SYSTEM AND METHOD FOR DETECTING AND INQUIRING METAMORPHIC MALIGNANT CODE BASED ON ACTION

摘要

Disclosed are a system and a method for detecting and inquiring a metamorphic malignant code based on PI. According to the present invention, the system includes a malignant code analysis system which extracts application program interface (API) call information which a malignant code calls by performing a malignant doubt execution file, and detects the malignant action of the malignant code by using the extracted API call information; and a similarity analysis system which calculates API call similarity between at least two malignant codes by using a malignant code list where the malignant codes are collected. The API call similarity is obtained by using the API call information and/or the malignant code list. Thereby, a metamorphic malignant code of which a part is mutated is effectively detected.