发明名称 |
SYSTEM AND METHOD FOR ANALYZING PATCH FILE |
摘要 |
A system and method for analyzing a patch file determine the similarity between a patch file of an application program and an existing file in terms of an operation pattern and a file type and also determine whether risky behavior is performed by the patch file, thereby detecting a file disguised as a patch file. The system for analyzing a patch file includes: a program analysis module configured to collect setup information configured in an application program and generate the collected information as reference information; a reference information database (DB) configured to store the reference information; a patch file analysis module configured to generate setup information configured in a patch file of the application program as patch information by analyzing the patch file; and a comparison module configured to search for reference information and compare the patch information with the reference information. |
申请公布号 |
US2017076094(A1) |
申请公布日期 |
2017.03.16 |
申请号 |
US201515312028 |
申请日期 |
2015.03.23 |
申请人 |
SOFTCAMP CO., LTD. |
发明人 |
BAE Steve |
分类号 |
G06F21/56 |
主分类号 |
G06F21/56 |
代理机构 |
|
代理人 |
|
主权项 |
1. A system for analyzing a patch file, the system comprising:
a program analysis module configured to collect setup information configured in an application program and generate the collected information as reference information; a reference information database (DB) configured to store the reference information; a patch file analysis module configured to generate setup information configured in a patch file of the application program as patch information by analyzing the patch file of the application program; and a comparison module configured to search for reference information, corresponding to the patch information, in the reference information DB and compare the patch information with the reference information. |
地址 |
Seoul KR |