{"id":"https://openalex.org/W4296312524","doi":"https://doi.org/10.3390/a15090332","title":"Tree-Based Classifier Ensembles for PE Malware Analysis: A Performance Revisit","display_name":"Tree-Based Classifier Ensembles for PE Malware Analysis: A Performance Revisit","publication_year":2022,"publication_date":"2022-09-17","ids":{"openalex":"https://openalex.org/W4296312524","doi":"https://doi.org/10.3390/a15090332"},"language":"en","primary_location":{"id":"doi:10.3390/a15090332","is_oa":true,"landing_page_url":"https://doi.org/10.3390/a15090332","pdf_url":"https://www.mdpi.com/1999-4893/15/9/332/pdf?version=1663659182","source":{"id":"https://openalex.org/S190629608","display_name":"Algorithms","issn_l":"1999-4893","issn":["1999-4893"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Algorithms","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","datacite","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/1999-4893/15/9/332/pdf?version=1663659182","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5071291178","display_name":"Maya Hilda Lestari Louk","orcid":"https://orcid.org/0000-0001-8274-0990"},"institutions":[{"id":"https://openalex.org/I16413167","display_name":"University of Surabaya","ror":"https://ror.org/013314927","country_code":"ID","type":"education","lineage":["https://openalex.org/I16413167"]}],"countries":["ID"],"is_corresponding":false,"raw_author_name":"Maya Hilda Lestari Louk","raw_affiliation_strings":["Department of Informatics Engineering, University of Surabaya, Surabaya 60293, Indonesia"],"raw_orcid":"https://orcid.org/0000-0001-8274-0990","affiliations":[{"raw_affiliation_string":"Department of Informatics Engineering, University of Surabaya, Surabaya 60293, Indonesia","institution_ids":["https://openalex.org/I16413167"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5014306565","display_name":"Bayu Adhi Tama","orcid":"https://orcid.org/0000-0002-1821-6438"},"institutions":[{"id":"https://openalex.org/I79272384","display_name":"University of Maryland, Baltimore County","ror":"https://ror.org/02qskvh78","country_code":"US","type":"education","lineage":["https://openalex.org/I79272384"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Bayu Adhi Tama","raw_affiliation_strings":["Department of Information Systems, University of Maryland, Baltimore County (UMBC), Baltimore, MD 21250, USA"],"raw_orcid":"https://orcid.org/0000-0002-1821-6438","affiliations":[{"raw_affiliation_string":"Department of Information Systems, University of Maryland, Baltimore County (UMBC), Baltimore, MD 21250, USA","institution_ids":["https://openalex.org/I79272384"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5014306565"],"corresponding_institution_ids":["https://openalex.org/I79272384"],"apc_list":{"value":1400,"currency":"CHF","value_usd":1515},"apc_paid":{"value":1400,"currency":"CHF","value_usd":1515},"fwci":5.4988,"has_fulltext":false,"cited_by_count":39,"citation_normalized_percentile":{"value":0.96797331,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":"15","issue":"9","first_page":"332","last_page":"332"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8052753210067749},{"id":"https://openalex.org/keywords/random-forest","display_name":"Random forest","score":0.7674206495285034},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.754456102848053},{"id":"https://openalex.org/keywords/ensemble-learning","display_name":"Ensemble learning","score":0.7246288061141968},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6969989538192749},{"id":"https://openalex.org/keywords/decision-tree","display_name":"Decision tree","score":0.6342663764953613},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6006379127502441},{"id":"https://openalex.org/keywords/generalizability-theory","display_name":"Generalizability theory","score":0.5784502625465393},{"id":"https://openalex.org/keywords/hyperparameter","display_name":"Hyperparameter","score":0.5534972548484802},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.5360856652259827},{"id":"https://openalex.org/keywords/tree","display_name":"Tree (set theory)","score":0.4824672043323517},{"id":"https://openalex.org/keywords/variety","display_name":"Variety (cybernetics)","score":0.46112483739852905},{"id":"https://openalex.org/keywords/support-vector-machine","display_name":"Support vector machine","score":0.4410235583782196},{"id":"https://openalex.org/keywords/ensemble-forecasting","display_name":"Ensemble forecasting","score":0.41539207100868225},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.35581690073013306},{"id":"https://openalex.org/keywords/statistics","display_name":"Statistics","score":0.10331690311431885},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.09238195419311523}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8052753210067749},{"id":"https://openalex.org/C169258074","wikidata":"https://www.wikidata.org/wiki/Q245748","display_name":"Random