Malheur is a tool for the Automatic Analysis of Malware Behavior
(program behavior recorded from malicious software in a sandbox
environment). It has been designed to support the regular analysis of
malicious software and the development of detection and defense measures.
Malheur allows for identifying novel classes of malware with similar
behavior and assigning unknown malware to discovered classes.
Analysis of malware behavior?
Malheur builds on the concept of dynamic analysis:
Malware binaries are collected in the wild and executed in a sandbox,
where their behavior is monitored during run-time. The execution of
each malware binary results in a report of recorded behavior. Malheur
analyzes these reports for discovery and discrimination of malware
classes using machine learning.
Malheur can be applied to recorded behavior of various format, as
long as monitored events are separated by delimiter symbols, for
example as in reports generated by the popular malware sandboxes
CWSandbox,
Anubis,
Norman Sandbox and
Joebox.
Tutorial :: http://www.mlsec.org/malheur/examples.html
Download Here :: Malhuer-0.5.3 (Linux)
Official Website :: http://www.mlsec.org/
0 comments :
Post a Comment