THE IMPLEMENTATION METHOD OF TOTAL SYSTEM SECURITY MANAGEMENTS SOLUTION WHICH SUPPORTS ANTI-VIRUS FUNCTION AND PATCH MANAGEMENT FUNCTION AND EARLY WARNING OF THE EMERGENCE OF MALICIOUS CODES WHICH IS BASED ON INSERTION OF THE PARTICULAR DESIGNED DIGITAL MARK AND THE NEW DETECTION AND REMOVAL ALGORITHEM OF THE MALICIOUS FILES

摘要

A method for implementing a total system security solution providing a new malicious detecting/removing function, a patch management function, and an early warning function based on insertion of specially designed electronic mark into a file and basic property of the file is provided to promote a fast Internet environment by providing a function for remarkably reducing zero days when a new malicious code is appeared, and previously blocking Internet availability risk. A basic security setting module is performed for preventing re-infection of the malicious code. File alternation is managed by inserting an electronic mark into each file. The malicious code is detected and removed based on the electronic mark and malicious file installation attribute. An abnormal process is detected and removed based on a technology database and a statistics database. The new malicious file is searched, detected, and removed based on the electronic mark, the malicious file installation attribute, and a statistical determination rule database. A precise malicious code detecting/removing environment file customized to each customer is provided by discriminating a global policy database and a local policy database for supporting previously steps.