发明名称 |
A SYSTEM FOR PREVENTING MBR(MASTER BOOT RECORD) ATTACK OF MALICIOUS CODES USING A CONTROL LIST AT THE KERNEL LEVEL AND THE COMPUTER-READABLE RECORDING MEDIUM HAVING RECORDING THE PROGRAM THEREOF |
摘要 |
PURPOSE: A system for preventing MOR(Master Boot Record) attack using a control list in a kernel level and a computer readable recording medium recording the same are provided to virtually record MBR change information even if a suspicious process does not change MBR, thereby accurately analyze whether all suspicious process including hidden process is malicious or not in advance. CONSTITUTION: A system call hooking controller(310) hooks a system call which requests the change of MBR(Master Boot Record) in a OS(Operating System). A control list manager(320) stores a control list including a allowance and denial list. A virtually changing unit(350) record a MBR modification information to a virtually changing storage according to MBR modification information of the system call. A malicious process determiner(340) determines a allowance and denial of the hooking system call based on the control list. |
申请公布号 |
KR100959277(B1) |
申请公布日期 |
2010.05.26 |
申请号 |
KR20090101845 |
申请日期 |
2009.10.26 |
申请人 |
SGA CO., LTD.;REDGATE CO., LTD. |
发明人 |
KIM, KI HYUN;KIM, SANG CHEOL;KWON, JIN HYUN |
分类号 |
G06F21/55;G06F21/56;G06F21/60 |
主分类号 |
G06F21/55 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|