research · gate-2-classifier · 2026-06-16

XGBoost sets the bar at 97.78 — on validation

Three approaches are being compared for ARGUS’s Gate-2 classifier: symbolic rules against named features, XGBoost on the 2381 EMBER 2018 v2 features, and a 1D CNN reading raw file bytes.

First result: XGBoost, trained on 509,932 samples and evaluated on 89,988 samples it had never seen, scores 97.78% accuracy and 0.98 F1 — on the validation set. Both classes hit 0.98 precision and recall; no significant bias toward benign or malware.

These are validation numbers, not final results. The held-out test set was isolated before any model was trained and stays locked until all three approaches are complete — it gets touched once, at the end. Anything else would let the test set leak into model choices, and the final numbers would be quietly dishonest.

CNN and fusion are next.

6f240e0