* [8.1.1 The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86)](8.1.1_return-into-libc_without_function_calls.md)
* [8.1.2 Return-Oriented Programming without Returns](8.1.2_rop_without_returns.md)
* [8.2.1 All You Ever Wanted to Know About Dynamic Taint Analysis and Forward Symbolic Execution (but might have been afraid to ask)](8.2.1_dynamic_taint_analysis.md)
* [8.2.2 Symbolic Execution for Software Testing: Three Decades Later](8.2.2_symbolic_execution_for_software_testing.md)
* [8.4 EMULATOR vs REAL PHONE: Android Malware Detection Using Machine Learning](8.4_emulator_vs_real_phone.md)
* [8.5 DynaLog: An automated dynamic analysis framework for characterizing Android applications](8.5_dynalog_an_automated_dynamic_analysis_framework.md)
* [8.6 A Static Android Malware Detection Based on Actual Used Permissions Combination and API Calls](8.6_malware_detection_based_on_actual_used_permissions.md)
* [8.7 MaMaDroid: Detecting Android malware by building Markov chains of behavioral models](8.7_detecting_malware_by_building_markov_chains.md)
* [8.8 DroidNative: Semantic-Based Detection of Android Native Code Malware](8.8_droidnative_semantic-based_detection_of_android_native_code_malware.md)
* [8.9 DroidAnalytics: A Signature Based Analytic System to Collect, Extract, Analyze and Associate Android Malware](8.9_droidanalytics_signature_based_analytic_system.md)