Tree-Based Classifier Ensembles for PE Malware Analysis: A Performance Revisit

Given their escalating number and variety, combating malware is becoming increasingly strenuous. Machine learning techniques are often used in the literature to automatically discover models patterns behind such challenges create solutions that can maintain rapid pace at which evolves. This article compares various tree-based ensemble methods have been proposed analysis of PE malware. A an unconventional paradigm constructs combines a collection base learners (e.g., decision trees), as opposed conventional paradigm, aims construct individual from training data. Several techniques, random forest, XGBoost, CatBoost, GBM, LightGBM, taken into consideration appraised using different performance measures, accuracy, MCC, precision, recall, AUC, F1. In addition, experiment includes many public datasets, BODMAS, Kaggle, CIC-MalMem-2022, demonstrate generalizability classifiers variety contexts. Based on test findings, all ensembles performed well, differences between algorithms not statistically significant, particularly when respective hyperparameters appropriately configured. The also outperformed other, similar detectors published recent years.