CULTURE-BASED MALICIOUS CODE ANALYSIS SYSTEM

摘要

The present invention relates to a time-division-type culture-based system for analyzing malicious codes which infects culture agents, cultures and analyzes the malicious codes. The system comprises: an analysis manage server which controls culture agents through a net and manages results of malicious code analysis of the culture agents; at least one culture agent which generates a pool of one or more malicious codes, divides time to allocate the divided time to each malicious code in the pool for culture analysis, analyzes each malicious code in the pool for each allocated time, transmits status and results of the analysis to the analysis managing server; and a router which limits a traffic bandwidth of a network to block malicious traffic, which can be released from the culture analysis agent to the outside. According to the present invention, a network and a host operation environment for safe culture and analysis of malicious codes are provided to construct the culture-based system for analyzing a malicious code which can cope with anti-virtual-machine malicious codes, inactive in a virtual-machine environment. In addition, a method for dividing and allocating time resource is applied to the system to enable the system to culture and analyze a plurality of malicious codes by using one culture agent. Therefore, the system can analyze massive malicious codes using the small number of the culture agents.