SYSTEM FOR DETECTING INFECTED TERMINAL BASED ON URL CONNECTION AND METHOD THEREOF
摘要
<p>Disclosed are a system and method for detecting a terminal infected with a malicious application based on a URL access detection technology. The system for detecting a terminal infected with a malicious application comprises: a traffic detection unit for monitoring, in a section within a mobile network through which a data packet is transmitted, a data packet being transmitted, to detect a malicious URL which a user terminal is accessing according to the monitoring results; and a terminal identification unit for searching for a user terminal accessing the URL from a predetermined session table based on a tunnel endpoint identifier (TEID) of GTP-U which is the data packet transmitted through the section, to identify whether the user terminal is infected by a malicious application based on the search result.</p>
申请公布号
KR101525547(B1)
申请公布日期
2015.06.03
申请号
KR20130160991
申请日期
2013.12.23
申请人
KOREA INTERNET & SECURITY AGENCY
发明人
IM, CHAE TAE;OH, JOO HYUNG;KIM, SE KWON;CHO, JUN HYUNG;JANG, WOUNG;KOO, BON MIN;PARK, SEONG MIN;WOO, SU JEONG