Open Hub
Open Hub
 

Managed Projects

Malheur

  Analyzed 12 months ago

Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It has been designed to support the regular analysis of malicious software and the development of detection and defense measures. Based on machine learning techniques, Malheur allows for ... [More] identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. [Less]

5.61K lines of code

1 current contributors

over 5 years since last commit

1 users on Open Hub

Activity Not Available
0.0
 
0 Reviews
I Use This
Mostly written in C
Licenses: gpl3
Tags machinelearning malware malwareanalysis

Sally Tool

  Analyzed 12 months ago

Sally is a small tool for mapping a set of strings to a set of vectors. This mapping is referred to as embedding and allows for applying techniques of machine learning and data mining for analysis of string data. Sally implements a standard technique for mapping strings to a vector space that is ... [More] often referred to as vector space model or bag-of-words model. The strings are characterized by a set of features, where each feature is associated with one dimension of the vector space. Sally proceeds by counting the occurrences of the specified features in each string and generating a sparse vector of count values. The tool then normalizes the vectors and outputs them in a given format. [Less]

5.62K lines of code

1 current contributors

over 5 years since last commit

1 users on Open Hub

Activity Not Available
0.0
 
0 Reviews
I Use This
Mostly written in C
Licenses: gpl3
Tags datamining machinelearning strings vectorspace

Harry Tool

  Analyzed 12 months ago

Harry is a small tool for comparing strings. The tool supports several common distance and kernel functions for strings as well as some excotic similarity measures. The focus of Harry lies on implicit similarity measures, that is, comparison functions that do not give rise to an explicit vector ... [More] space. Examples of such similarity measures are the Levenshtein distance, the Jaro-Winkler distance or the sectrum kernel. Harry is implemented using OpenMP, such that the computation time for a set of strings scales linear with the number of available CPU cores. Moreover, efficient implementations of several similarity measures, effective caching of similarity values and low-overhead locking further speedup the computation. [Less]

8.05K lines of code

1 current contributors

over 5 years since last commit

1 users on Open Hub

Activity Not Available
0.0
 
0 Reviews
I Use This
Mostly written in C
Licenses: No declared licenses
Tags datamining machinelearning similaritymeasurement strings

Derrick

  Analyzed 12 months ago

Derrick is a simple tool for recording data streams of TCP and UDP traffic. It shares similarities with other network recorders, such as tcpflow and wireshark, where it is more advanced than the first and clearly inferior to the latter. Derrick has been specifically designed to monitor ... [More] application-layer communication. In contrast to other tools the application data is logged in a line-based ASCII format. Common UNIX tools, such as grep, sed & awk, can be directly applied. Even replay of recorded communication is straight forward using netcat. Derrick supports on-the-fly compression and rotation of log files. The payloads of TCP sessions are re-assembled using Libnids and can be merged or truncated. UDP payloads are logged as-is. Details of lower network layers are omitted. [Less]

701 lines of code

1 current contributors

almost 6 years since last commit

1 users on Open Hub

Activity Not Available
0.0
 
0 Reviews
I Use This
Mostly written in C
Licenses: No declared licenses
Tags libnids sniffer textformat