{"id":"https://openalex.org/W7131061823","doi":"https://doi.org/10.48550/arxiv.2602.18082","title":"AndroWasm: an Empirical Study on Android Malware Obfuscation through WebAssembly","display_name":"AndroWasm: an Empirical Study on Android Malware Obfuscation through WebAssembly","publication_year":2026,"publication_date":"2026-02-20","ids":{"openalex":"https://openalex.org/W7131061823","doi":"https://doi.org/10.48550/arxiv.2602.18082"},"language":"en","primary_location":{"id":"pmh:doi:10.48550/arxiv.2602.18082","is_oa":true,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4406922384","display_name":"Open MIND","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":null,"any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5093633462","display_name":"Diego Soi","orcid":"https://orcid.org/0009-0009-0092-9067"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Soi, Diego","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5113242517","display_name":"Silvia Lucia Sanna","orcid":"https://orcid.org/0009-0002-8269-9777"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Sanna, Silvia Lucia","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5104421737","display_name":"Lorenzo Pisu","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Pisu, Lorenzo","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064107592","display_name":"Leonardo Regano","orcid":"https://orcid.org/0000-0002-9259-5157"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Regano, Leonardo","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"last","author":{"id":null,"display_name":"Giacinto, Giorgio","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Giacinto, Giorgio","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5093633462"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9787999987602234,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9787999987602234,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.011099999770522118,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.004000000189989805,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/obfuscation","display_name":"Obfuscation","score":0.853600025177002},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8059999942779541},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.7135000228881836},{"id":"https://openalex.org/keywords/evasion","display_name":"Evasion (ethics)","score":0.6273000240325928},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.6241000294685364},{"id":"https://openalex.org/keywords/android-malware","display_name":"Android malware","score":0.5928000211715698},{"id":"https://openalex.org/keywords/cryptovirology","display_name":"Cryptovirology","score":0.5231999754905701},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.4975999891757965}],"concepts":[{"id":"https://openalex.org/C40305131","wikidata":"https://www.wikidata.org/wiki/Q2616305","display_name":"Obfuscation","level":2,"score":0.853600025177002},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8059999942779541},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7900000214576721},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.7135000228881836},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6338000297546387},{"id":"https://openalex.org/C2781251061","wikidata":"https://www.wikidata.org/wiki/Q5416089","display_name":"Evasion (ethics)","level":3,"score":0.6273000240325928},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.6241000294685364},{"id":"https://openalex.org/C2989133298","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android malware","level":3,"score":0.5928000211715698},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.5231999754905701},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.4975999891757965},{"id":"https://openalex.org/C120936955","wikidata":"https://www.wikidata.org/wiki/Q2155640","display_name":"Empirical research","level":2,"score":0.4875999987125397},{"id":"https://openalex.org/C10144332","wikidata":"https://www.wikidata.org/wiki/Q14645","display_name":"Rootkit","level":3,"score":0.3540000021457672},{"id":"https://openalex.org/C77714075","wikidata":"https://www.wikidata.org/wiki/Q5452017","display_name":"Firewall (physics)","level":5,"score":0.31470000743865967},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.30379998683929443},{"id":"https://openalex.org/C2780967490","wikidata":"https://www.wikidata.org/wiki/Q1291200","display_name":"Mobile malware","level":3,"score":0.2922999858856201},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.2897000014781952},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.28839999437332153},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.27649998664855957},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.2718999981880188},{"id":"https://openalex.org/C2983909278","wikidata":"https://www.wikidata.org/wiki/Q6368","display_name":"Web browser","level":3,"score":0.2711000144481659},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.2671999931335449}],"mesh":[],"locations_count":3,"locations":[{"id":"pmh:doi:10.48550/arxiv.2602.18082","is_oa":true,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4406922384","display_name":"Open MIND","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Article"},{"id":"pmh:oai:iris.unica.it:11584/479068","is_oa":true,"landing_page_url":"https://hdl.handle.net/11584/479068","pdf_url":null,"source":{"id":"https://openalex.org/S4377196293","display_name":"UNICA IRIS Institutional Research Information System (University of Cagliari)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I172446870","host_organization_name":"University of Cagliari","host_organization_lineage":["https://openalex.org/I172446870"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/conferencePaper"},{"id":"doi:10.48550/arxiv.2602.18082","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2602.18082","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:doi:10.48550/arxiv.2602.18082","is_oa":true,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4406922384","display_name":"Open MIND","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.7197291254997253}],"awards":[],"funders":[{"id":"https://openalex.org/F4320313987","display_name":"Universit\u00e0 degli Studi di Cagliari","ror":"https://ror.org/003109y17"},{"id":"https://openalex.org/F4320322510","display_name":"Sapienza Universit\u00e0 di Roma","ror":"https://ror.org/02be6w209"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"In":[0,41],"recent":[1],"years,":[2],"stealthy":[3],"Android":[4,91],"malware":[5],"has":[6],"increasingly":[7],"adopted":[8],"sophisticated":[9],"techniques":[10,30],"to":[11,31,37,69,94,106],"bypass":[12],"automatic":[13],"detection":[14,123],"mechanisms":[15,90],"and":[16,28,34,56,61,74,116,130],"harden":[17],"manual":[18],"analysis.":[19],"Adversaries":[20],"typically":[21,67],"rely":[22],"on":[23,88],"obfuscation,":[24],"anti-repacking,":[25],"steganography,":[26],"poisoning,":[27],"evasion":[29],"AI-based":[32],"tools,":[33,127],"in-memory":[35],"execution":[36,100],"conceal":[38],"malicious":[39,54,118],"functionality.":[40],"this":[42],"paper,":[43],"we":[44,83,103],"investigate":[45],"WebAssembly":[46],"(Wasm)":[47],"as":[48],"a":[49,108],"novel":[50],"technique":[51],"for":[52],"hiding":[53],"payloads":[55],"evading":[57],"traditional":[58],"static":[59],"analysis":[60,87],"signature-matching":[62],"mechanisms.":[63],"While":[64],"Wasm":[65,96],"is":[66],"employed":[68],"render":[70],"specific":[71],"gaming":[72],"activities":[73],"interact":[75],"with":[76],"the":[77,89],"native":[78],"components":[79],"in":[80,98,111],"web":[81],"browsers,":[82],"provide":[84,104],"an":[85,113],"in-depth":[86],"may":[92],"employ":[93],"include":[95],"modules":[97],"its":[99],"pipeline.":[101],"Additionally,":[102],"Proofs-of-Concept":[105],"demonstrate":[107],"threat":[109],"model":[110],"which":[112],"attacker":[114],"embeds":[115],"executes":[117],"routines,":[119],"effectively":[120],"bypassing":[121],"IoC":[122],"by":[124],"industrial":[125],"state-of-the-art":[126],"like":[128],"VirusTotal":[129],"MobSF.":[131]},"counts_by_year":[],"updated_date":"2026-04-27T08:22:11.395708","created_date":"2026-02-24T00:00:00"}