{"id":"https://openalex.org/W7124463454","doi":"https://doi.org/10.31449/inf.v49i37.10728","title":"Static Malware Detection through Ensemble Feature Selection and Supervised Classification","display_name":"Static Malware Detection through Ensemble Feature Selection and Supervised Classification","publication_year":2025,"publication_date":"2025-12-25","ids":{"openalex":"https://openalex.org/W7124463454","doi":"https://doi.org/10.31449/inf.v49i37.10728"},"language":null,"primary_location":{"id":"doi:10.31449/inf.v49i37.10728","is_oa":true,"landing_page_url":"https://doi.org/10.31449/inf.v49i37.10728","pdf_url":"https://www.informatica.si/index.php/informatica/article/download/10728/6393","source":{"id":"https://openalex.org/S4210173311","display_name":"Informatica","issn_l":"0350-5596","issn":["0350-5596","1854-3871"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310314525","host_organization_name":"Slovenian Society Informatika","host_organization_lineage":["https://openalex.org/P4310314525"],"host_organization_lineage_names":["Slovenian Society Informatika"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Informatica","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://www.informatica.si/index.php/informatica/article/download/10728/6393","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5123242947","display_name":"Isai Moreno-Lara","orcid":null},"institutions":[{"id":"https://openalex.org/I196664497","display_name":"Autonomous University of San Luis Potos\u00ed","ror":"https://ror.org/000917t60","country_code":"MX","type":"education","lineage":["https://openalex.org/I196664497"]}],"countries":["MX"],"is_corresponding":true,"raw_author_name":"Isai Moreno-Lara","raw_affiliation_strings":["Facultad de Ingenier\u00eda, Universidad Aut\u00f3noma de San Luis Potos\u00ed"],"affiliations":[{"raw_affiliation_string":"Facultad de Ingenier\u00eda, Universidad Aut\u00f3noma de San Luis Potos\u00ed","institution_ids":["https://openalex.org/I196664497"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052296253","display_name":"Alejandra Guadalupe Silva Trujillo","orcid":"https://orcid.org/0000-0002-2419-8379"},"institutions":[{"id":"https://openalex.org/I196664497","display_name":"Autonomous University of San Luis Potos\u00ed","ror":"https://ror.org/000917t60","country_code":"MX","type":"education","lineage":["https://openalex.org/I196664497"]}],"countries":["MX"],"is_corresponding":false,"raw_author_name":"Alejandra Silva-Trujillo","raw_affiliation_strings":["Facultad de Ingenier\u00eda, Universidad Aut\u00f3noma de San Luis Potos\u00ed"],"affiliations":[{"raw_affiliation_string":"Facultad de Ingenier\u00eda, Universidad Aut\u00f3noma de San Luis Potos\u00ed","institution_ids":["https://openalex.org/I196664497"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053767366","display_name":"Juan C. Cuevas\u2010Tello","orcid":"https://orcid.org/0000-0002-7566-0412"},"institutions":[{"id":"https://openalex.org/I196664497","display_name":"Autonomous University of San Luis Potos\u00ed","ror":"https://ror.org/000917t60","country_code":"MX","type":"education","lineage":["https://openalex.org/I196664497"]}],"countries":["MX"],"is_corresponding":false,"raw_author_name":"Juan C. Cuevas-Tello","raw_affiliation_strings":["Facultad de Ingenier\u00eda, Universidad Aut\u00f3noma de San Luis Potos\u00ed"],"affiliations":[{"raw_affiliation_string":"Facultad de Ingenier\u00eda, Universidad Aut\u00f3noma de San Luis Potos\u00ed","institution_ids":["https://openalex.org/I196664497"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5054386513","display_name":"Jose Nunez-Varela","orcid":"https://orcid.org/0000-0002-9633-3453"},"institutions":[{"id":"https://openalex.org/I196664497","display_name":"Autonomous University of San Luis Potos\u00ed","ror":"https://ror.org/000917t60","country_code":"MX","type":"education","lineage":["https://openalex.org/I196664497"]}],"countries":["MX"],"is_corresponding":false,"raw_author_name":"Jose Nunez-Varela","raw_affiliation_strings":["Facultad de Ingenier\u00eda, Universidad Aut\u00f3noma de San Luis Potos\u00ed"],"affiliations":[{"raw_affiliation_string":"Facultad de Ingenier\u00eda, Universidad Aut\u00f3noma de San Luis Potos\u00ed","institution_ids":["https://openalex.org/I196664497"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5123242947"],"corresponding_institution_ids":["https://openalex.org/I196664497"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.70438413,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"49","issue":"37","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9836000204086304,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9836000204086304,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.0027000000700354576,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.002199999988079071,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/random-forest","display_name":"Random