摘要 |
PURPOSE: A malicious code diagnostic device using diagnosis data classified into each compiler and a method thereof are provided to efficiency reduce a malicious code diagnostic time by remarkably reducing a comparison frequency of the diagnostic data. CONSTITUTION: A PE(Portable Executable) file collector(300) collects a PE files, which are a target for checking a malicious code in a computer. A compiler classifier(302) classifies compilers by analyzing the compiler generating each collected PE file. A diagnostic unit(304) diagnoses the malicious code from the collected PE files by using diagnostic data set to each classified compiler.
|