摘要 |
<p>The present invention relates to a method and system for detecting a suspicious malicious website by using information entropy. More specifically, the method comprises the steps of: receiving, by a file input unit, an html file of a website desired to confirm whether the website has a malicious code or not; counting, by a counting unit, an occurrence frequency of an alphabet included in the html file; generating, by an entropy generation unit, an information entropy value of the alphabet; and comparing, by a control unit, the information entropy value with a predetermined threshold value, and checking whether the malicious code is included in the html file so as to determine whether the website is a suspicious malicious website or not. Accordingly, the method and system for detecting suspicious malicious website by using information entropy enable to easily determine whether a malicious code is inserted into a website to be accessed, thereby preventing terminals such as a PC accessing the website via a malicious code, and the like from being attacked.</p> |