{"id":"https://openalex.org/W4385692162","doi":"https://doi.org/10.1145/3600160.3600194","title":"Characterizing the Use of Code Obfuscation in Malicious and Benign Android Apps","display_name":"Characterizing the Use of Code Obfuscation in Malicious and Benign Android Apps","publication_year":2023,"publication_date":"2023-08-09","ids":{"openalex":"https://openalex.org/W4385692162","doi":"https://doi.org/10.1145/3600160.3600194"},"language":"en","primary_location":{"id":"doi:10.1145/3600160.3600194","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3600160.3600194","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3600160.3600194","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","raw_type":"proceedings-article"},"type":"conference-paper","indexed_in":["crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3600160.3600194","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5082932780","display_name":"Ulf Karg\u00e9n","orcid":"https://orcid.org/0000-0002-3009-4314"},"institutions":[{"id":"https://openalex.org/I102134673","display_name":"Link\u00f6ping University","ror":"https://ror.org/05ynxx418","country_code":"SE","type":"education","lineage":["https://openalex.org/I102134673"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Ulf Karg\u00e9n","raw_affiliation_strings":["Link\u00f6ping University, Sweden"],"raw_orcid":"https://orcid.org/0000-0002-3009-4314","affiliations":[{"raw_affiliation_string":"Link\u00f6ping University, Sweden","institution_ids":["https://openalex.org/I102134673"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086727618","display_name":"Noah Mauthe","orcid":"https://orcid.org/0009-0006-9443-6455"},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Noah Mauthe","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security, Germany"],"raw_orcid":"https://orcid.org/0009-0006-9443-6455","affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security, Germany","institution_ids":["https://openalex.org/I4210128801"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5048152442","display_name":"Nahid Shahmehri","orcid":"https://orcid.org/0000-0002-0920-2157"},"institutions":[{"id":"https://openalex.org/I102134673","display_name":"Link\u00f6ping University","ror":"https://ror.org/05ynxx418","country_code":"SE","type":"education","lineage":["https://openalex.org/I102134673"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Nahid Shahmehri","raw_affiliation_strings":["Link\u00f6ping University, Sweden"],"raw_orcid":"https://orcid.org/0000-0002-0920-2157","affiliations":[{"raw_affiliation_string":"Link\u00f6ping University, Sweden","institution_ids":["https://openalex.org/I102134673"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":true,"cited_by_count":10,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"12"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12016","display_name":"Web Data Mining and Analysis","score":0.9851999878883362,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11181","display_name":"Advanced Data Storage Technologies","score":0.9847999811172485,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/obfuscation","display_name":"Obfuscation","score":0.9557949304580688},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7842564582824707},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.738811731338501},{"id":"https://openalex.org/keywords/bytecode","display_name":"Bytecode","score":0.5899606943130493},{"id":"https://openalex.org/keywords/identifier","display_name":"Identifier","score":0.5105398893356323},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.48000115156173706},{"id":"https://openalex.org/keywords/reverse-engineering","display_name":"Reverse engineering","score":0.4241354763507843},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.18853998184204102},{"id":"https://openalex.org/keywords/java","display_name":"Java","score":0.1135118305683136},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.10459631681442261}],"concepts":[{"id":"https://openalex.org/C40305131","wikidata":"https://www.wikidata.org/wiki/Q2616305","display_name":"Obfuscation","level":2,"score":0.9557949304580688},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7842564582824707},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.738811731338501},{"id":"https://openalex.org/C2779818221","wikidata":"https://www.wikidata.org/wiki/Q837330","display_name":"Bytecode","level":3,"score":0.5899606943130493},{"id":"https://openalex.org/C154504017","wikidata":"https://www.wikidata.org/wiki/Q853614","display_name":"Identifier","level":2,"score":0.5105398893356323},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.48000115156173706},{"id":"https://openalex.org/C207850805","wikidata":"https://www.wikidata.org/wiki/Q269608","display_name":"Reverse