{"id":"https://openalex.org/W2056690037","doi":"https://doi.org/10.1145/2664243.2664245","title":"Design and implementation of an Android host-based intrusion prevention system","display_name":"Design and implementation of an Android host-based intrusion prevention system","publication_year":2014,"publication_date":"2014-12-08","ids":{"openalex":"https://openalex.org/W2056690037","doi":"https://doi.org/10.1145/2664243.2664245","mag":"2056690037"},"language":"en","primary_location":{"id":"doi:10.1145/2664243.2664245","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2664243.2664245","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 30th Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5103105383","display_name":"Mingshen Sun","orcid":"https://orcid.org/0000-0003-4775-0362"},"institutions":[{"id":"https://openalex.org/I177725633","display_name":"Chinese University of Hong Kong","ror":"https://ror.org/00t33hh48","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Mingshen Sun","raw_affiliation_strings":["The Chinese University of Hong Kong"],"affiliations":[{"raw_affiliation_string":"The Chinese University of Hong Kong","institution_ids":["https://openalex.org/I177725633"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5111364941","display_name":"Min Zheng","orcid":"https://orcid.org/0009-0000-8629-4684"},"institutions":[{"id":"https://openalex.org/I177725633","display_name":"Chinese University of Hong Kong","ror":"https://ror.org/00t33hh48","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Min Zheng","raw_affiliation_strings":["The Chinese University of Hong Kong"],"affiliations":[{"raw_affiliation_string":"The Chinese University of Hong Kong","institution_ids":["https://openalex.org/I177725633"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5068489266","display_name":"John C. S. Lui","orcid":"https://orcid.org/0000-0001-7466-0384"},"institutions":[{"id":"https://openalex.org/I177725633","display_name":"Chinese University of Hong Kong","ror":"https://ror.org/00t33hh48","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"John C. S. Lui","raw_affiliation_strings":["The Chinese University of Hong Kong"],"affiliations":[{"raw_affiliation_string":"The Chinese University of Hong Kong","institution_ids":["https://openalex.org/I177725633"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5109035300","display_name":"Xuxian Jiang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Xuxian Jiang","raw_affiliation_strings":["Qihoo &amp; NC State University"],"affiliations":[{"raw_affiliation_string":"Qihoo &amp; NC State University","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5103105383"],"corresponding_institution_ids":["https://openalex.org/I177725633"],"apc_list":null,"apc_paid":null,"fwci":6.4053,"has_fulltext":false,"cited_by_count":42,"citation_normalized_percentile":{"value":0.97268677,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"226","last_page":"235"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9876999855041504,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.8080145120620728},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.7638644576072693},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.7598310112953186},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7416403889656067},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5978906154632568},{"id":"https://openalex.org/keywords/hacker","display_name":"Hacker","score":0.5678067207336426},{"id":"https://openalex.org/keywords/implementation","display_name":"Implementation","score":0.5289395451545715},{"id":"https://openalex.org/keywords/mobile-malware","display_name":"Mobile malware","score":0.5057892799377441},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.4458247423171997},{"id":"https://openalex.org/keywords/mobile-device","display_name":"Mobile device","score":0.42579036951065063},{"id":"https://openalex.org/keywords/android-malware","display_name":"Android malware","score":0.42189300060272217},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3239206075668335}],"concepts":[{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.8080145120620728},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.7638644576072693},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.7598310112953186},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7416403889656067},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5978906154632568},{"id":"https://openalex.org/C86844869","wikidata":"https://www.wikidata.org/wiki/Q2798820","display_name":"Hacker","level":2,"score":0.5678067207336426},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.5289395451545715},{"id":"https://openalex.org/C2780967490","wikidata":"https://www.wikidata.org/wiki/Q1291200","display_name":"Mobile