A SYSTEM AND A METHOD FOR QUICKLY DETECTING E-MAIL BASED MALICIOUS CODE-BEARING DOCUMENTS

摘要

The present invention relates to a system for rapidly detecting e-mail based document type malignant codes and a method thereof. The present invention downloads a document file included in an e-mail from a mail server. When the present invention confirms whether or not a previous detection record for the document file exists and the previous detection record for the document file does not exists, the present invention transmits the document file to a statistical analysis server, a dynamic analysis server, and a vaccine check server. The present invention receives a statistical analysis result, a behavior information monitoring result, and a vaccine check result for the document file from the statistical analysis server, the dynamic analysis server, and the vaccine check server. The present invention matches the behavior information monitoring result with a behavior detection rule and measures behavior risk. The present invention finally determines whether or not the document file is malicious based on the statistical analysis result, the vaccine check result, the behavior risk.