forest","level":2,"score":0.7674206495285034},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.754456102848053},{"id":"https://openalex.org/C45942800","wikidata":"https://www.wikidata.org/wiki/Q245652","display_name":"Ensemble learning","level":2,"score":0.7246288061141968},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6969989538192749},{"id":"https://openalex.org/C84525736","wikidata":"https://www.wikidata.org/wiki/Q831366","display_name":"Decision tree","level":2,"score":0.6342663764953613},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6006379127502441},{"id":"https://openalex.org/C27158222","wikidata":"https://www.wikidata.org/wiki/Q5532422","display_name":"Generalizability theory","level":2,"score":0.5784502625465393},{"id":"https://openalex.org/C8642999","wikidata":"https://www.wikidata.org/wiki/Q4171168","display_name":"Hyperparameter","level":2,"score":0.5534972548484802},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.5360856652259827},{"id":"https://openalex.org/C113174947","wikidata":"https://www.wikidata.org/wiki/Q2859736","display_name":"Tree (set theory)","level":2,"score":0.4824672043323517},{"id":"https://openalex.org/C136197465","wikidata":"https://www.wikidata.org/wiki/Q1729295","display_name":"Variety (cybernetics)","level":2,"score":0.46112483739852905},{"id":"https://openalex.org/C12267149","wikidata":"https://www.wikidata.org/wiki/Q282453","display_name":"Support vector machine","level":2,"score":0.4410235583782196},{"id":"https://openalex.org/C119898033","wikidata":"https://www.wikidata.org/wiki/Q3433888","display_name":"Ensemble forecasting","level":2,"score":0.41539207100868225},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.35581690073013306},{"id":"https://openalex.org/C105795698","wikidata":"https://www.wikidata.org/wiki/Q12483","display_name":"Statistics","level":1,"score":0.10331690311431885},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.09238195419311523},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":6,"locations":[{"id":"doi:10.3390/a15090332","is_oa":true,"landing_page_url":"https://doi.org/10.3390/a15090332","pdf_url":"https://www.mdpi.com/1999-4893/15/9/332/pdf?version=1663659182","source":{"id":"https://openalex.org/S190629608","display_name":"Algorithms","issn_l":"1999-4893","issn":["1999-4893"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Algorithms","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:e31aa7a9cade4fc1ba487cffdfd7fc98","is_oa":true,"landing_page_url":"https://doaj.org/article/e31aa7a9cade4fc1ba487cffdfd7fc98","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Algorithms, Vol 15, Iss 9, p 332 (2022)","raw_type":"article"},{"id":"pmh:oai:mdpi.com:/1999-4893/15/9/332/","is_oa":true,"landing_page_url":"https://dx.doi.org/10.3390/a15090332","pdf_url":null,"source":{"id":"https://openalex.org/S4306400947","display_name":"MDPI (MDPI AG)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210097602","host_organization_name":"Multidisciplinary Digital Publishing Institute (Switzerland)","host_organization_lineage":["https://openalex.org/I4210097602"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Algorithms; Volume 15; Issue 9; Pages: 332","raw_type":"Text"},{"id":"pmh:oai:mdsoar.org:11603/26183","is_oa":true,"landing_page_url":"http://hdl.handle.net/11603/26183","pdf_url":null,"source":{"id":"https://openalex.org/S4306402556","display_name":"Maryland Shared Open Access Repository (USMAI Consortium)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Text"},{"id":"pmh:oai:repository.ubaya.ac.id:42578","is_oa":true,"landing_page_url":"https://www.mdpi.com/1999-4893/15/9/332","pdf_url":null,"source":{"id":"https://openalex.org/S4306402324","display_name":"Ubaya Repository (University of Surabaya)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I16413167","host_organization_name":"University of Surabaya","host_organization_lineage":["https://openalex.org/I16413167"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Article"},{"id":"doi:10.13016/m2gzqw-sdku","is_oa":true,"landing_page_url":"https://doi.org/10.13016/m2gzqw-sdku","pdf_url":null,"source":{"id":"https://openalex.org/S4306402644","display_name":"Digital Repository at the University of Maryland (University of Maryland College Park)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I66946132","host_organization_name":"University of Maryland, College