首页>
外国专利>
DEVICE AND METHOD OF DETECTING POLYMORPHIC MALICIOUS CODE
DEVICE AND METHOD OF DETECTING POLYMORPHIC MALICIOUS CODE
展开▼
机译:检测多态恶意代码的装置和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
A malicious code detecting method and an apparatus thereof are provided to detect the malicious code through a new method, not the pattern matching by analyzing the operation branched from a starting section including an execution start point to determine whether an executable file is the malicious code. By classifying received data packets according to sessions between an external server and each user system, files corresponding to each session are restored(S410~S430). An executable file having the executable format is extracted from the files(S440). According to the operation branched from a starting section including an execution start point, it is determined whether the executable file is the malicious code(S450).
展开▼