Cybersecurity. The official launch of the Gorille software created by the Cyber-Detect start-up company

21 September 2018

The CYBER-DETECT start-up company which derived from research carried out at the Loria has announced the official release of its software suite Gorille. This software is intended for people working in cybersecurity and determines whether a file is malicious or not through a morphological analysis of the virus. This is a first in computer security.

Recent computing attacks like the ransomware WannaCry, Adylkuzz or the mass hacking of the CCleaner software have shown that our systems remain vulnerable and that more solutions are still required to complete the protection offered by anti-virus software. CYBER-DETECT has provided a new solution based on morphological analysis, an innovative technology which gave rise to the Gorille software. It is the result of ten years of research at the Lorraine Research Laboratory in Computer Science and its Applications (Loria – a joint CNRS, Inria and Université de Lorraine research unit).

Morphological analysis of a virus enables the identification of the functionalities embedded in programmes or in other words in applications and updates which may not clearly display intrusions. The major innovation of this technology is that it deals with the structure of a programme as a whole and extracts a set of signatures from it in the form of graphs which characterize the programme’s functionalities. The partial recombination of these signatures enables similarities to be found between the code analyzed and a given malware and to identify any undesirable functionalities in a programme even getting through protective systems whose aim is to trick defence systems. It thus enables cybersecurity experts to understand virus behaviour better to optimize defence.

Currently this software suite is intended for use by cybersecurity experts but CYBER-DETECT is already working on the automation of the software to make it accessible for a greater number of users. The development teams are also working on a version adapted for mobile phones and for the Internet of Things including equipment like surveillance cameras. Work is also being done on adapting the software for industrial networks to ensure mobile phones, cameras or factory automatons can no longer be controlled by spyware.


The start-up company CYBER-DETECT was created in 2017 at the Loria (CNRS, Inria, Université de Lorraine) and develops, industrializes and sells cybersecurity solutions based on “morphological analysis©” used for the detection and analysis of malicious codes and more specifically of targeted attacks. CYBER-DETECT’s work is based on 10 years of research at the Loria into a unique morphological analysis technology which is a complete departure from common techniques used to detect malicious codes. The company has benefited from a maturation phase and the support of the SATT Grand Est. Since it was set up CYBER-DETECT has worked with the French General Directorate for Armamen DGA and also takes part in the operational cyber-reserve project at the Defence Base (BDD) at the Blandan Army Barracks in Nancy. Finally, the THALESgrouphas just recognized the potential of morphological analysis by inviting CYBER-DETECT to work on the 2ndseason of its acceleration programme specializing in cybersecurity at the STATION Fas of September 5th2018.