Tree-Based Classifier Ensembles for PE Malware Analysis: A Performance Revisit

Louk, Maya Hilda Lestari and Tama, Bayu Adhi (2022) Tree-Based Classifier Ensembles for PE Malware Analysis: A Performance Revisit. Algorithms, 15 (9). 332_1-15. ISSN 1999-4893

[thumbnail of Maya Hilda_Tree-Based Classifier Ensembles.pdf] PDF
Maya Hilda_Tree-Based Classifier Ensembles.pdf

Download (1MB)
Official URL / DOI:


Given their escalating number and variety, combating malware is becoming increasingly strenuous. Machine learning techniques are often used in the literature to automatically discover the models and patterns behind such challenges and create solutions that can maintain the rapid pace at which malware evolves. This article compares various tree-based ensemble learning methods that have been proposed in the analysis of PE malware. A tree-based ensemble is an unconventional learning paradigm that constructs and combines a collection of base learners (e.g., decision trees), as opposed to the conventional learning paradigm, which aims to construct individual learners from training data. Several tree-based ensemble techniques, such as random forest, XGBoost, CatBoost, GBM, and LightGBM, are taken into consideration and are appraised using different performance measures, such as accuracy, MCC, precision, recall, AUC, and F1. In addition, the experiment includes many public datasets, such as BODMAS, Kaggle, and CIC-MalMem-2022, to demonstrate the generalizability of the classifiers in a variety of contexts. Based on the test findings, all tree-based ensembles performed well, and performance differences between algorithms are not statistically significant, particularly when their respective hyperparameters are appropriately configured. The proposed tree-based ensemble techniques also outperformed other, similar PE malware detectors that have been published in recent years.

Item Type: Article
Uncontrolled Keywords: portable executable malware; tree-based ensemble; performance comparison; statistical significance tes
Subjects: T Technology > T Technology (General)
Divisions: Faculty of Engineering > Department of Informatic
Date Deposited: 19 Sep 2022 08:51
Last Modified: 27 Sep 2022 06:47

Actions (login required)

View Item View Item