| 发明名称 |
APPARATUS AND METHOD FOR DETECTING MALICIOUS FILE |
| 摘要 |
PURPOSE: A malignant file diagnosis device and a method thereof are provided to improve diagnosis speed by diagnosing a malignant file without analyzing an application execution file in real time and by constructing a file information database. CONSTITUTION: A file information extracting unit(110) extracts file characteristic information from an application execution file generating a new installation event and a conversion event for an application execution file. A file information storage unit(120) stores a file information database storing the file characteristic information. A malignity diagnosis unit(130) determines the application execution file by comparing the file characteristic information of the file information data base with reference diagnosis information stored in the diagnosis information database. A processing unit(150) determines the classification of malignant files for the application execution file according to a determination result. [Reference numerals] (110) File information extracting unit; (120) File information storage unit; (130) Malignity diagnosis unit; (140) Diagnosis information storage unit; (150) Processing unit; |
| 申请公布号 |
KR101256468(B1) |
申请公布日期 |
2013.04.19 |
| 申请号 |
KR20120100526 |
申请日期 |
2012.09.11 |
| 申请人 |
AHNLAB, INC. |
发明人 |
KANG, DONG HYUN;KIM, YONG GOO |
| 分类号 |
G06F21/00;G06F11/30;G06F17/40 |
主分类号 |
G06F21/00 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