malware","level":3,"score":0.5057892799377441},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.4458247423171997},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.42579036951065063},{"id":"https://openalex.org/C2989133298","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android malware","level":3,"score":0.42189300060272217},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3239206075668335},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2664243.2664245","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2664243.2664245","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 30th Annual Computer Security Applications Conference","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/7","score":0.5,"display_name":"Affordable and clean energy"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":47,"referenced_works":["https://openalex.org/W81879861","https://openalex.org/W190551272","https://openalex.org/W1516211918","https://openalex.org/W1522939654","https://openalex.org/W1535984709","https://openalex.org/W1555215938","https://openalex.org/W1680232729","https://openalex.org/W1865564993","https://openalex.org/W1912565424","https://openalex.org/W1953670109","https://openalex.org/W1963971515","https://openalex.org/W1971497680","https://openalex.org/W1985686072","https://openalex.org/W1988036170","https://openalex.org/W1990649188","https://openalex.org/W1994588724","https://openalex.org/W2010395842","https://openalex.org/W2028727337","https://openalex.org/W2041276426","https://openalex.org/W2043579558","https://openalex.org/W2068583268","https://openalex.org/W2070518775","https://openalex.org/W2082300114","https://openalex.org/W2084957670","https://openalex.org/W2085577046","https://openalex.org/W2087804676","https://openalex.org/W2091540464","https://openalex.org/W2102970979","https://openalex.org/W2114275288","https://openalex.org/W2125011234","https://openalex.org/W2127671294","https://openalex.org/W2140095007","https://openalex.org/W2152149943","https://openalex.org/W2156858199","https://openalex.org/W2164539435","https://openalex.org/W2167661907","https://openalex.org/W2398354233","https://openalex.org/W2398484989","https://openalex.org/W2399034518","https://openalex.org/W2399891510","https://openalex.org/W2951900017","https://openalex.org/W4239035626","https://openalex.org/W6603356336","https://openalex.org/W6630877225","https://openalex.org/W6633254993","https://openalex.org/W6640059210","https://openalex.org/W6641013258"],"related_works":["https://openalex.org/W4249118297","https://openalex.org/W2717179875","https://openalex.org/W2311926078","https://openalex.org/W3199551743","https://openalex.org/W4281384336","https://openalex.org/W3195586271","https://openalex.org/W2782775281","https://openalex.org/W4312234627","https://openalex.org/W2781346976","https://openalex.org/W2899262475"],"abstract_inverted_index":{"Android":[0,19,21,51,114],"has":[1],"a":[2,12,71,91,96,129,154],"dominating":[3],"share":[4],"in":[5,30,82],"the":[6,59,109,113,145],"mobile":[7,16,28],"market":[8],"and":[9,36,62,74,93,98,149,159],"there":[10],"is":[11],"significant":[13],"rise":[14],"of":[15,26,64,76,95],"malware":[17,22,122,151],"targeting":[18],"devices.":[20,52],"accounted":[23],"for":[24,134],"97%":[25],"all":[27],"threats":[29],"2013":[31],"[26].":[32],"To":[33],"protect":[34],"smartphones":[35],"prevent":[37,144],"privacy":[38],"leakage,":[39],"companies":[40],"have":[41],"implemented":[42],"various":[43],"host-based":[44],"intrusion":[45,106],"prevention":[46,107],"systems":[47],"(HIPS)":[48],"on":[49,124],"their":[50],"In":[53],"this":[54],"paper,":[55],"we":[56,89],"first":[57],"analyze":[58],"implementations,":[60],"strengths":[61],"weaknesses":[63],"three":[65],"popular":[66,79],"HIPS":[67,80,100],"architectures.":[68],"We":[69,127],"demonstrate":[70],"severe":[72],"loophole":[73],"weakness":[75],"an":[77],"existing":[78,121],"product":[81],"which":[83],"hackers":[84],"can":[85,117,143],"readily":[86],"exploit.":[87],"Then":[88],"present":[90],"design":[92],"implementation":[94],"secure":[97],"extensible":[99],"platform---\"Patronus.\"":[101],"Patronus":[102,142],"not":[103],"only":[104],"provides":[105],"without":[108],"need":[110],"to":[111],"modify":[112],"system,":[115],"it":[116],"also":[118],"dynamically":[119],"detect":[120,150],"based":[123],"runtime":[125],"information.":[126],"propose":[128],"two-phase":[130],"dynamic":[131],"detection":[132],"algorithm":[133],"detecting":[135],"running":[136],"malware.":[137],"Our":[138],"experiments":[139],"show":[140],"that":[141],"intrusive":[146],"behaviors":[147],"efficiently":[148],"accurately":[152],"with":[153],"very":[155],"low":[156],"performance":[157],"overhead":[158],"power":[160],"consumption.":[161]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":5},{"year":2019,"cited_by_count":4},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":9},{"year":2016,"cited_by_count":11},{"year":2015,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}