Malicious file detection system, malicious file detection device and method

摘要

PURPOSE: A malicious file detection system, a malicious file detection apparatus, and a method for the apparatus are provided to judge a malicious file without a signature by monitoring an operating state while executing an execution file through a virtualization program. CONSTITUTION: A network security device(100) selects and blocks according to a malicious file information and collect an execution file in a network. A malicious file detection device(200) allocates a virtualization window corresponding to the execution file and executes an execution file through a virtualization program. The malicious file detection device judges the existence of a malicious file in the execution file by analyzing the operating state result monitored while executing the execution file.