Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

EMBER: An Open Dataset for Training Static PE Malware Machine Learning Models

Hyrum S. Anderson, Phil Roth

TL;DR

EMBER provides a large, open benchmark for static PE malware detection by releasing 1.1M labeled and unlabeled samples with rich, parsed and format-agnostic features and a reproducible feature-extraction to model-vector pipeline. A simple LightGBM baseline trained on these features outperforms end-to-end malware detectors like MalConv, illustrating that domain-informed features remain highly effective. The dataset supports temporal and semi-supervised study designs, addresses prior benchmarking gaps, and offers code to extend features to new binaries, enabling reproducible, broad ML research in malware detection. Overall, EMBER aims to accelerate robust, comparable ML research by providing a standardized, extensible, open benchmark with clear evaluation pathways.

Abstract

This paper describes EMBER: a labeled benchmark dataset for training machine learning models to statically detect malicious Windows portable executable files. The dataset includes features extracted from 1.1M binary files: 900K training samples (300K malicious, 300K benign, 300K unlabeled) and 200K test samples (100K malicious, 100K benign). To accompany the dataset, we also release open source code for extracting features from additional binaries so that additional sample features can be appended to the dataset. This dataset fills a void in the information security machine learning community: a benign/malicious dataset that is large, open and general enough to cover several interesting use cases. We enumerate several use cases that we considered when structuring the dataset. Additionally, we demonstrate one use case wherein we compare a baseline gradient boosted decision tree model trained using LightGBM with default settings to MalConv, a recently published end-to-end (featureless) deep learning model for malware detection. Results show that even without hyper-parameter optimization, the baseline EMBER model outperforms MalConv. The authors hope that the dataset, code and baseline model provided by EMBER will help invigorate machine learning research for malware detection, in much the same way that benchmark datasets have advanced computer vision research.

EMBER: An Open Dataset for Training Static PE Malware Machine Learning Models

TL;DR

EMBER provides a large, open benchmark for static PE malware detection by releasing 1.1M labeled and unlabeled samples with rich, parsed and format-agnostic features and a reproducible feature-extraction to model-vector pipeline. A simple LightGBM baseline trained on these features outperforms end-to-end malware detectors like MalConv, illustrating that domain-informed features remain highly effective. The dataset supports temporal and semi-supervised study designs, addresses prior benchmarking gaps, and offers code to extend features to new binaries, enabling reproducible, broad ML research in malware detection. Overall, EMBER aims to accelerate robust, comparable ML research by providing a standardized, extensible, open benchmark with clear evaluation pathways.

Abstract

This paper describes EMBER: a labeled benchmark dataset for training machine learning models to statically detect malicious Windows portable executable files. The dataset includes features extracted from 1.1M binary files: 900K training samples (300K malicious, 300K benign, 300K unlabeled) and 200K test samples (100K malicious, 100K benign). To accompany the dataset, we also release open source code for extracting features from additional binaries so that additional sample features can be appended to the dataset. This dataset fills a void in the information security machine learning community: a benign/malicious dataset that is large, open and general enough to cover several interesting use cases. We enumerate several use cases that we considered when structuring the dataset. Additionally, we demonstrate one use case wherein we compare a baseline gradient boosted decision tree model trained using LightGBM with default settings to MalConv, a recently published end-to-end (featureless) deep learning model for malware detection. Results show that even without hyper-parameter optimization, the baseline EMBER model outperforms MalConv. The authors hope that the dataset, code and baseline model provided by EMBER will help invigorate machine learning research for malware detection, in much the same way that benchmark datasets have advanced computer vision research.

Paper Structure

This paper contains 20 sections, 6 figures.

Table of Contents

  1. Introduction
  2. Background
  3. PE File Format
  4. Static PE Malware Detection
  5. Malicious and benign datasets
  6. Data Description
  7. Data layout
  8. Feature set description
  9. Parsed features
  10. General file information.
  11. Header information.
  12. Imported functions.
  13. Exported functions.
  14. Section information.
  15. Format-agnostic features
  16. ...and 5 more sections

Figures (6)

  • Figure 1: The 32-bit PE file structure. Creative commons image courtesy PEformat.
  • Figure 2: Raw features extracted from a single PE file.
  • Figure 3: Distribution of malicious, benign and unlabeled samples in the training and test sets
  • Figure 4: A temporal distribution of the dataset, available from chronology data available in the metadata, with 2017-11 and 2017-12 corresponding to the test set
  • Figure 5: ROC curve with log scale for false positive rate (FPR). The threshold shown (red) corresponds to a 0.1% FPR and a detection rate about 93%. At 1% FPR the detection rate exceeds 98%.
  • ...and 1 more figures