AndroTracker: Creator Information based Android Malware Classification System

1. Introduction

AndroTracker is a system which detects Android malware by incorporating creator’s information as a feature and classifies the malware into similar groups.

It enables fast detection of malware by using creator information such as serial number of certificate. Additionally, it analyzes malicious behaviors and permissions to increase detection accuracy.

AndroTracker also can classify malware based on similarity scoring.

2. Publication

  • Hyunjae Kang, Jae-wook Jang, Aziz Mohaisen, and Huy Kang Kim, “Detecting and Classifying Android Malware Using Static Analysis along with Creator Information,” International Journal of Distributed Sensor Networks, vol. 2015, Article ID 479174, 9 pages, 2015. doi:10.1155/2015/479174

Download full paper

Download citation as EndNote

  • Kang, Hyun Jae, et al. "Androtracker: Creator information based android malware classification system." Information Security Applications-15th International Workshop, WISA. Vol. 8909. 2014.

Download full paper

Download citation as BibTex

3. Dataset Release

  • For academic purposes, we are happy to release our dataset. However, to avoid indiscriminate distribution of mobile malware, you need the password to unzip the dataset. Please send us a request sent by your official email account. If you use our dataset for your experiment, please cite our papers.

  • Before downloading it, please read the following instructions carefully.

            • (1) The most of samples are zipped using 7zip.

            • (2) Then send e-mail to cenda at to get the decompress password. (Please identify your name, affiliation and purpose.)

            • (3) Please use these samples at your own risk.

Contact: Huy Kang Kim (cenda at

4. Acknowledgement

AndroTracker is developed by the Hacking and Countermeasure Research Lab in the Graduate School of Information Security of the Korea University, Seoul, Korea.

Please contact “Huy Kang Kim” (cenda at if you have any question.