发明名称 |
A SYSTEM AND A METHOD FOR QUICKLY DETECTING E-MAIL BASED MALICIOUS CODE-BEARING DOCUMENTS |
摘要 |
The present invention relates to a system for rapidly detecting e-mail based document type malignant codes and a method thereof. The present invention downloads a document file included in an e-mail from a mail server. When the present invention confirms whether or not a previous detection record for the document file exists and the previous detection record for the document file does not exists, the present invention transmits the document file to a statistical analysis server, a dynamic analysis server, and a vaccine check server. The present invention receives a statistical analysis result, a behavior information monitoring result, and a vaccine check result for the document file from the statistical analysis server, the dynamic analysis server, and the vaccine check server. The present invention matches the behavior information monitoring result with a behavior detection rule and measures behavior risk. The present invention finally determines whether or not the document file is malicious based on the statistical analysis result, the vaccine check result, the behavior risk. |
申请公布号 |
KR20140060906(A) |
申请公布日期 |
2014.05.21 |
申请号 |
KR20120127841 |
申请日期 |
2012.11.13 |
申请人 |
KOREA INTERNET & SECURITY AGENCY |
发明人 |
LEE, CHANG YONG;KANG, HONG KOO;LEE, TAI JIN;KIM, JI SANG;KIM, BYUNG IK;JEONG, HYUN CHEOL |
分类号 |
G06F21/55 |
主分类号 |
G06F21/55 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|