.org/W2903602818","https://openalex.org/W2904470035","https://openalex.org/W2717179875","https://openalex.org/W4249118297","https://openalex.org/W3012517703","https://openalex.org/W3036603968","https://openalex.org/W4312234627"],"abstract_inverted_index":{"Malware":[0],"detection":[1,35,50],"is":[2,118],"a":[3],"growing":[4],"problem":[5],"particularly":[6],"on":[7,100],"the":[8,32,85,95],"Android":[9,54,75],"mobile":[10],"platform":[11],"due":[12],"to":[13,19,71,93,108],"its":[14],"increasing":[15],"popularity":[16],"and":[17,51,73],"accessibility":[18],"numerous":[20],"third":[21],"party":[22],"app":[23],"markets.":[24],"This":[25,43,77],"has":[26],"also":[27],"been":[28],"made":[29],"worse":[30],"by":[31,39],"increasingly":[33],"sophisticated":[34],"avoidance":[36],"techniques":[37,48],"employed":[38],"emerging":[40],"malware":[41],"families.":[42],"calls":[44],"for":[45,49,87],"more":[46],"effective":[47],"classification":[52],"of":[53,116],"malware.":[55,76],"Hence,":[56],"in":[57],"this":[58,121],"paper":[59],"we":[60],"present":[61],"an":[62,114],"n-opcode":[63],"analysis":[64],"based":[65],"approach":[66,78],"that":[67,83,103,113],"utilizes":[68],"machine":[69],"learning":[70],"classify":[72],"categorize":[74],"enables":[79],"automated":[80],"feature":[81],"discovery":[82],"eliminates":[84],"need":[86],"applying":[88],"expert":[89],"or":[90],"domain":[91],"knowledge":[92],"define":[94],"needed":[96],"features.":[97],"Our":[98],"experiments":[99],"2520":[101],"samples":[102],"were":[104],"performed":[105],"using":[106,120],"up":[107],"10-gram":[109],"opcode":[110],"features":[111],"showed":[112],"f-measure":[115],"98%":[117],"achievable":[119],"approach.":[122]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":9},{"year":2024,"cited_by_count":11},{"year":2023,"cited_by_count":8},{"year":2022,"cited_by_count":13},{"year":2021,"cited_by_count":18},{"year":2020,"cited_by_count":17},{"year":2019,"cited_by_count":16},{"year":2018,"cited_by_count":7},{"year":2017,"cited_by_count":3}],"updated_date":"2026-04-14T08:04:32.555800","created_date":"2020-11-23T00:00:00"}