This work examines malware detection techniques in cybersecurity, focusing on traditional machine learning and deep learning methods across two datasets: EMBER2018 (covering malware from 2006 to 2018) and CIC-Evasive-PDFMal2022 (recent evasive PDF malware). Traditional models, particularly XGBoost on EMBER2018 (99.7%) and CatBoost on CIC-Evasive-PDFMal2022 (99.4%), achieved the highest accuracies. Deep learning models, such as CNN and RNN-LSTM, showed effectiveness in identifying complex malware, with accuracies of 98.1% and 96.2%, respectively. Additionally, ensemble methods such as the voting classifier reached 99.1% accuracy on CIC-Evasive-PDFMal2022. The findings highlight that tree-based models, including XGBoost, LightGBM, and CatBoost, consistently outperformed deep learning models, offering efficient solutions for malware detection.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Bridging Legacy and Modern Threat Detection: An Analysis of Machine Learning Models on EMBER2018 and CIC-Evasive-PDFMal2022

  • Satvik Raghav,
  • Rohit S. Nair,
  • Prasanth Ayitapu,
  • Sagar Basavaraju

摘要

This work examines malware detection techniques in cybersecurity, focusing on traditional machine learning and deep learning methods across two datasets: EMBER2018 (covering malware from 2006 to 2018) and CIC-Evasive-PDFMal2022 (recent evasive PDF malware). Traditional models, particularly XGBoost on EMBER2018 (99.7%) and CatBoost on CIC-Evasive-PDFMal2022 (99.4%), achieved the highest accuracies. Deep learning models, such as CNN and RNN-LSTM, showed effectiveness in identifying complex malware, with accuracies of 98.1% and 96.2%, respectively. Additionally, ensemble methods such as the voting classifier reached 99.1% accuracy on CIC-Evasive-PDFMal2022. The findings highlight that tree-based models, including XGBoost, LightGBM, and CatBoost, consistently outperformed deep learning models, offering efficient solutions for malware detection.