{"id":"https://openalex.org/W2158874007","doi":"https://doi.org/10.1145/2592791.2592796","title":"Rage against the virtual machine","display_name":"Rage against the virtual machine","publication_year":2014,"publication_date":"2014-04-13","ids":{"openalex":"https://openalex.org/W2158874007","doi":"https://doi.org/10.1145/2592791.2592796","mag":"2158874007"},"language":"en","primary_location":{"id":"doi:10.1145/2592791.2592796","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2592791.2592796","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Seventh European Workshop on System Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5035575887","display_name":"Thanasis Petsas","orcid":null},"institutions":[{"id":"https://openalex.org/I8901234","display_name":"Foundation for Research and Technology Hellas","ror":"https://ror.org/052rphn09","country_code":"GR","type":"facility","lineage":["https://openalex.org/I8901234"]}],"countries":["GR"],"is_corresponding":true,"raw_author_name":"Thanasis Petsas","raw_affiliation_strings":["Institute of Computer Science, Foundation for Research and Technology---Hellas, Greece"],"affiliations":[{"raw_affiliation_string":"Institute of Computer Science, Foundation for Research and Technology---Hellas, Greece","institution_ids":["https://openalex.org/I8901234"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084041567","display_name":"Giannis Voyatzis","orcid":null},"institutions":[{"id":"https://openalex.org/I8901234","display_name":"Foundation for Research and Technology Hellas","ror":"https://ror.org/052rphn09","country_code":"GR","type":"facility","lineage":["https://openalex.org/I8901234"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Giannis Voyatzis","raw_affiliation_strings":["Institute of Computer Science, Foundation for Research and Technology---Hellas, Greece"],"affiliations":[{"raw_affiliation_string":"Institute of Computer Science, Foundation for Research and Technology---Hellas, Greece","institution_ids":["https://openalex.org/I8901234"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102849919","display_name":"\u0397\u03bb\u03af\u03b1\u03c2 \u0391\u03b8\u03b1\u03bd\u03b1\u03c3\u03cc\u03c0\u03bf\u03c5\u03bb\u03bf\u03c2","orcid":"https://orcid.org/0000-0002-8759-3261"},"institutions":[{"id":"https://openalex.org/I8901234","display_name":"Foundation for Research and Technology Hellas","ror":"https://ror.org/052rphn09","country_code":"GR","type":"facility","lineage":["https://openalex.org/I8901234"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Elias Athanasopoulos","raw_affiliation_strings":["Institute of Computer Science, Foundation for Research and Technology---Hellas, Greece"],"affiliations":[{"raw_affiliation_string":"Institute of Computer Science, Foundation for Research and Technology---Hellas, Greece","institution_ids":["https://openalex.org/I8901234"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5007101727","display_name":"Michalis Polychronakis","orcid":"https://orcid.org/0000-0002-3106-0343"},"institutions":[{"id":"https://openalex.org/I78577930","display_name":"Columbia University","ror":"https://ror.org/00hj8s172","country_code":"US","type":"education","lineage":["https://openalex.org/I78577930"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Michalis Polychronakis","raw_affiliation_strings":["Columbia University"],"affiliations":[{"raw_affiliation_string":"Columbia University","institution_ids":["https://openalex.org/I78577930"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5022073151","display_name":"Sotiris Ioannidis","orcid":"https://orcid.org/0000-0001-9340-2241"},"institutions":[{"id":"https://openalex.org/I8901234","display_name":"Foundation for Research and Technology Hellas","ror":"https://ror.org/052rphn09","country_code":"GR","type":"facility","lineage":["https://openalex.org/I8901234"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Sotiris Ioannidis","raw_affiliation_strings":["Institute of Computer Science, Foundation for Research and Technology---Hellas, Greece"],"affiliations":[{"raw_affiliation_string":"Institute of Computer Science, Foundation for Research and Technology---Hellas, Greece","institution_ids":["https://openalex.org/I8901234"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5035575887"],"corresponding_institution_ids":["https://openalex.org/I8901234"],"apc_list":null,"apc_paid":null,"fwci":24.2005,"has_fulltext":false,"cited_by_count":209,"citation_normalized_percentile":{"value":0.99765621,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9932000041007996,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9932000041007996,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8046739101409912},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.7922642230987549},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.6871901750564575},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.6858588457107544},{"id":"https://openalex.org/keywords/android-malware","display_name":"Android malware","score":0.6737543344497681},{"id":"https://openalex.org/keywords/heuristics","display_name":"Heuristics","score":0.5896575450897217},{"id":"https://openalex.org/keywords/evasion","display_name":"Evasion (ethics)","score":0.5361008644104004},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5029858946800232},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.5014774799346924},{"id":"https://openalex.org/keywords/cryptovirology","display_name":"Cryptovirology","score":0.4845232367515564},{"id":"https://openalex.org/keywords/security-analysis","display_name":"Security analysis","score":0.46169790625572205},{"id":"https://openalex.org/keywords/mobile-malware","display_name":"Mobile malware","score":0.4516465365886688},{"id":"https://openalex.org/keywords/virtual-machine","display_name":"Virtual