Researchers at the Polytechnic of Porto publish a study on April 1, 2026 testing ML-based static Windows PE malware detectors across six public datasets and four external collections. They find models score high in-distribution (AUC/F1 in the high 90s) but generalize poorly to temporally diverse and obfuscated datasets like SOREL-20M and ERMDS. The results imply procurement and engineering teams must validate detectors on operational, diverse data at low false-positive rates.
More
Popular articles
Newsletter
Subscribe to get the latest news, offers and special announcements.