首页>
外国专利>
MALICIOUS CODE DETECTION METHOD USING VIRTUAL ENVIRONMENT, CAPABLE OF REDUCING WRONG DETECTION RATE BY REGISTERING PROCESS, NETWORK, FILE GENERATION, AND REGISTRY AS EXCEPTIONAL MATTERS
MALICIOUS CODE DETECTION METHOD USING VIRTUAL ENVIRONMENT, CAPABLE OF REDUCING WRONG DETECTION RATE BY REGISTERING PROCESS, NETWORK, FILE GENERATION, AND REGISTRY AS EXCEPTIONAL MATTERS
PURPOSE: A malicious code detection method using virtual environment is provided to increase the efficiency of malicious code detection by comprehensively analyzing newly created process, network connection, files, and registry information.;CONSTITUTION: An attached file is separated from a received mail. The attached file is transmitted to a distributor(S1). The transmitted attached file is transmitted to an attached file analyzer(S2). The characteristic of the transmitted attached file is analyzed. The analyzed attached file is transmitted to a virtual environment analyzer(S3). The existence of the malicious code is determined by executing the transmitted attached file in the virtual environment(S5). If the malicious code is detected in the attached file, a separate document file is notified to an e-mail recipient(S6).;COPYRIGHT KIPO 2010
展开▼
