Back to Explorer
Research PaperResearchia:202603.30013[Computer Science > Cybersecurity]

Machine Learning Transferability for Malware Detection

César Vieira

Abstract

Malware continues to be a predominant operational risk for organizations, especially when obfuscation techniques are used to evade detection. Despite the ongoing efforts in the development of Machine Learning (ML) detection approaches, there is still a lack of feature compatibility in public datasets. This limits generalization when facing distribution shifts, as well as transferability to different datasets. This study evaluates the suitability of different data preprocessing approaches for the detection of Portable Executable (PE) files with ML models. The preprocessing pipeline unifies EMBERv2 (2,381-dim) features datasets, trains paired models under two training setups: EMBER + BODMAS and EMBER + BODMAS + ERMDS. Regarding model evaluation, both EMBER + BODMAS and EMBER + BODMAS + ERMDS models are tested against TRITIUM, INFERNO and SOREL-20M. ERMDS is also used for testing for the EMBER + BODMAS setup.

Source: arXiv:2603.26632v1 - http://arxiv.org/abs/2603.26632v1 PDF: https://arxiv.org/pdf/2603.26632v1 Original Link: http://arxiv.org/abs/2603.26632v1

Submission:3/30/2026
Comments:0 comments
Subjects:Cybersecurity; Computer Science
Cite as:
Researchia:202603.30013https://www.researchia.net/explorer/b63176bb-43c2-434e-bdd3-61891366a371
Original Source:
View Original PDF
arXiv: This paper is hosted on arXiv, an open-access repository
Was this helpful?

Discussion (0)

Please sign in to join the discussion.

No comments yet. Be the first to share your thoughts!