Towards resilient malware detection: A hybrid framework leveraging static-dynamic features and ensemble models

Malware continues to evolve in complexity, often evading traditional detection methods through obfuscation, polymorphism, and zero-day exploits. To address these challenges, this study proposes a Hybrid Malware Detection Framework that integrates signature-based detection, static analysis, dynamic behavioural monitoring, and ensemble machine learning. The framework extracts both static features such as metadata and API imports, and dynamic behaviour patterns like file system activity, process creation, and network access, which are processed into a unified vector for classification. Ensemble models, specifically Random Forest and XGBoost, are employed for robust and adaptive threat identification. Evaluation on a balanced dataset of benign and malicious samples demonstrated a detection accuracy of up to 98.6%, significantly outperforming single-method approaches. The system also features a Decision Engine for result fusion and a Feedback Module to support model retraining and explainability. These results highlight the effectiveness of hybrid analysis in enhancing detection accuracy, reducing false positives, and improving resilience against modern malware threats.