Home / Companies / Elastic / Blog / Post Details
Content Deep Dive

Introducing Ember: An Open Source Classifier And Dataset

Blog post from Elastic

Post Details
Company
Date Published
Author
Phil Roth
Word Count
824
Company Posts That Month
18
Language
-
Hacker News Points
-
Post removed?
No
Summary

Endgame released Ember, an open-source benchmark dataset aimed at advancing research in static malware detection by providing 1.1 million portable executable file sha256 hashes, along with metadata and derived features, without disclosing the actual files to protect intellectual property. This dataset, which includes both training and test samples categorized as malicious, benign, or unlabeled, allows researchers to measure the effectiveness of new machine learning techniques in identifying unseen threats, despite the evolving nature of malware. The Ember benchmark model, a gradient-boosted decision tree trained with LightGBM, achieves a high area under the ROC curve score, though it is not intended for production use. Instead, it serves as a research tool to explore improvements in feature selection, model parameter optimization, and the development of new featureless neural network-based models, encouraging further research in the field and providing a target for studies on countering machine learning-driven attacks.

Trends Found in this Post

No tracked trend matches for this post yet.

Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.