发明名称 |
METHOD AND APPARATUS FOR DETECTING MALWARE BY CODE BLOCK CLASSIFICATION |
摘要 |
The present invention relates to a method and an apparatus for detecting a malware, and more specifically, to a method and an apparatus for detecting a malware by code block classification. The method for detecting a malware according to an embodiment of the present invention relates to a method wherein an information processing apparatus detects a malware by using the information about a basic malware stored in a database, and comprises the steps of: classifying an executable code into at least one code block; extracting a specific value from the code block; analyzing a similarity of the executable code for the basic malware based on the specific value; and classifying the executable code into a malware pertaining to the basic malware according to the similarity. The present invention is designed to provide a method and an apparatus for detecting malware capable of accurately detecting and classifying a mutated malware generated by reusing the conventional code. |
申请公布号 |
KR20160082644(A) |
申请公布日期 |
2016.07.08 |
申请号 |
KR20140192799 |
申请日期 |
2014.12.30 |
申请人 |
THE INDUSTRY & ACADEMIC COOPERATION IN CHUNGNAM NATIONAL UNIVERSITY (IAC) |
发明人 |
JO, JE GYEONG;KIM, HYONG SHIK;PARK, HAE RYONG;RYOU, JAE CHEOL |
分类号 |
G06F21/56 |
主分类号 |
G06F21/56 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|