Park","host_organization_lineage":["https://openalex.org/I66946132"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.3390/a15090332","is_oa":true,"landing_page_url":"https://doi.org/10.3390/a15090332","pdf_url":"https://www.mdpi.com/1999-4893/15/9/332/pdf?version=1663659182","source":{"id":"https://openalex.org/S190629608","display_name":"Algorithms","issn_l":"1999-4893","issn":["1999-4893"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Algorithms","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4296312524.pdf"},"referenced_works_count":49,"referenced_works":["https://openalex.org/W1584505081","https://openalex.org/W1678356000","https://openalex.org/W1993370323","https://openalex.org/W2055716572","https://openalex.org/W2097998348","https://openalex.org/W2187089797","https://openalex.org/W2215444025","https://openalex.org/W2228075399","https://openalex.org/W2267635142","https://openalex.org/W2294803890","https://openalex.org/W2531296565","https://openalex.org/W2768348081","https://openalex.org/W2768653635","https://openalex.org/W2885747980","https://openalex.org/W2900633536","https://openalex.org/W2911964244","https://openalex.org/W2913943077","https://openalex.org/W2921573932","https://openalex.org/W2944012984","https://openalex.org/W2950389803","https://openalex.org/W2994101726","https://openalex.org/W3003663951","https://openalex.org/W3004651308","https://openalex.org/W3005272923","https://openalex.org/W3007686746","https://openalex.org/W3011076213","https://openalex.org/W3080622597","https://openalex.org/W3088903404","https://openalex.org/W3126232929","https://openalex.org/W3127627101","https://openalex.org/W3129906305","https://openalex.org/W3160594722","https://openalex.org/W3174086521","https://openalex.org/W3178593045","https://openalex.org/W3212159646","https://openalex.org/W4200256722","https://openalex.org/W4224452014","https://openalex.org/W4226054578","https://openalex.org/W4232478844","https://openalex.org/W4293192140","https://openalex.org/W4293414950","https://openalex.org/W4294584485","https://openalex.org/W4294690579","https://openalex.org/W4399647672","https://openalex.org/W6674385629","https://openalex.org/W6745609711","https://openalex.org/W6773497414","https://openalex.org/W6789883449","https://openalex.org/W6869608176"],"related_works":["https://openalex.org/W2794896638","https://openalex.org/W2891633941","https://openalex.org/W3202800081","https://openalex.org/W3101614107","https://openalex.org/W1909207154","https://openalex.org/W4390971112","https://openalex.org/W3036530763","https://openalex.org/W1514365828","https://openalex.org/W3149839747","https://openalex.org/W3204228978"],"abstract_inverted_index":{"Given":[0],"their":[1,178],"escalating":[2],"number":[3],"and":[4,26,31,72,109,115,129,143,167],"variety,":[5],"combating":[6],"malware":[7,42,194],"is":[8,65],"becoming":[9],"increasingly":[10],"strenuous.":[11],"Machine":[12],"learning":[13,50,68,87],"techniques":[14,188],"are":[15,111,116,172,181],"often":[16],"used":[17],"in":[18,56,152,200],"the":[19,24,37,57,85,133,147,150,159],"literature":[20],"to":[21,84,91,145],"automatically":[22],"discover":[23],"models":[25],"patterns":[27],"behind":[28],"such":[29,102,122,139],"challenges":[30],"create":[32],"solutions":[33],"that":[34,52,70,196],"can":[35],"maintain":[36],"rapid":[38],"pace":[39],"at":[40],"which":[41,89],"evolves.":[43],"This":[44],"article":[45],"compares":[46],"various":[47],"tree-based":[48,63,99,163,186],"ensemble":[49,64,100,187],"methods":[51],"have":[53,197],"been":[54,198],"proposed":[55,185],"analysis":[58],"of":[59,76,149,155],"PE":[60,193],"malware.":[61],"A":[62],"an":[66],"unconventional":[67],"paradigm":[69],"constructs":[71],"combines":[73],"a":[74,153],"collection":[75],"base":[77],"learners":[78,94],"(e.g.,":[79],"decision":[80],"trees),":[81],"as":[82,103,123,140],"opposed":[83],"conventional":[86],"paradigm,":[88],"aims":[90],"construct":[92],"individual":[93],"from":[95],"training":[96],"data.":[97],"Several":[98],"techniques,":[101],"random":[104],"forest,":[105],"XGBoost,":[106],"CatBoost,":[107],"GBM,":[108],"LightGBM,":[110],"taken":[112],"into":[113],"consideration":[114],"appraised":[117],"using":[118],"different":[119],"performance":[120,168],"measures,":[121],"accuracy,":[124],"MCC,":[125],"precision,":[126],"recall,":[127],"AUC,":[128],"F1.":[130],"In":[131],"addition,":[132],"experiment":[134],"includes":[135],"many":[136],"public":[137],"datasets,":[138],"BODMAS,":[141],"Kaggle,":[142],"CIC-MalMem-2022,":[144],"demonstrate":[146],"generalizability":[148],"classifiers":[151],"variety":[154],"contexts.":[156],"Based":[157],"on":[158],"test":[160],"findings,":[161],"all":[162],"ensembles":[164],"performed":[165],"well,":[166],"differences":[169],"between":[170],"algorithms":[171],"not":[173],"statistically":[174],"significant,":[175],"particularly":[176],"when":[177],"respective":[179],"hyperparameters":[180],"appropriately":[182],"configured.":[183],"The":[184],"also":[189],"outperformed":[190],"other,":[191],"similar":[192],"detectors":[195],"published":[199],"recent":[201],"years.":[202]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":12},{"year":2024,"cited_by_count":14},{"year":2023,"cited_by_count":10},{"year":2022,"cited_by_count":1}],"updated_date":"2026-06-02T09:04:35.204637","created_date":"2022-09-20T00:00:00"}