SYSTEM AND METHOD FOR DETECTING AND INQUIRING METAMORPHIC MALIGNANT CODE BASED ON ACTION
摘要
Disclosed are a system and a method for detecting and inquiring a metamorphic malignant code based on PI. According to the present invention, the system includes a malignant code analysis system which extracts application program interface (API) call information which a malignant code calls by performing a malignant doubt execution file, and detects the malignant action of the malignant code by using the extracted API call information; and a similarity analysis system which calculates API call similarity between at least two malignant codes by using a malignant code list where the malignant codes are collected. The API call similarity is obtained by using the API call information and/or the malignant code list. Thereby, a metamorphic malignant code of which a part is mutated is effectively detected.
申请公布号
KR101589656(B1)
申请公布日期
2016.01.28
申请号
KR20150008756
申请日期
2015.01.19
申请人
KOREA INTERNET & SECURITY AGENCY
发明人
CHOI, BO MIN;KANG, HONG KOO;HWANG, TONG WOOK;LEE, TAI JIN;SHIN, YOUNG SANG;KIM, BYUNG IK