machine","score":0.4154321253299713},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.29124951362609863},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.08032628893852234}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8046739101409912},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.7922642230987549},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.6871901750564575},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.6858588457107544},{"id":"https://openalex.org/C2989133298","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android malware","level":3,"score":0.6737543344497681},{"id":"https://openalex.org/C127705205","wikidata":"https://www.wikidata.org/wiki/Q5748245","display_name":"Heuristics","level":2,"score":0.5896575450897217},{"id":"https://openalex.org/C2781251061","wikidata":"https://www.wikidata.org/wiki/Q5416089","display_name":"Evasion (ethics)","level":3,"score":0.5361008644104004},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5029858946800232},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.5014774799346924},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.4845232367515564},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.46169790625572205},{"id":"https://openalex.org/C2780967490","wikidata":"https://www.wikidata.org/wiki/Q1291200","display_name":"Mobile malware","level":3,"score":0.4516465365886688},{"id":"https://openalex.org/C25344961","wikidata":"https://www.wikidata.org/wiki/Q192726","display_name":"Virtual machine","level":2,"score":0.4154321253299713},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.29124951362609863},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.08032628893852234},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C203014093","wikidata":"https://www.wikidata.org/wiki/Q101929","display_name":"Immunology","level":1,"score":0.0},{"id":"https://openalex.org/C8891405","wikidata":"https://www.wikidata.org/wiki/Q1059","display_name":"Immune system","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2592791.2592796","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2592791.2592796","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Seventh European Workshop on System Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.7300000190734863,"display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G5139896153","display_name":null,"funder_award_id":"608533, 317631, 254116, 273765","funder_id":"https://openalex.org/F4320334960","funder_display_name":"Seventh Framework Programme"}],"funders":[{"id":"https://openalex.org/F4320334960","display_name":"Seventh Framework Programme","ror":"https://ror.org/00k4n6c32"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":17,"referenced_works":["https://openalex.org/W7103708","https://openalex.org/W78162143","https://openalex.org/W81879861","https://openalex.org/W191656338","https://openalex.org/W1849042743","https://openalex.org/W1865564993","https://openalex.org/W1963971515","https://openalex.org/W1988036170","https://openalex.org/W1990360323","https://openalex.org/W1997201541","https://openalex.org/W2016216904","https://openalex.org/W2025721496","https://openalex.org/W2049208027","https://openalex.org/W2104839588","https://openalex.org/W2152149943","https://openalex.org/W2614344471","https://openalex.org/W6603356336"],"related_works":["https://openalex.org/W3135174262","https://openalex.org/W2183925834","https://openalex.org/W3199551743","https://openalex.org/W2731848812","https://openalex.org/W2717179875","https://openalex.org/W3200508744","https://openalex.org/W4390188637","https://openalex.org/W4249118297","https://openalex.org/W2311926078","https://openalex.org/W2592611918"],"abstract_inverted_index":{"Antivirus":[0],"companies,":[1],"mobile":[2,21],"application":[3],"marketplaces,":[4],"and":[5,19,62,84,101],"the":[6,67,72,118,121,129,140],"security":[7],"research":[8],"community,":[9],"employ":[10,37],"techniques":[11,33],"based":[12,53],"on":[13,54],"dynamic":[14,40,59,91,131,144],"code":[15],"analysis":[16,41,92,132,145],"to":[17,38,87,103,106,125,138],"detect":[18],"analyze":[20],"malware.":[22],"In":[23],"this":[24],"paper,":[25],"we":[26,77],"present":[27],"a":[28],"broad":[29],"range":[30],"of":[31,66,74,108,120,128,142],"anti-analysis":[32],"that":[34],"malware":[35,82],"can":[36],"evade":[39,126],"in":[42,80],"emulated":[43],"Android":[44,68,90],"environments.":[45],"Our":[46],"detection":[47],"heuristics":[48],"span":[49],"three":[50],"different":[51],"categories":[52],"(i)":[55],"static":[56],"properties,":[57],"(ii)":[58],"sensor":[60],"information,":[61],"(iii)":[63],"VM-related":[64],"intricacies":[65],"Emulator.":[69],"To":[70],"assess":[71],"effectiveness":[73],"our":[75,109],"techniques,":[76,114],"incorporated":[78],"them":[79,86],"real":[81],"samples":[83],"submitted":[85],"publicly":[88],"available":[89],"systems,":[93],"with":[94],"alarming":[95],"results.":[96],"We":[97,134],"found":[98],"all":[99],"tools":[100,146],"services":[102],"be":[104],"vulnerable":[105],"most":[107],"evasion":[110,148],"techniques.":[111],"Even":[112],"trivial":[113],"such":[115],"as":[116],"checking":[117],"value":[119],"IMEI,":[122],"are":[123],"enough":[124],"some":[127],"existing":[130],"frameworks.":[133],"propose":[135],"possible":[136],"countermeasures":[137],"improve":[139],"resistance":[141],"current":[143],"against":[147],"attempts.":[149]},"counts_by_year":[{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":10},{"year":2023,"cited_by_count":9},{"year":2022,"cited_by_count":11},{"year":2021,"cited_by_count":23},{"year":2020,"cited_by_count":21},{"year":2019,"cited_by_count":17},{"year":2018,"cited_by_count":31},{"year":2017,"cited_by_count":28},{"year":2016,"cited_by_count":25},{"year":2015,"cited_by_count":22},{"year":2014,"cited_by_count":7}],"updated_date":"2026-03-17T09:09:15.849793","created_date":"2025-10-10T00:00:00"}