{"id":"https://openalex.org/W4378191139","doi":"https://doi.org/10.1109/syscon53073.2023.10131073","title":"Inspecting Binder Transactions to Detect Anomalies in Android","display_name":"Inspecting Binder Transactions to Detect Anomalies in Android","publication_year":2023,"publication_date":"2023-04-17","ids":{"openalex":"https://openalex.org/W4378191139","doi":"https://doi.org/10.1109/syscon53073.2023.10131073"},"language":"en","primary_location":{"id":"doi:10.1109/syscon53073.2023.10131073","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/syscon53073.2023.10131073","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE International Systems Conference (SysCon)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5104120537","display_name":"Rodrigo G. Lemos","orcid":null},"institutions":[{"id":"https://openalex.org/I52418104","display_name":"Universidade Federal do Paran\u00e1","ror":"https://ror.org/05syd6y78","country_code":"BR","type":"education","lineage":["https://openalex.org/I52418104"]}],"countries":["BR"],"is_corresponding":true,"raw_author_name":"Rodrigo G. Lemos","raw_affiliation_strings":["Federal University of Paran&#x00E1; - Curitiba,Computer Science Department,Brazil,81530-015"],"affiliations":[{"raw_affiliation_string":"Federal University of Paran&#x00E1; - Curitiba,Computer Science Department,Brazil,81530-015","institution_ids":["https://openalex.org/I52418104"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053942798","display_name":"Tiago Heinrich","orcid":"https://orcid.org/0000-0002-8017-1293"},"institutions":[{"id":"https://openalex.org/I52418104","display_name":"Universidade Federal do Paran\u00e1","ror":"https://ror.org/05syd6y78","country_code":"BR","type":"education","lineage":["https://openalex.org/I52418104"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Tiago Heinrich","raw_affiliation_strings":["Federal University of Paran&#x00E1; - Curitiba,Computer Science Department,Brazil,81530-015"],"affiliations":[{"raw_affiliation_string":"Federal University of Paran&#x00E1; - Curitiba,Computer Science Department,Brazil,81530-015","institution_ids":["https://openalex.org/I52418104"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5066153918","display_name":"Newton C. Will","orcid":"https://orcid.org/0000-0003-2976-4533"},"institutions":[{"id":"https://openalex.org/I1283613182","display_name":"Universidade Tecnol\u00f3gica Federal do Paran\u00e1","ror":"https://ror.org/002v2kq79","country_code":"BR","type":"education","lineage":["https://openalex.org/I1283613182"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Newton C. Will","raw_affiliation_strings":["Federal University of Technology - Paran&#x00E1; - Dois Vizinhos,Computer Science Department,Brazil,85660-000"],"affiliations":[{"raw_affiliation_string":"Federal University of Technology - Paran&#x00E1; - Dois Vizinhos,Computer Science Department,Brazil,85660-000","institution_ids":["https://openalex.org/I1283613182"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5041210276","display_name":"Rafael R. Obelheiro","orcid":"https://orcid.org/0000-0002-4014-6691"},"institutions":[{"id":"https://openalex.org/I164790352","display_name":"Universidade do Estado de Santa Catarina","ror":"https://ror.org/03ztsbk67","country_code":"BR","type":"education","lineage":["https://openalex.org/I164790352"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Rafael R. Obelheiro","raw_affiliation_strings":["State University of Santa Catarina - Joinville,Computer Science Department,Brazil,89219-710"],"affiliations":[{"raw_affiliation_string":"State University of Santa Catarina - Joinville,Computer Science Department,Brazil,89219-710","institution_ids":["https://openalex.org/I164790352"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5049431434","display_name":"Carlos Maziero","orcid":"https://orcid.org/0000-0003-2592-3664"},"institutions":[{"id":"https://openalex.org/I52418104","display_name":"Universidade Federal do Paran\u00e1","ror":"https://ror.org/05syd6y78","country_code":"BR","type":"education","lineage":["https://openalex.org/I52418104"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Carlos A. Maziero","raw_affiliation_strings":["Federal University of Paran&#x00E1; - Curitiba,Computer Science Department,Brazil,81530-015"],"affiliations":[{"raw_affiliation_string":"Federal University of Paran&#x00E1; - Curitiba,Computer Science Department,Brazil,81530-015","institution_ids":["https://openalex.org/I52418104"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5104120537"],"corresponding_institution_ids":["https://openalex.org/I52418104"],"apc_list":null,"apc_paid":null,"fwci":0.8151,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.70553991,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9836999773979187,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8473105430603027},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.839873194694519},{"id":"https://openalex.org/keywords/android-malware","display_name":"Android malware","score":0.7991401553153992},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7728586196899414},{"id":"https://openalex.org/keywords/android-application","display_name":"Android