[1] Zhou Y, Jiang X. Dissecting Android malware:Characterization and evolution. In Proc. the 2012 IEEE Symposium on Security and Privacy, May 2012, pp.95-109.[2] Zhou W, Zhou Y, Jiang X et al. Detecting repackaged smartphone applications in third-party Android marketplaces. In Proc. the 2nd CODASPY, Feb. 2012, pp.317-326.[3] Crussell J, Gibler C, Chen H. Attack of the clones:Detecting cloned applications on Android markets. In Lecture Notes in Computer Science 7459, Foresti S, Yung M, Martinelli F (eds.), Springer, 2012, pp.37-54.[4] Bruschi D, Martignoni L, Monga M. Using code normalization for fighting self-mutating malware. In Proc. Int. Symp. Secure Software Engineering, Mar. 2006.[5] Walenstein A, Lakhotia A. The software similarity problem in malware analysis. In Proc. Dagstuhl Seminar 06301:Duplication, Redundancy, and Similarity in Software, July 2006.[6] Roy C, Cordy J, Koschke R. Comparison and evaluation of code clone detection techniques and tools:A qualitative approach. Science of Computer Programming, 2009, 74(7):470-495.[7] Cordy J R, Roy C K. The NiCad clone detector. In Proc. the 19th ICPC, June 2011, pp.219-220.[8] Griffin K, Schneider S, Hu X et al. Automatic generation of string signatures for malware detection. In Proc. the 12th RAID, Sept. 2009, pp.101-120.[9] Christodorescu M, Jha S, Seshia S A et al. Semantics-aware malware detection. In Proc. the 2005 IEEE Symposium on Security and Privacy, May 2005, pp.32-46.[10] Hanna S, Huang L, Wu E et al. JuxtApp:A scalable system for detecting code reuse among Android applications. In Lecture Notes in Computer Science 7591, Flegel U, Markatos E, Robertson W (eds.), Springer Berlin Heidelberg, 2013, pp.62-81.[11] Enck W, Gilbert P, Chun B et al. TaintDroid:An information-flow tracking system for realtime privacy monitoring on smartphones. In Proc. the 9th USENIX Conf. Operating Systems Design and Implementation, Oct. 2010, pp.1-6.[12] Arzt S, Rasthofer S, Fritz C et al. FlowDroid:Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. ACM SIGPLAN Notice, 2014, 49(6):259-269.[13] Burguera I, Zurutuza U, Nadjm-Tehrani S. Crowdroid:Behavior-based malware detection system for Android. In Proc. the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, Oct. 2011, pp.15-26.[14] Christodorescu M, Jha S. Static analysis of executables to detect malicious patterns. In Proc. the 12th Conference on USENIX Security Symposium, Volume 12, Aug. 2003.[15] Wu D,Mao C,Wei T et al. DroidMat:AnDroid malware detection through manifest and API calls tracing. In Proc. the 7th Asia Joint Conference on Information Security (Asia JCIS), Aug. 2012, pp.62-69.[16] Crussell J, Gibler C, Chen H. AnDarwin:Scalable detection of semantically similar Android applications. In Lecture Notes in Computer Science 8134, Crampton J, Jajodia S, Mayes K (eds.), Springer Berlin Heidelberg, 2013, pp.182-199.[17] Andoni A, Indyk P. Near-optimal hashing algorithms for approximate nearest neighbor in high dimensions. In Proc. the 47th Symp. Foundations of Computer Science, Oct. 2006, pp.459-468.[18] Chen K Z, Johnson N M, D'Silva V et al. Contextual policy enforcement in Android applications with permission event graphs. In Proc. the 20th NDSS, Feb. 2013.[19] Feng Y, Anand S, Dillig I et al. Apposcopy:Semanticsbased detection of Android malware through static analysis. In Proc. the 22nd ACM SIGSOFT Int. Symp. Foundations of Soft. Eng., Nov. 2014, pp.576-587.[20] Baxter I D, Yahin A, Moura L et al. Clone detection using abstract syntax trees. In Proc. International Conference on Software Maintenance, Nov. 1998, pp.368-377.[21] Cordy J. The TXL source transformation language. Sci. Comput. Program., 2006, 61(3):190-210.[22] van Rijsbergen C J. Information Retrieval (2nd edition). Butterworth-Heinemann, Newton, MA, USA, 1979.[23] Karademir S, Dean T, Leblanc S. Using clone detection to find malware in Acrobat files. In Proc. Conf. the Center for Advanced Studies on Collaborative Research, Nov. 2013, pp.70-80.[24] Farhadi M R. Assembly code clone detection for malware binaries[M.A. Thesis]. Concordia University, April 2013. http://spectrum.libray.concorida.ca/977131,Nov. 2013.[25] Farhadi M R, Fung B C M, Charland P et al. BinClone:Detecting code clones in malware. In Proc. the 8th Int. Conf. Software Security and Reliability, June 30-July 2, 2014, pp.78-87.[26] Yin R K. Case Study Research:Design and Methods. Sage Publications, 2014.[27] Vallee-Rai R, Hendren L J. Jimple:Simplifying Java bytecode for analyses and transformations. Sable Technical Report 1998-4. Sable Research Group, McGill University, 1998.[28] Gruver B. Smali:An assembler/disassembler for Android's dex format@ONLINE. http://code:google:com/p/smali/, July 2015.[29] Bartel A, Klein J, Traon Y L, Monperrus M et al. Dexpler:Converting Android Dalvik bytecode to Jimple for static analysis with Soot. In Proc. ACM SIGPLAN International Workshop on the State of the Art in Java Program Analysis, June 2012, pp.27-38.[30] Gilbert D. Malware posing as official Google Play app found in....official Google Play Store. http://www.ibtimes.co.uk/malware-posing-official-google-play-app-found-official-google-play-store-1453409, July 2015. |