METHOD AND SYSTEM FOR TRACKING HOPPING SITES OF MALICIOUS CODE BY ANALYZING TRAFFIC BETWEEN INTERNAL NETWORK AND EXTERNAL NETWORK

摘要

The present invention relates to a method and a system for tracking a hopping site of a malicious code by analyzing traffic between an external network and an internal network. In the present invention, a harmful traffic collecting device collects traffic introduced from an external network to an internal network or traffic discharged from the internal network to the external network, the harmful traffic collecting device extracts harmful traffic by performing filtering on the collected traffic, and a detection device analyzes header information of harmful traffic transmitted from the harmful traffic collecting device to track a hopping side of a malicious code.