{rfName}
An

Indexed in

License and Use

Icono OpenAccess

Citations

402

Altmetrics

Analysis of institutional authors

Martin AAuthorLara-Cabrera RAuthorCamacho DCorresponding Author

Share

March 15, 2019
Publications
>
Article
Hybrid Gold

Android malware detection through hybrid features fusion and ensemble classifiers: The AndroPyTool framework and the OmniDroid dataset

Publicated to: Information Fusion. 52 128-142 - 2019-12-01 52(), DOI: 10.1016/j.inffus.2018.12.006

Authors:

Martin, Alejandro; Lara-Cabrera, Raul; Camacho, David
[+]

Affiliations

Univ Autonoma Madrid, Comp Sci Dept - Author
Univ Politecn Madrid, Dept Sistemas Informat - Author
Universidad Autónoma de Madrid - Author
Universidad Politécnica de Madrid - Author
See more

Abstract

© 2018 Elsevier B.V. Cybersecurity has become a major concern for society, mainly motivated by the increasing number of cyber attacks and the wide range of targeted objectives. Due to the popularity of smartphones and tablets, Android devices are considered an entry point in many attack vectors. Malware applications are among the most used tactics and tools to perpetrate a cyber attack, so it is critical to study new ways of detecting them. In these detection mechanisms, machine learning has been used to build classifiers that are effective in discerning if an application is malware or benignware. However, training such classifiers require big amounts of labelled data which, in this context, consist of categorised malware and benignware Android applications represented by a set of features able to describe their behaviour. For that purpose, in this paper we present OmniDroid, a large and comprehensive dataset of features extracted from 22,000 real malware and goodware samples, aiming to help anti-malware tools creators and researchers when improving, or developing, new mechanisms and tools for Android malware detection. Furthermore, the characteristics of the dataset make it suitable to be used as a benchmark dataset to test classification and clustering algorithms or new representation techniques, among others. The dataset has been released under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License and was built using AndroPyTool, our automated framework for dynamic and static analysis of Android applications. Finally, we test a set of ensemble classifiers over this dataset and propose a malware detection approach based on the fusion of static and dynamic features through the combination of ensemble classifiers. The experimental results show the feasibility and potential usability (for the machine learning, soft computing and cyber security communities) of our automated framework and the publicly available dataset.
[+]

Keywords

AndroidHybrid features fusionMalware analysisMalware dataset

Quality index

Bibliometric impact. Analysis of the contribution and dissemination channel

The work has been published in the journal Information Fusion due to its progression and the good impact it has achieved in recent years, according to the agency WoS (JCR), it has become a reference in its field. In the year of publication of the work, 2019, it was in position 1/108, thus managing to position itself as a Q1 (Primer Cuartil), in the category Computer Science, Theory & Methods. Notably, the journal is positioned above the 90th percentile.

From a relative perspective, and based on the normalized impact indicator calculated from World Citations provided by WoS (ESI, Clarivate), it yields a value for the citation normalization relative to the expected citation rate of: 3.93. This indicates that, compared to works in the same discipline and in the same year of publication, it ranks as a work cited above average. (source consulted: ESI Nov 13, 2025)

This information is reinforced by other indicators of the same type, which, although dynamic over time and dependent on the set of average global citations at the time of their calculation, consistently position the work at some point among the top 50% most cited in its field:

  • Weighted Average of Normalized Impact by the Scopus agency: 5.41 (source consulted: FECYT Mar 2025)

Specifically, and according to different indexing agencies, this work has accumulated citations as of 2026-04-24, the following number of citations:

  • WoS: 107
  • Scopus: 133
  • Google Scholar: 158
[+]

Impact and social visibility

From the perspective of influence or social adoption, and based on metrics associated with mentions and interactions provided by agencies specializing in calculating the so-called "Alternative or Social Metrics," we can highlight as of 2026-04-24:

  • The use of this contribution in bookmarks, code forks, additions to favorite lists for recurrent reading, as well as general views, indicates that someone is using the publication as a basis for their current work. This may be a notable indicator of future more formal and academic citations. This claim is supported by the result of the "Capture" indicator, which yields a total of: 191 (PlumX).

It is essential to present evidence supporting full alignment with institutional principles and guidelines on Open Science and the Conservation and Dissemination of Intellectual Heritage. A clear example of this is:

  • The work has been submitted to a journal whose editorial policy allows open Open Access publication.
  • Assignment of a Handle/URN as an identifier within the deposit in the Institutional Repository: https://oa.upm.es/86700/

As a result of the publication of the work in the institutional repository, statistical usage data has been obtained that reflects its impact. In terms of dissemination, we can state that, as of

  • Views: 125
  • Downloads: 91
[+]

Leadership analysis of institutional authors

There is a significant leadership presence as some of the institution’s authors appear as the first or last signer, detailed as follows: First Author (MARTIN GARCIA, ALEJANDRO) and Last Author (CAMACHO FERNANDEZ, DAVID).

the author responsible for correspondence tasks has been CAMACHO FERNANDEZ, DAVID.

[+]