{"id":"https://openalex.org/W3042454706","doi":"https://doi.org/10.34028/iajit/17/4a/4","title":"Enhanced Android Malware Detection and Family Classification, using Conversation-level Network Traffic Features","display_name":"Enhanced Android Malware Detection and Family Classification, using Conversation-level Network Traffic Features","publication_year":2020,"publication_date":"2020-07-19","ids":{"openalex":"https://openalex.org/W3042454706","doi":"https://doi.org/10.34028/iajit/17/4a/4","mag":"3042454706"},"language":"en","primary_location":{"id":"doi:10.34028/iajit/17/4a/4","is_oa":true,"landing_page_url":"https://doi.org/10.34028/iajit/17/4a/4","pdf_url":"https://doi.org/10.34028/iajit/17/4a/4","source":{"id":"https://openalex.org/S100666833","display_name":"The International Arab Journal of Information Technology","issn_l":"1683-3198","issn":["1683-3198","2309-4524"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4362726017","host_organization_name":"Zarqa University","host_organization_lineage":["https://openalex.org/P4362726017"],"host_organization_lineage_names":["Zarqa University"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The International Arab Journal of Information Technology","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://doi.org/10.34028/iajit/17/4a/4","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5052511879","display_name":"Mohammad Kamel A. Abuthawabeh","orcid":null},"institutions":[{"id":"https://openalex.org/I158749337","display_name":"Princess Sumaya University for Technology","ror":"https://ror.org/01jy46q10","country_code":"JO","type":"education","lineage":["https://openalex.org/I158749337"]}],"countries":["JO"],"is_corresponding":false,"raw_author_name":"Mohammad Abuthawabeh","raw_affiliation_strings":["King Hussein School of Computing Sciences, Princess Sumaya University for Technology, Jordan"],"affiliations":[{"raw_affiliation_string":"King Hussein School of Computing Sciences, Princess Sumaya University for Technology, Jordan","institution_ids":["https://openalex.org/I158749337"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5035330898","display_name":"Khaled Mahmoud","orcid":"https://orcid.org/0000-0003-4407-7491"},"institutions":[{"id":"https://openalex.org/I158749337","display_name":"Princess Sumaya University for Technology","ror":"https://ror.org/01jy46q10","country_code":"JO","type":"education","lineage":["https://openalex.org/I158749337"]}],"countries":["JO"],"is_corresponding":true,"raw_author_name":"Khaled Mahmoud","raw_affiliation_strings":["King Hussein School of Computing Sciences, Princess Sumaya University for Technology, Jordan"],"affiliations":[{"raw_affiliation_string":"King Hussein School of Computing Sciences, Princess Sumaya University for Technology, Jordan","institution_ids":["https://openalex.org/I158749337"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5035330898"],"corresponding_institution_ids":["https://openalex.org/I158749337"],"apc_list":null,"apc_paid":null,"fwci":3.4853,"has_fulltext":true,"cited_by_count":32,"citation_normalized_percentile":{"value":0.93508887,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":"17","issue":"4A","first_page":"607","last_page":"614"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9843000173568726,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12799","display_name":"Mobile and Web Applications","score":0.9807999730110168,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8892324566841125},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8357319235801697},{"id":"https://openalex.org/keywords/categorization","display_name":"Categorization","score":0.7128515839576721},{"id":"https://openalex.org/keywords/android-malware","display_name":"Android malware","score":0.5920266509056091},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.5851511359214783},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5683825612068176},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5270814299583435},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.4988424777984619},{"id":"https://openalex.org/keywords/mobile-malware","display_name":"Mobile malware","score":0.45303380489349365},{"id":"https://openalex.org/keywords/recall-rate","display_name":"Recall rate","score":0.4364205598831177},{"id":"https://openalex.org/keywords/precision-and-recall","display_name":"Precision and recall","score":0.41631942987442017},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.16086015105247498},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.0744364857673645}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8892324566841125},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8357319235801697},{"id":"https://openalex.org/C94124525","wikidata":"https://www.wikidata.org/wiki/Q912550","display_name":"Categorization","level":2,"score":0.7128515839576721},{"id":"https://openalex.org/C2989133298","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android malware","level":3,"score":0.5920266509056091},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.5851511359214783},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5683825612068176},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5270814299583435},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.4988424777984619},{"id":"https://openalex.org/C2780967490","wikidata":"https://www.wikidata.org/wiki/Q1291200","display_name":"Mobile