engineering","level":2,"score":0.4241354763507843},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.18853998184204102},{"id":"https://openalex.org/C548217200","wikidata":"https://www.wikidata.org/wiki/Q251","display_name":"Java","level":2,"score":0.1135118305683136},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.10459631681442261}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/3600160.3600194","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3600160.3600194","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3600160.3600194","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","raw_type":"proceedings-article"},{"id":"pmh:oai:figshare.com:article/25540660","is_oa":true,"landing_page_url":"https://figshare.com/articles/conference_contribution/Characterizing_the_Use_of_Code_Obfuscation_in_Malicious_and_Benign_Android_Apps/25540660","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Conference contribution"},{"id":"doi:10.60882/cispa.25540660.v1","is_oa":true,"landing_page_url":"https://doi.org/10.60882/cispa.25540660.v1","pdf_url":null,"source":{"id":"https://openalex.org/S7407050916","display_name":"CISPA Helmholtz Center","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"ConferenceProceeding"}],"best_oa_location":{"id":"doi:10.1145/3600160.3600194","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3600160.3600194","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3600160.3600194","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","raw_type":"proceedings-article"},"sustainable_development_goals":[{"score":0.4399999976158142,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4385692162.pdf","grobid_xml":"https://content.openalex.org/works/W4385692162.grobid-xml"},"referenced_works_count":28,"referenced_works":["https://openalex.org/W1975844474","https://openalex.org/W2089554624","https://openalex.org/W2167003418","https://openalex.org/W2186979752","https://openalex.org/W2296719434","https://openalex.org/W2401561631","https://openalex.org/W2407313496","https://openalex.org/W2470899015","https://openalex.org/W2509162308","https://openalex.org/W2734558754","https://openalex.org/W2749008552","https://openalex.org/W2751855490","https://openalex.org/W2794718534","https://openalex.org/W2885072546","https://openalex.org/W2887787078","https://openalex.org/W2888698761","https://openalex.org/W2899212246","https://openalex.org/W2962830343","https://openalex.org/W2966342255","https://openalex.org/W2987450466","https://openalex.org/W2997591727","https://openalex.org/W2997915791","https://openalex.org/W3005977564","https://openalex.org/W3027862040","https://openalex.org/W3105926539","https://openalex.org/W3161919463","https://openalex.org/W3206604724","https://openalex.org/W4292928965"],"related_works":["https://openalex.org/W4321062042","https://openalex.org/W1588238984","https://openalex.org/W2160018797","https://openalex.org/W2913519194","https://openalex.org/W2961710371","https://openalex.org/W4200123977","https://openalex.org/W2241366172","https://openalex.org/W2306533882","https://openalex.org/W2110077896","https://openalex.org/W2352677877"],"abstract_inverted_index":{"Obfuscation":[0],"is":[1,106,125,152],"frequently":[2],"used":[3],"by":[4,93],"both":[5],"benign":[6],"and":[7,27,61,73],"malicious":[8],"Android":[9,85,122],"apps.":[10],"Since":[11],"static":[12],"analysis":[13],"of":[14,25,31,102,121,144],"obfuscated":[15],"apps":[16,36],"often":[17],"produces":[18],"incomplete":[19],"or":[20],"misleading":[21],"results,":[22],"the":[23,29,119,139,142,149],"problems":[24],"identifying":[26],"quantifying":[28],"use":[30],"specific":[32],"obfuscation":[33,55,68,87,124,150],"techniques":[34],"in":[35,107],"has":[37],"received":[38,77],"significant":[39,89],"attention.":[40,79],"Even":[41],"though":[42],"several":[43],"existing":[44,81],"works":[45],"have":[46,76,88,129],"addressed":[47],"these":[48],"problems,":[49],"most":[50],"studies":[51],"focus":[52],"on":[53,116],"data":[54],"methods":[56,146],"such":[57,70],"as":[58,71,91,100],"identifier":[59],"renaming":[60],"string":[62],"obfuscation,":[63,75],"while":[64],"more":[65],"advanced":[66],"code":[67,86,123],"methods,":[69],"reflection":[72],"control-flow":[74],"less":[78],"Moreover,":[80],"approaches":[82],"to":[83,110,154],"detecting":[84],"limitations,":[90],"shown":[92],"a":[94,111],"detailed":[95],"survey":[96],"that":[97,148],"we":[98],"present":[99],"part":[101,108],"this":[103],"paper.":[104],"This":[105],"due":[109],"fundamental":[112],"\u201cbootstrapping\u201d":[113],"problem:":[114],"since,":[115],"one":[117],"hand,":[118,141],"landscape":[120,151],"poorly":[126],"known,":[127],"researchers":[128],"very":[130],"little":[131],"guidance":[132],"when":[133],"designing":[134],"new":[135],"detection":[136,145],"methods.":[137],"On":[138],"other":[140],"lack":[143],"mean":[147],"bound":[153],"remain":[155],"largely":[156],"unexplored.":[157]},"counts_by_year":[{"year":2026,"cited_by_count":5},{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":1}],"updated_date":"2026-07-15T18:14:33.161393","created_date":"2025-10-10T00:00:00"}
