APPARATUS AND METHOD FOR THE DETECTION OF DRIVE-BY DOWNLOAD USING UNUSUAL BEHAVIOR MONITORING

摘要

The present invention relates to a drive-by download detection apparatus using abnormal behavior monitoring and a method thereof, and a drive-by download detection apparatus using abnormal behavior monitoring according to an embodiment of the present invention is a drive-by download (hereinafter referred to as "DBD"). An analysis DB for storing a first analysis target URL for detection; An IE execution unit for executing the first version of Internet Explorer using the first analysis target URL; An abnormal behavior monitoring unit for monitoring whether an abnormal behavior occurs by executing the first version of Internet Explorer; An abnormal behavior analysis unit for determining a DBD detection by performing a correlation analysis on the monitored abnormal behavior monitoring results; And a DBD detection operation unit for determining and processing a DBD detection operation process according to the determined DBD detection determination result.