malware","level":3,"score":0.45303380489349365},{"id":"https://openalex.org/C2987098735","wikidata":"https://www.wikidata.org/wiki/Q3808900","display_name":"Recall rate","level":2,"score":0.4364205598831177},{"id":"https://openalex.org/C81669768","wikidata":"https://www.wikidata.org/wiki/Q2359161","display_name":"Precision and recall","level":2,"score":0.41631942987442017},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.16086015105247498},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0744364857673645}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.34028/iajit/17/4a/4","is_oa":true,"landing_page_url":"https://doi.org/10.34028/iajit/17/4a/4","pdf_url":"https://doi.org/10.34028/iajit/17/4a/4","source":{"id":"https://openalex.org/S100666833","display_name":"The International Arab Journal of Information Technology","issn_l":"1683-3198","issn":["1683-3198","2309-4524"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4362726017","host_organization_name":"Zarqa University","host_organization_lineage":["https://openalex.org/P4362726017"],"host_organization_lineage_names":["Zarqa University"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The International Arab Journal of Information Technology","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.34028/iajit/17/4a/4","is_oa":true,"landing_page_url":"https://doi.org/10.34028/iajit/17/4a/4","pdf_url":"https://doi.org/10.34028/iajit/17/4a/4","source":{"id":"https://openalex.org/S100666833","display_name":"The International Arab Journal of Information Technology","issn_l":"1683-3198","issn":["1683-3198","2309-4524"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4362726017","host_organization_name":"Zarqa University","host_organization_lineage":["https://openalex.org/P4362726017"],"host_organization_lineage_names":["Zarqa University"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The International Arab Journal of Information Technology","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3042454706.pdf","grobid_xml":"https://content.openalex.org/works/W3042454706.grobid-xml"},"referenced_works_count":21,"referenced_works":["https://openalex.org/W613690151","https://openalex.org/W2054535568","https://openalex.org/W2074023167","https://openalex.org/W2122672392","https://openalex.org/W2125011234","https://openalex.org/W2167330065","https://openalex.org/W2187357304","https://openalex.org/W2293893852","https://openalex.org/W2295048651","https://openalex.org/W2343828539","https://openalex.org/W2569537748","https://openalex.org/W2584844506","https://openalex.org/W2783895426","https://openalex.org/W2897230315","https://openalex.org/W2906631928","https://openalex.org/W2961850650","https://openalex.org/W2981859286","https://openalex.org/W3005555687","https://openalex.org/W3031942810","https://openalex.org/W6687018335","https://openalex.org/W6697333042"],"related_works":["https://openalex.org/W2110889728","https://openalex.org/W4249118297","https://openalex.org/W4256462051","https://openalex.org/W2717179875","https://openalex.org/W2485784239","https://openalex.org/W3199551743","https://openalex.org/W3099263166","https://openalex.org/W4353031795","https://openalex.org/W2964088652","https://openalex.org/W4384301457"],"abstract_inverted_index":{"Signature-based":[0],"malware":[1,44,101,103,106,130,134,137,157],"detection":[2],"algorithms":[3],"are":[4,26],"facing":[5],"challenges":[6],"to":[7,38,59],"cope":[8],"with":[9,112],"the":[10,16,40,53,61,66,87,93,117,140,155],"massive":[11],"number":[12],"of":[13,42,152],"threats":[14],"in":[15,30,57,76,129],"Android":[17,43,156],"environment.":[18],"In":[19],"this":[20,77],"paper,":[21],"conversation-level":[22],"network":[23],"traffic":[24],"features":[25,64],"extracted":[27,67],"and":[28,47,99,105,133,146,161,165],"used":[29,37,75],"a":[31,126],"supervised-based":[32],"model.":[33],"This":[34,122],"model":[35,51],"was":[36,74,120,142,159],"enhance":[39],"process":[41],"detection,":[45,102],"categorization,":[46,104],"family":[48,107,131,138],"classification.":[49],"The":[50,79,150],"employs":[52],"ensemble":[54],"learning":[55],"technique":[56],"order":[58],"select":[60],"most":[62],"useful":[63],"among":[65,92],"features.":[68],"A":[69,110],"real-world":[70],"dataset":[71,119],"called":[72],"CICAndMal2017":[73],"paper.":[78],"results":[80],"show":[81],"that":[82,115],"Extra-trees":[83],"classifier":[84],"had":[85],"achieved":[86,125],"highest":[88],"weighted":[89],"accuracy":[90],"percentage":[91],"other":[94],"classifiers":[95],"by":[96],"87.75%,":[97],"79.97%,":[98],"66.71%for":[100],"classification":[108,132],"respectively.":[109],"comparison":[111],"another":[113],"study":[114,123],"uses":[116],"same":[118],"made.":[121],"has":[124],"significant":[127],"enhancement":[128,141,153],"categorization.":[135],"For":[136],"classification,":[139],"39.71%":[143],"for":[144,148,154,163],"precision":[145,164],"41.09%":[147],"recall.":[149],"rate":[151],"categorization":[158],"30.2%":[160],"31.14\u202c%":[162],"recall,":[166],"respectively":[167]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":7},{"year":2022,"cited_by_count":10},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}