首页> 外国专利> SYSTEM AND A METHOD FOR DETECTING UNKNOWN MALICIOUS CODES BY ANALYZING KERNEL BASED SYSTEM EVENTS, PARTICULARLY BY COMPARING BEHAVIOR DATA WITH DEFINED HARMFUL BEHAVIORS

SYSTEM AND A METHOD FOR DETECTING UNKNOWN MALICIOUS CODES BY ANALYZING KERNEL BASED SYSTEM EVENTS, PARTICULARLY BY COMPARING BEHAVIOR DATA WITH DEFINED HARMFUL BEHAVIORS

机译：通过分析基于核的系统事件，特别是通过将行为数据与定义的有害行为进行比较来检测未知恶意代码的系统和方法

页面导航

摘要
著录项
相似文献

摘要

PURPOSE: A system and a method for detecting unknown malicious codes by analyzing kernel based system events are provided to detect a process or module causing a harmful behavior by comparing behavior data with the defined harmful behavior.;CONSTITUTION: A monitoring deriver(10) collects event data by monitoring an event in real time, wherein the event occurs a kernel level or system. A malicious code detecting and processing unit(20) configures behavior data from the event data and compares the behavior data with the defined harmful behaviors. The behavior data correspond to the harmful behavior, the malicious code detecting and processing unit processes the harmful behaviors.;COPYRIGHT KIPO 2010

机译：目的：提供一种通过分析基于内核的系统事件来检测未知恶意代码的系统和方法，以通过将行为数据与定义的有害行为进行比较来检测导致有害行为的进程或模块。组成：监控派生工具（10）收集通过实时监视事件来获取事件数据，其中该事件发生在内核级别或系统级别。恶意代码检测和处理单元（20）根据事件数据配置行为数据，并将行为数据与定义的有害行为进行比较。行为数据与有害行为相对应，恶意代码检测和处理单元处理有害行为。; COPYRIGHT KIPO 2010

著录项

公开/公告号KR20100078081A

专利类型
公开/公告日2010-07-08

原文格式PDF
申请/专利权人 SAINT SECURITY CO. LTD.;KOREA INTERNET & SECURITY AGENCY;
展开▼

申请/专利号KR20080136230
发明设计人 KIM KI HONG;NOH SANG KYUN;OH JOO HYUNG;JI SEUNG GOO;JUNG GA RAM;JEONG HYUN CHEOL;IM CHAE TAE;
展开▼

申请日2008-12-30
分类号G06F21/00;G06F11/28;G06F9/00;
国家 KR
入库时间 2022-08-21 18:32:19

相似文献

专利
外文文献
中文文献