发明名称 |
ELECTRONIC SYSTEM AND METHOD FOR DETECTING MALICIOUS CODE |
摘要 |
According to the present invention, provided is an electronic system for detecting malicious code, the system comprising: categorization information storage which stores categorization information about a category for each system call generated on a user device; model information storage which stores information about one or more normal call models generated based on respective system calls generated when normal code is executed, and one or more malicious call models generated based on respective system calls generated when malicious code is executed; a data receiver which receives data of a detection target call pattern including system calls generated by an application executed on the user device; an application characteristic extractor which extracts characteristics of the system calls included in the detection target call pattern by referring to the categorization information; and a code detector which detects whether execution code of the application is malicious by comparing the extracted characteristics with at least one of the normal call models and the malicious call models. According to the present invention, not only already known malicious code but also variant malicious code or unknown malicious code can be detected. |
申请公布号 |
KR20160099159(A) |
申请公布日期 |
2016.08.22 |
申请号 |
KR20150020976 |
申请日期 |
2015.02.11 |
申请人 |
ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE |
发明人 |
KIM, HYUN JOO;KIM, IK KYUN;KIM, JONG HYUN |
分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|