SYSTEM AND METHOD FOR DETECTING MALICIOUS CODE BASED ON WEB

摘要

A system and method for detecting malicious code based on the Web are disclosed herein. The system includes a Uniform Resource Locator (URL) collection unit, a data crawling unit, a malicious code candidate extraction unit, and a secure pattern filtering unit. The URL collection unit collects and stores the URL information of a web server. The data crawling unit crawls and stores the contents data of a website. The malicious code candidate extraction unit detects a pattern, matching previously stored malicious pattern information, in the stored data, and extracts an event including the detected pattern as a malicious code candidate. The secure pattern filtering unit detects a pattern, matching previously stored secure pattern information known as being secure, in the extracted malicious code candidate, filters out the event including the detected pattern from the extracted malicious code candidate, and outputs a remaining malicious code candidate as malicious code.