{"id":"https://openalex.org/W4415928722","doi":"https://doi.org/10.3390/computers14110482","title":"Feature-Centric Approaches to Android Malware Analysis: A Survey","display_name":"Feature-Centric Approaches to Android Malware Analysis: A Survey","publication_year":2025,"publication_date":"2025-11-05","ids":{"openalex":"https://openalex.org/W4415928722","doi":"https://doi.org/10.3390/computers14110482"},"language":"en","primary_location":{"id":"doi:10.3390/computers14110482","is_oa":true,"landing_page_url":"https://doi.org/10.3390/computers14110482","pdf_url":"https://www.mdpi.com/2073-431X/14/11/482/pdf","source":{"id":"https://openalex.org/S4210228075","display_name":"Computers","issn_l":"2073-431X","issn":["2073-431X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computers","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/2073-431X/14/11/482/pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5119959916","display_name":"Shama Maganur","orcid":null},"institutions":[{"id":"https://openalex.org/I23732399","display_name":"Montana State University","ror":"https://ror.org/02w0trx84","country_code":"US","type":"education","lineage":["https://openalex.org/I23732399","https://openalex.org/I4210126032"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Shama Maganur","raw_affiliation_strings":["Gianforte School of Computing, Montana State University, Bozeman, MT 59717, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Gianforte School of Computing, Montana State University, Bozeman, MT 59717, USA","institution_ids":["https://openalex.org/I23732399"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5049385418","display_name":"Yili Jiang","orcid":"https://orcid.org/0000-0003-0340-1152"},"institutions":[{"id":"https://openalex.org/I181565077","display_name":"Georgia State University","ror":"https://ror.org/03qt6ba18","country_code":"US","type":"education","lineage":["https://openalex.org/I181565077"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yili Jiang","raw_affiliation_strings":["Department of Computer Science, Georgia State University, Atlanta, GA 30303, USA"],"raw_orcid":"https://orcid.org/0000-0003-0340-1152","affiliations":[{"raw_affiliation_string":"Department of Computer Science, Georgia State University, Atlanta, GA 30303, USA","institution_ids":["https://openalex.org/I181565077"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052507995","display_name":"Jiaqi Huang","orcid":"https://orcid.org/0000-0002-9794-2103"},"institutions":[{"id":"https://openalex.org/I28324025","display_name":"University of Central Missouri","ror":"https://ror.org/02c63wv67","country_code":"US","type":"education","lineage":["https://openalex.org/I28324025"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jiaqi Huang","raw_affiliation_strings":["Department of Computer Science and Cybersecurity, University of Central Missouri, Warrensburg, MO 64093, USA"],"raw_orcid":"https://orcid.org/0000-0002-9794-2103","affiliations":[{"raw_affiliation_string":"Department of Computer Science and Cybersecurity, University of Central Missouri, Warrensburg, MO 64093, USA","institution_ids":["https://openalex.org/I28324025"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5000182057","display_name":"Fangtian Zhong","orcid":"https://orcid.org/0000-0002-1125-7472"},"institutions":[{"id":"https://openalex.org/I23732399","display_name":"Montana State University","ror":"https://ror.org/02w0trx84","country_code":"US","type":"education","lineage":["https://openalex.org/I23732399","https://openalex.org/I4210126032"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Fangtian Zhong","raw_affiliation_strings":["Gianforte School of Computing, Montana State University, Bozeman, MT 59717, USA"],"raw_orcid":"https://orcid.org/0000-0002-1125-7472","affiliations":[{"raw_affiliation_string":"Gianforte School of Computing, Montana State University, Bozeman, MT 