application","score":0.5052290558815002},{"id":"https://openalex.org/keywords/system-call","display_name":"System call","score":0.49026134610176086},{"id":"https://openalex.org/keywords/mobile-device","display_name":"Mobile device","score":0.4794106185436249},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.43057334423065186},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.4161562919616699},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.30819106101989746},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.20147743821144104}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8473105430603027},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.839873194694519},{"id":"https://openalex.org/C2989133298","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android malware","level":3,"score":0.7991401553153992},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7728586196899414},{"id":"https://openalex.org/C3017891749","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android application","level":3,"score":0.5052290558815002},{"id":"https://openalex.org/C2778579508","wikidata":"https://www.wikidata.org/wiki/Q722192","display_name":"System call","level":2,"score":0.49026134610176086},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.4794106185436249},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.43057334423065186},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.4161562919616699},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.30819106101989746},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.20147743821144104}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/syscon53073.2023.10131073","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/syscon53073.2023.10131073","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE International Systems Conference (SysCon)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.49000000953674316,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":24,"referenced_works":["https://openalex.org/W7469215","https://openalex.org/W1990649188","https://openalex.org/W2007087405","https://openalex.org/W2060537671","https://openalex.org/W2070386561","https://openalex.org/W2115348994","https://openalex.org/W2584844506","https://openalex.org/W2765271136","https://openalex.org/W2792310543","https://openalex.org/W2794444863","https://openalex.org/W2803414046","https://openalex.org/W2897107030","https://openalex.org/W2900275727","https://openalex.org/W2948684988","https://openalex.org/W2964636835","https://openalex.org/W2982705228","https://openalex.org/W2986232939","https://openalex.org/W3003626607","https://openalex.org/W3010913577","https://openalex.org/W3135916744","https://openalex.org/W4280572823","https://openalex.org/W6732834635","https://openalex.org/W6751671829","https://openalex.org/W6753153400"],"related_works":["https://openalex.org/W2782775281","https://openalex.org/W2439951656","https://openalex.org/W2560361988","https://openalex.org/W2507113366","https://openalex.org/W1998188341","https://openalex.org/W1573526548","https://openalex.org/W4327939473","https://openalex.org/W3025122950","https://openalex.org/W2311926078","https://openalex.org/W3200508744"],"abstract_inverted_index":{"With":[0],"the":[1,12,23,72,107],"growing":[2],"number":[3],"and":[4,41,92,98,121,125,143,151],"complexity":[5],"of":[6,28,85],"threats":[7],"to":[8,21,35,49,81,118,138,154],"mobile":[9],"devices":[10],"in":[11,68,133],"latest":[13],"years,":[14],"new":[15,129],"security":[16],"strategies":[17],"are":[18,46],"constantly":[19],"developed":[20],"protect":[22],"users.":[24],"The":[25],"wide":[26],"variety":[27],"Android":[29,60,69,142],"malware":[30,39,140],"families":[31],"makes":[32],"it":[33,76,145],"challenging":[34],"keep":[36],"up":[37],"with":[38,51,96],"evolution":[40],"build":[42],"detection":[43],"systems":[44],"that":[45],"generic":[47],"enough":[48],"deal":[50],"them.":[52],"This":[53],"work":[54],"explores":[55],"inter-process":[56],"communication":[57],"(IPC)":[58],"between":[59],"processes":[61],"for":[62],"anomaly":[63],"detection.":[64],"All":[65],"IPC":[66],"messages":[67],"go":[70],"through":[71],"Binder":[73,97,112],"driver,":[74],"making":[75],"a":[77,100,134],"good":[78],"vantage":[79],"point":[80],"observe":[82],"all":[83],"kinds":[84],"malicious":[86,91],"actions.":[87],"We":[88,105],"observed":[89],"how":[90],"benign":[93],"applications":[94],"interact":[95],"built":[99],"dataset":[101,109],"representing":[102],"their":[103,119],"behavior.":[104],"enriched":[106],"raw":[108],"by":[110,122],"classifying":[111],"calls":[113],"into":[114],"five":[115],"groups":[116],"according":[117],"functionality":[120],"identifying":[123],"high-":[124],"low-risk":[126],"groups.":[127],"These":[128],"features":[130],"were":[131],"used":[132],"machine":[135],"learning-based":[136],"method":[137],"detect":[139],"on":[141],"validate":[144],"using":[146],"these":[147],"datasets,":[148],"achieving":[149],"accuracy":[150],"F1Score":[152],"close":[153],"0.90.":[155]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2}],"updated_date":"2026-01-13T01:12:25.745995","created_date":"2025-10-10T00:00:00"}