Machine learning for malware classification shows encouraging results, but real deployments suffer from performance degradation as malware authors adapt their techniques to evade detection. This phenomenon, known as concept drift, occurs as new malware examples evolve and become less and less like the original training examples. One promising method to cope with concept drift is classification with rejection in which examples that are likely to be misclassified are instead quarantined until they can be expertly analyzed. We propose TRANSCENDENT, a rejection framework built on Transcend, a recently proposed strategy based on conformal prediction theory. In particular, we provide a formal treatment of Transcend, enabling us to refine conformal evaluation theory -- its underlying statistical engine -- and gain a better understanding of the theoretical reasons for its effectiveness. In the process, we develop two additional conformal evaluators that match or surpass the performance of the original while significantly decreasing the computational overhead. We evaluate TRANSCENDENT on a malware dataset spanning 5 years that removes sources of experimental bias present in the original evaluation. TRANSCENDENT outperforms state-of-the-art approaches while generalizing across different malware domains and classifiers. To further assist practitioners, we determine the optimal operational settings for a TRANSCENDENT deployment and show how it can be applied to many popular learning algorithms. These insights support both old and new empirical findings, making Transcend a sound and practical solution for the first time. To this end, we release TRANSCENDENT as open source, to aid the adoption of rejection strategies by the security community.

翻译：机器学习在恶意软件分类中展现了令人鼓舞的结果，但实际部署中，随着恶意软件作者不断调整其技术以规避检测，系统性能会逐渐下降。这一现象被称为概念漂移，即新出现的恶意软件样本逐渐演变，与原始训练样本的相似性越来越低。应对概念漂移的一种有效方法是采用带拒绝的分类策略，即对可能被误分类的样本进行隔离处理，直至专家分析完成。我们提出TRANSCENDENT框架——一种基于Transcend的拒绝机制，后者是近期基于共形预测理论提出的策略。具体而言，我们对Transcend进行了形式化处理，从而优化其底层统计引擎——共形评估理论，并深入理解其有效性背后的理论依据。在此过程中，我们开发了两种新的共形评估器，它们在匹配或超越原始性能的同时，显著降低了计算开销。我们在一个跨越5年、消除了原始评估中实验偏差来源的恶意软件数据集上评估了TRANSCENDENT。该框架不仅在不同恶意软件领域和分类器上表现出色，还超越了现有最先进方法。为便于实际应用，我们确定了TRANSCENDENT部署的最优操作参数，并展示了其如何适用于多种主流学习算法。这些发现既支持了已有和新近的实证结果，首次使Transcend成为可靠且实用的解决方案。为此，我们开源了TRANSCENDENT，以推动安全社区对拒绝策略的采用。