MALHEUR – Automatic Analysis of Malware Behavior


Malheur: Automatic Analysis of Malware Behavior

Malheur is a tool of automatic analysis malware behavior. Malheur has been designed to support the regular analysis of malicious software and the development of detection and defense measures. Malheur allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes.


MALHEUR supports four basic actions for analysis:

Malheur permits for figuring out novel lessons of malware.

  1. Malheur supports Extraction of prototypes: Malheur identifies a subset of prototypes representative for the full data set.
  2. Malheur supports Clustering of behavior: Malheur automatically identifies groups (clusters) of reports containing similar behavior.
  3. Malheur supports Classification of behavior: Malheur is able to assign unknown behavior to known groups of malware.
  4. Malheur supports Incremental analysis: Malheur can be applied incrementally for analysis of large datasets. By processing reports in chunks, the run-time can be significantly reduced. This renders the application of Malheur feasible.


Analysis of malware behavior by Malheur:

Malware binaries are collected in the wild and executed in a sandbox, where behavior of Malheur is monitored during run-time. Malheur analyzes reports for discovery and discrimination of malware classes using machine learning. Malheur can be applied to recorded behavior of various format, for example as in reports generated by CWSandbox, Anubis, Norman Sandbox and Joebox.


Actions & Options of Malheur

Malheur supported different actions for analysis of a dataset. For all actions the reports of Malheur are first mapped to a high-dimensional vector space.


Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

 RHCE  training

CEH V9  training

Diploma in Network Security Training

Secure Coding in Java

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advanced Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

Digital marketing

CCNA training

Android Training


Leave a Reply

Your email address will not be published. Required fields are marked *



Click one of our representatives below to chat on WhatsApp or send us an email to [email protected]

× Hi How can we help you