{"id":"https://openalex.org/W2755856027","doi":"https://doi.org/10.1109/icccn.2017.8038419","title":"RealDroid: Large-Scale Evasive Malware Detection on \"Real Devices\"","display_name":"RealDroid: Large-Scale Evasive Malware Detection on \"Real Devices\"","publication_year":2017,"publication_date":"2017-07-01","ids":{"openalex":"https://openalex.org/W2755856027","doi":"https://doi.org/10.1109/icccn.2017.8038419","mag":"2755856027"},"language":"en","primary_location":{"id":"doi:10.1109/icccn.2017.8038419","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icccn.2017.8038419","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 26th International Conference on Computer Communication and Networks (ICCCN)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5075552913","display_name":"Liu Lang","orcid":null},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Lang Liu","raw_affiliation_strings":["Department of Computer Science, Tsinghua University"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Tsinghua University","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101152479","display_name":"Yacong Gu","orcid":"https://orcid.org/0000-0003-2221-5689"},"institutions":[{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yacong Gu","raw_affiliation_strings":["Chinese Academy Of Sciences, Institute Of Software"],"affiliations":[{"raw_affiliation_string":"Chinese Academy Of Sciences, Institute Of Software","institution_ids":["https://openalex.org/I4210128818"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100350262","display_name":"Qi Li","orcid":"https://orcid.org/0000-0003-0679-4385"},"institutions":[{"id":"https://openalex.org/I3131625388","display_name":"University Town of Shenzhen","ror":"https://ror.org/05f5j6225","country_code":"CN","type":"education","lineage":["https://openalex.org/I3131625388"]},{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Qi Li","raw_affiliation_strings":["Graduate School at Shenzhen, Tsinghua University"],"affiliations":[{"raw_affiliation_string":"Graduate School at Shenzhen, Tsinghua University","institution_ids":["https://openalex.org/I3131625388","https://openalex.org/I99065089"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5010291758","display_name":"Purui Su","orcid":"https://orcid.org/0000-0001-6701-0383"},"institutions":[{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Purui Su","raw_affiliation_strings":["Chinese Academy Of Sciences, Institute Of Software"],"affiliations":[{"raw_affiliation_string":"Chinese Academy Of Sciences, Institute Of Software","institution_ids":["https://openalex.org/I4210128818"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5075552913"],"corresponding_institution_ids":["https://openalex.org/I99065089"],"apc_list":null,"apc_paid":null,"fwci":0.5605,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.66032832,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9959999918937683,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9609000086784363,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9297451376914978},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.8175517320632935},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7825766801834106},{"id":"https://openalex.org/keywords/android-malware","display_name":"Android malware","score":0.683125376701355},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.662999153137207},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.5581786036491394},{"id":"https://openalex.org/keywords/mobile-malware","display_name":"Mobile malware","score":0.491655170917511},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.4398009181022644},{"id":"https://openalex.org/keywords/cryptovirology","display_name":"Cryptovirology","score":0.42993277311325073},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3940722942352295},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.37452882528305054}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9297451376914978},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.8175517320632935},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7825766801834106},{"id":"https://openalex.org/C2989133298","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android malware","level":3,"score":0.683125376701355},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.662999153137207},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.5581786036491394},{"id":"https://openalex.org/C2780967490","wikidata":"https://www.wikidata.org/wiki/Q1291200","display_name":"Mobile