SYSTEM FOR COLLECTING/ANALYSING BOT AND A METHOD THEREFOR, CAPABLE OF ANALYZING AND MANAGING WHETHER ANALYZED LOGS ARE BOTTED

摘要

PURPOSE: A system for collecting/analyzing bot and a method therefor are provided to collect added files and malicious codes included in a spam mail and a URL(Uniform Resource Locator) for accessing a website, thereby analyzing the added files and malicious codes under an operation system of a virtual environment.;CONSTITUTION: An operating system generates a log by accessing a botnet C&C(Command&Control) server according as a URL visiting log and an execution log are generated. A bot analysis/management module(300) derives that the URL visiting log and the execution log are botnet logs. The bot analysis/management module classifies pattern of the derived botnet logs. The bot analysis/management module stores and manages the classified botnet logs by each pattern.;COPYRIGHT KIPO 2010