forest","score":0.7653999924659729},{"id":"https://openalex.org/keywords/feature-selection","display_name":"Feature selection","score":0.7465000152587891},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.7014999985694885},{"id":"https://openalex.org/keywords/undersampling","display_name":"Undersampling","score":0.6026999950408936},{"id":"https://openalex.org/keywords/interpretability","display_name":"Interpretability","score":0.590499997138977},{"id":"https://openalex.org/keywords/support-vector-machine","display_name":"Support vector machine","score":0.5508000254631042},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.45210000872612},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.4284000098705292},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.4244000017642975},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.387800008058548}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8062999844551086},{"id":"https://openalex.org/C169258074","wikidata":"https://www.wikidata.org/wiki/Q245748","display_name":"Random forest","level":2,"score":0.7653999924659729},{"id":"https://openalex.org/C148483581","wikidata":"https://www.wikidata.org/wiki/Q446488","display_name":"Feature selection","level":2,"score":0.7465000152587891},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.7014999985694885},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6367999911308289},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6351000070571899},{"id":"https://openalex.org/C136536468","wikidata":"https://www.wikidata.org/wiki/Q1225894","display_name":"Undersampling","level":2,"score":0.6026999950408936},{"id":"https://openalex.org/C2781067378","wikidata":"https://www.wikidata.org/wiki/Q17027399","display_name":"Interpretability","level":2,"score":0.590499997138977},{"id":"https://openalex.org/C12267149","wikidata":"https://www.wikidata.org/wiki/Q282453","display_name":"Support vector machine","level":2,"score":0.5508000254631042},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.5250999927520752},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.45210000872612},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.4284000098705292},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.4244000017642975},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.387800008058548},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.3864000141620636},{"id":"https://openalex.org/C152124472","wikidata":"https://www.wikidata.org/wiki/Q1204361","display_name":"Redundancy (engineering)","level":2,"score":0.3630000054836273},{"id":"https://openalex.org/C2776482837","wikidata":"https://www.wikidata.org/wiki/Q3553958","display_name":"Multi-label classification","level":2,"score":0.3528999984264374},{"id":"https://openalex.org/C45942800","wikidata":"https://www.wikidata.org/wiki/Q245652","display_name":"Ensemble learning","level":2,"score":0.34880000352859497},{"id":"https://openalex.org/C52622490","wikidata":"https://www.wikidata.org/wiki/Q1026626","display_name":"Feature extraction","level":2,"score":0.34880000352859497},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.34139999747276306},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.3375999927520752},{"id":"https://openalex.org/C136389625","wikidata":"https://www.wikidata.org/wiki/Q334384","display_name":"Supervised learning","level":3,"score":0.33059999346733093},{"id":"https://openalex.org/C110083411","wikidata":"https://www.wikidata.org/wiki/Q1744628","display_name":"Statistical classification","level":2,"score":0.3255000114440918},{"id":"https://openalex.org/C120567893","wikidata":"https://www.wikidata.org/wiki/Q1582085","display_name":"Knowledge extraction","level":2,"score":0.3215999901294708},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.31769999861717224},{"id":"https://openalex.org/C81917197","wikidata":"https://www.wikidata.org/wiki/Q628760","display_name":"Selection (genetic algorithm)","level":2,"score":0.3084999918937683},{"id":"https://openalex.org/C84525736","wikidata":"https://www.wikidata.org/wiki/Q831366","display_name":"Decision tree","level":2,"score":0.29429998993873596},{"id":"https://openalex.org/C10272871","wikidata":"https://www.wikidata.org/wiki/Q929972","display_name":"Software