59717, USA","institution_ids":["https://openalex.org/I23732399"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5119959916"],"corresponding_institution_ids":["https://openalex.org/I23732399"],"apc_list":{"value":1600,"currency":"CHF","value_usd":1732},"apc_paid":{"value":1600,"currency":"CHF","value_usd":1732},"fwci":4.9247,"has_fulltext":true,"cited_by_count":4,"citation_normalized_percentile":{"value":0.9563087,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":95,"max":99},"biblio":{"volume":"14","issue":"11","first_page":"482","last_page":"482"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.000699999975040555,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.00019999999494757503,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.7540000081062317},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.7181000113487244},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.6922000050544739},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.5960999727249146},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.5174000263214111},{"id":"https://openalex.org/keywords/openness-to-experience","display_name":"Openness to experience","score":0.39399999380111694},{"id":"https://openalex.org/keywords/android-malware","display_name":"Android malware","score":0.37860000133514404}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.7540000081062317},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.7181000113487244},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7170000076293945},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.6922000050544739},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.5960999727249146},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.5174000263214111},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4733999967575073},{"id":"https://openalex.org/C84976871","wikidata":"https://www.wikidata.org/wiki/Q2015673","display_name":"Openness to experience","level":2,"score":0.39399999380111694},{"id":"https://openalex.org/C2989133298","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android malware","level":3,"score":0.37860000133514404},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.36800000071525574},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.3610999882221222},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.33570000529289246},{"id":"https://openalex.org/C3017891749","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android application","level":3,"score":0.3328000009059906},{"id":"https://openalex.org/C184356942","wikidata":"https://www.wikidata.org/wiki/Q830382","display_name":"Best practice","level":2,"score":0.31470000743865967},{"id":"https://openalex.org/C137287247","wikidata":"https://www.wikidata.org/wiki/Q1329550","display_name":"Static program analysis","level":4,"score":0.30970001220703125},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.2890999913215637},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.28839999437332153},{"id":"https://openalex.org/C183003079","wikidata":"https://www.wikidata.org/wiki/Q1000371","display_name":"Personalization","level":2,"score":0.2612000107765198},{"id":"https://openalex.org/C2778464652","wikidata":"https://www.wikidata.org/wiki/Q309849","display_name":"Open research","level":2,"score":0.25940001010894775}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.3390/computers14110482","is_oa":true,"landing_page_url":"https://doi.org/10.3390/computers14110482","pdf_url":"https://www.mdpi.com/2073-431X/14/11/482/pdf","source":{"id":"https://openalex.org/S4210228075","display_name":"Computers","issn_l":"2073-431X","issn":["2073-431X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computers","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:12f9534f7c97452982e0cd4c12798ef7","is_oa":true,"landing_page_url":"https://doaj.org/article/12f9534f7c97452982e0cd4c12798ef7","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Computers, Vol 14, Iss 11, p 482 (2025)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.3390/computers14110482","is_oa":true,"landing_page_url":"https://doi.org/10.3390/computers14110482","pdf_url":"https://www.mdpi.com/2073-431X/14/11/482/pdf","source":{"id":"https://openalex.org/S4210228075","display_name":"Computers","issn_l":"2073-431X","issn":["2073-431X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computers","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4415928722.pdf","grobid_xml":"https://content.openalex.org/works/W4415928722.grobid-xml"},"referenced_works_count":71,"referenced_works":["https://openalex.org/W2009489720","https://openalex.org/W2026973889","https://openalex.org/W2060692877","https://openalex.org/W2089735638","https://openalex.org/W2092942461","https://openalex.org/W2122672392","https://openalex.org/W2487124337","https://openalex.org/W2489796857","https://openalex.org/W2520113424","https://openalex.org/W2536311873","https://openalex.org/W2563273224","https://openalex.org/W2566681038","https://openalex.org/W2569537748","https://openalex.org/W2612123163","https://openalex.org/W2626320814","https://openalex.org/W2727469818","https://openalex.org/W2769315083","https://openalex.org/W2770148866","https://openalex.org/W2774253509","https://openalex.org/W2783168065","https://openalex.org/W2792310543","https://openalex.org/W2802756541","https://openalex.org/W2885582087","https://openalex.org/W2890494234","https://openalex.org/W2919855186","https://openalex.org/W2921215705","https://openalex.org/W2964008753","https://openalex.org/W2965857891","https://openalex.org/W2972659368","https://openalex.org/W2979214350","https://openalex.org/W2984482968","https://openalex.org/W2986820410","https://openalex.org/W2990121995","https://openalex.org/W2991307539","https://openalex.org/W3035775076","https://openalex.org/W3084792990","https://openalex.org/W3088420242","https://openalex.org/W3112311055","https://openalex.org/W3117368983","https://openalex.org/W3135784815","https://openalex.org/W3139293719","https://openalex.org/W3152624640","https://openalex.org/W3196664724","https://openalex.org/W3216267479","https://openalex.org/W3216588331","https://openalex.org/W4213054807","https://openalex.org/W4213126747","https://openalex.org/W4283212140","https://openalex.org/W4285258565","https://openalex.org/W4285293538","https://openalex.org/W4292825796","https://openalex.org/W4312330404","https://openalex.org/W4312724275","https://openalex.org/W4318384306","https://openalex.org/W4361733520","https://openalex.org/W4367603304","https://openalex.org/W4380634879","https://openalex.org/W4386568539","https://openalex.org/W4386859037","https://openalex.org/W4387063777","https://openalex.org/W4387587680","https://openalex.org/W4388425984","https://openalex.org/W4388829754","https://openalex.org/W4390394197","https://openalex.org/W4392114371","https://openalex.org/W4394688406","https://openalex.org/W4399120234","https://openalex.org/W4400120404","https://openalex.org/W4400192394","https://openalex.org/W4404179053","https://openalex.org/W4412876938"],"related_works":[],"abstract_inverted_index":{"Sophisticated":[0],"malware":[1,34,137],"families":[2],"exploit":[3],"the":[4,7,20,78],"openness":[5],"of":[6,22,80,114],"Android":[8,33,136],"platform":[9],"to":[10,32,74,92,128],"enable":[11],"large-scale":[12],"disruption,":[13],"data":[14],"exfiltration,":[15],"and":[16,51,105,121,132],"denial-of-service":[17],"attacks,":[18],"including":[19],"infiltration":[21],"IoT":[23],"infrastructures.":[24],"This":[25,108],"systematic":[26],"literature":[27],"review":[28],"examines":[29],"cutting-edge":[30],"approaches":[31,90],"analysis,":[35],"with":[36,95],"implications":[37],"for":[38,86,125],"securing":[39],"resource-constrained":[40],"environments.":[41],"We":[42],"analyze":[43],"feature":[44],"extraction":[45],"techniques":[46],"across":[47],"static,":[48],"dynamic,":[49],"hybrid,":[50],"graph-based":[52,99],"methods,":[53],"highlighting":[54],"their":[55],"respective":[56],"trade-offs.":[57],"Static":[58],"analysis":[59,70],"offers":[60],"efficiency":[61],"but":[62],"is":[63],"easily":[64],"circumvented":[65],"through":[66],"obfuscation,":[67],"whereas":[68],"dynamic":[69],"provides":[71,110],"stronger":[72],"resistance":[73],"evasive":[75],"behaviors":[76],"at":[77],"cost":[79],"higher":[81],"computational":[82],"overhead,":[83],"often":[84],"unsuitable":[85],"lightweight":[87],"devices.":[88],"Hybrid":[89],"aim":[91],"balance":[93],"accuracy":[94],"resource":[96],"efficiency,":[97],"while":[98],"methods":[100],"deliver":[101],"enhanced":[102],"semantic":[103],"modeling":[104],"adversarial":[106],"robustness.":[107],"survey":[109],"a":[111,123],"structured":[112],"comparison":[113],"existing":[115],"techniques,":[116],"identifies":[117],"open":[118],"research":[119],"gaps,":[120],"outlines":[122],"roadmap":[124],"future":[126],"work":[127],"improve":[129],"scalability,":[130],"adaptability,":[131],"long-term":[133],"resilience":[134],"in":[135],"detection.":[138]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":2}],"updated_date":"2026-05-06T08:25:59.206177","created_date":"2025-11-05T00:00:00"}