摘要 |
PURPOSE: Automatic mobile malcode collecting and analyzing system collects suspicious mobile malcode through network traffic analysis, determines malcode from static or dynamic analysis result, collects and analyzes mobile malcode automatically. CONSTITUTION: Collecting module(110) collects suspicious mobile malcode through network traffic analysis. Analysis module(120) extracts code and action information from the suspicious mobile malcode. Detecting module(130) determines the suspicious mobile malcode based on the code and action information, and detects mobile malcode. Code information comprises hash information, code size information, file header information, and operation platform information. [Reference numerals] (100) Mobile malignant code auto-collecting and analyzing system; (110) Collecting module; (120) Analysis module; (130) Detecting module; (140) Data base |