inspection","level":5,"score":0.2935999929904938},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.28529998660087585},{"id":"https://openalex.org/C149810388","wikidata":"https://www.wikidata.org/wiki/Q5374873","display_name":"Emulation","level":2,"score":0.2741999924182892},{"id":"https://openalex.org/C110332635","wikidata":"https://www.wikidata.org/wiki/Q629498","display_name":"Genetic programming","level":2,"score":0.2711000144481659},{"id":"https://openalex.org/C101738243","wikidata":"https://www.wikidata.org/wiki/Q786435","display_name":"Autoencoder","level":3,"score":0.2671999931335449},{"id":"https://openalex.org/C83665646","wikidata":"https://www.wikidata.org/wiki/Q42139305","display_name":"Feature vector","level":2,"score":0.2669000029563904}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.31449/inf.v49i37.10728","is_oa":true,"landing_page_url":"https://doi.org/10.31449/inf.v49i37.10728","pdf_url":"https://www.informatica.si/index.php/informatica/article/download/10728/6393","source":{"id":"https://openalex.org/S4210173311","display_name":"Informatica","issn_l":"0350-5596","issn":["0350-5596","1854-3871"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310314525","host_organization_name":"Slovenian Society Informatika","host_organization_lineage":["https://openalex.org/P4310314525"],"host_organization_lineage_names":["Slovenian Society Informatika"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Informatica","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.31449/inf.v49i37.10728","is_oa":true,"landing_page_url":"https://doi.org/10.31449/inf.v49i37.10728","pdf_url":"https://www.informatica.si/index.php/informatica/article/download/10728/6393","source":{"id":"https://openalex.org/S4210173311","display_name":"Informatica","issn_l":"0350-5596","issn":["0350-5596","1854-3871"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310314525","host_organization_name":"Slovenian Society Informatika","host_organization_lineage":["https://openalex.org/P4310314525"],"host_organization_lineage_names":["Slovenian Society Informatika"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Informatica","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Life in Land","id":"https://metadata.un.org/sdg/15","score":0.5789674520492554}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W7124463454.pdf","grobid_xml":"https://content.openalex.org/works/W7124463454.grobid-xml"},"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"In":[0],"a":[1,21,110],"digital":[2],"landscape":[3],"where":[4],"malicious":[5],"software":[6],"evolves":[7],"faster":[8],"than":[9],"traditional":[10],"defenses,":[11],"intelligent":[12],"andproactive":[13],"detection":[14,27],"has":[15],"become":[16],"essential.":[17],"This":[18],"study":[19],"presents":[20],"machine":[22],"learning":[23],"framework":[24,138],"for":[25,132],"staticmalware":[26],"based":[28],"on":[29,113,119],"the":[30,66,99,104,120,125,149],"analysis":[31],"of":[32,129,153],"138,047":[33],"Portable":[34],"Executable":[35],"samples,":[36],"including":[37],"both":[38],"malwareand":[39],"benign":[40],"files.":[41],"The":[42],"dataset":[43],"comprises":[44],"56":[45],"static":[46,133],"structural":[47],"features":[48],"extracted":[49],"without":[50],"code":[51],"execution.Four":[52],"supervised":[53],"classifiers\u2014Backpropagation":[54],"Neural":[55],"Network,":[56],"Decision":[57],"Tree,":[58],"Random":[59,100],"Forest,and":[60],"Support":[61],"Vector":[62],"Machine\u2014were":[63],"evaluated":[64],"following":[65],"Knowledge":[67],"Discovery":[68],"in":[69],"Databases":[70],"process.Ensemble-based":[71],"feature":[72,142],"selection":[73,143],"methods":[74],"(Random":[75],"Forest":[76,101],"and":[77,109,116,127,144,151],"Extra":[78],"Trees)":[79],"were":[80],"applied":[81],"to":[82,92],"identify":[83],"themost":[84],"informative":[85],"attributes,":[86],"while":[87],"random":[88],"undersampling":[89],"was":[90],"used":[91],"mitigate":[93],"class":[94],"imbalance.":[95],"Experimentalresults":[96],"show":[97],"that":[98,140],"classifier":[102],"achieved":[103],"best":[105],"performance,":[106],"reaching":[107],"99.45%accuracy":[108],"0.9909":[111],"F1-score":[112],"imbalanced":[114],"data,":[115],"99.32%":[117],"accuracy":[118],"balanced":[121],"dataset.":[122],"Thesefindings":[123],"highlight":[124],"reliability":[126],"scalability":[128],"tree-based":[130],"models":[131],"malware":[134],"detection.":[135],"Overall,the":[136],"proposed":[137],"demonstrates":[139],"careful":[141],"balance":[145],"adjustment":[146],"can":[147],"significantlyenhance":[148],"performance":[150],"interpretability":[152],"cybersecurity":[154],"classification":[155],"systems.":[156]},"counts_by_year":[],"updated_date":"2026-03-10T14:07:55.174380","created_date":"2026-01-17T00:00:00"}