摘要 |
<p>PURPOSE: An information leakage blocking device and a method thereof are provided to effectively detect a back door process when a computer, which is infected by the back door process, reversely accesses an attacker, thereby blocking data transmission of the back door process. CONSTITUTION: An action analysis unit analyzes an action of an executed process. A control unit blocks data transmission of a process which is determined as a back door process. The control unit verifies a digital signature for the executed process and blocks data transmission generated by a process which the digital signature does not exist. [Reference numerals] (AA) File access process; (BB) Checking a file using type of a process; (CC) Checking the generation of information leakage illegal data; (DD) Transmission packet monitoring; (EE) Checking a process signature;</p> |