METHOD FOR COLLECTING BLACKMARKET CRAWLER FOR MOBILE MALWARE

摘要

A black-market site collecting system according to the present invention relates to a black-market collecting system for chasing a mobile malware application spreading site. The black-market site collecting system includes: a black-market collecting module configured to collect black-market doubtful websites or black-market application doubtful Android application package (APK) files by using a search word related to a black-market through a portal site, and generate a URL list of the collected black-market doubtful websites; an application static analysis module configured to decompile the collected APK files to get a source code and detect a URL of a website from which the corresponding application is spread; a website analysis module configured to analyze the detected URL of the application static analysis module or each URL pattern of the URL lists to collect APK files and generate an APK collecting pattern rule regarding an APK file collecting path; and a database configured to store the URL list of the collected black-market doubtful websites and the generated APK collecting pattern rule. The present invention provides a black-market site collecting system for analyzing the URL that is expected as a black-market site or the APK files that are expected as a black-market application on the basis of research results through portal sites such as Google, Naver, and Daum to determine whether they are black-market sites. The present invention suggests a method of collecting the black-market site based on a search word. Through the black-market site collecting method, the black-market site may be continuously collected to monitor whether the malware application is spread.