malware","level":3,"score":0.491655170917511},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.4398009181022644},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.42993277311325073},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3940722942352295},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.37452882528305054},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icccn.2017.8038419","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icccn.2017.8038419","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 26th International Conference on Computer Communication and Networks (ICCCN)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure","score":0.4699999988079071}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":32,"referenced_works":["https://openalex.org/W81879861","https://openalex.org/W1865564993","https://openalex.org/W1963971515","https://openalex.org/W1971497680","https://openalex.org/W1985752637","https://openalex.org/W2013856010","https://openalex.org/W2015790908","https://openalex.org/W2046185165","https://openalex.org/W2068583268","https://openalex.org/W2070386561","https://openalex.org/W2090534521","https://openalex.org/W2122672392","https://openalex.org/W2125011234","https://openalex.org/W2140807364","https://openalex.org/W2158874007","https://openalex.org/W2164170598","https://openalex.org/W2164539435","https://openalex.org/W2176830056","https://openalex.org/W2185059029","https://openalex.org/W2199478250","https://openalex.org/W2227887088","https://openalex.org/W2399891510","https://openalex.org/W2407059953","https://openalex.org/W2571682498","https://openalex.org/W2614579390","https://openalex.org/W4244460643","https://openalex.org/W6603356336","https://openalex.org/W6639024520","https://openalex.org/W6641190993","https://openalex.org/W6685576885","https://openalex.org/W6712192629","https://openalex.org/W6732042188"],"related_works":["https://openalex.org/W2608570228","https://openalex.org/W2183925834","https://openalex.org/W2791662519","https://openalex.org/W2007647094","https://openalex.org/W3107556205","https://openalex.org/W2080886095","https://openalex.org/W3136388389","https://openalex.org/W4385749679","https://openalex.org/W1830372847","https://openalex.org/W2067547021"],"abstract_inverted_index":{"In":[0,86,193],"order":[1],"to":[2,27,59,148],"effectively":[3,48],"detect":[4,49,74,198],"malware":[5,23,71,103,109,128,191],"in":[6,32,68,134,156,176,189],"Android,":[7],"dynamic":[8,43,93,154],"analysis":[9,39,44,64,96,155],"techniques":[10],"with":[11,184],"Android":[12,101,144],"emulators":[13,46,52],"are":[14],"widely":[15],"adopted.":[16],"Emulators":[17],"can":[18,47,73,99,129,196],"be":[19,121],"deployed":[20],"for":[21],"large-scale":[22,108,168,190],"detection":[24,56,166],"and":[25,81,94,104,163],"restored":[26],"an":[28,139],"ensured":[29],"clean":[30],"state":[31],"a":[33,92,114],"short":[34],"period":[35],"after":[36],"each":[37],"app":[38],"process":[40],"such":[41,117,158],"that":[42,72,98,118,159,174],"upon":[45],"malware.":[50,125,200],"Moreover,":[51,136],"significantly":[53],"reduce":[54],"the":[55,75,78,150],"cost":[57],"compared":[58,183],"real":[60,115],"devices.":[61],"However,":[62],"emulator-based":[63,79,95],"has":[65],"limited":[66],"capability":[67],"detecting":[69],"evasive":[70,102,124,127,199],"presence":[76],"of":[77,107,153,167],"environment":[80],"hide":[82],"its":[83,131],"malicious":[84,132],"behaviors.":[85],"this":[87],"paper,":[88],"we":[89,137],"propose":[90,138],"RealDroid,":[91,157],"system":[97],"capture":[100],"is":[105],"capable":[106],"detection.":[110,192],"RealDroid":[111,177],"completely":[112],"simulates":[113],"device":[116],"it":[119,160,195],"can't":[120],"identified":[122],"by":[123],"Thereby,":[126],"exhibit":[130],"behaviors":[133],"RealDroid.":[135],"automated":[140],"exploration":[141,181,187],"mechanism,":[142],"i.e.,":[143],"Test":[145],"Engine":[146],"(ATE),":[147],"improve":[149],"code":[151],"coverage":[152],"provides":[161],"efficient":[162],"effective":[164],"automatic":[165,186],"apps.":[169],"Our":[170],"experimental":[171],"results":[172],"demonstrate":[173],"ATE":[175],"achieves":[178],"much":[179],"better":[180],"effects":[182],"state-of-the-art":[185],"tools":[188],"particular,":[194],"successfully":[197]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":1}],"updated_date":"2026-03-17T09:09:15.849793","created_date":"2025-10-10T00:00:00"}