An effectiveness analysis of transfer learning for the concept drift problem in malware detection

Malware classification is a task that has acquired importance due to the increase in malware distribution. In the literature, the application of machine learning techniques is proposed to tackle this task because machine learning models may be able to detect new malware variants more effectively than traditional signature-based solutions. Nonetheless, there are some difficulties in the application of machine learning in this field, particularly the presence of concept drift, that must be addressed by keeping models up to date in order to detect new threats. In this research, we carry out an evaluation of the performance of transfer learning techniques on the problem of malware detection over different time horizons and on several learning settings. We carry out experiments on unbalanced data with different file types to better reflect additional challenges in malware detection. Our goal is to determine whether transfer learning may be helpful to solve the concept drift problem, and construct models that can detect new malware by using the information obtained from past data.