Invention Grant
- Patent Title: Apparatus, system and method for detecting malicious code
- Patent Title (中): 用于检测恶意代码的装置,系统和方法
-
Application No.: US12985252Application Date: 2011-01-05
-
Publication No.: US08955124B2Publication Date: 2015-02-10
- Inventor: Yo Sik Kim , Sang Kyun Noh , Yoon Jung Chung , Dong Soo Kim , Won Ho Kim , Yu Jung Han , Young Tae Yun , Ki Wook Sohn , Cheol Won Lee
- Applicant: Yo Sik Kim , Sang Kyun Noh , Yoon Jung Chung , Dong Soo Kim , Won Ho Kim , Yu Jung Han , Young Tae Yun , Ki Wook Sohn , Cheol Won Lee
- Applicant Address: KR Daejeon
- Assignee: Electronics and Telecommunications Research Institute
- Current Assignee: Electronics and Telecommunications Research Institute
- Current Assignee Address: KR Daejeon
- Agency: LRK Patent Law Firm
- Priority: KR10-2010-0039335 20100428
- Main IPC: G06F21/00
- IPC: G06F21/00 ; G06F21/56
Abstract:
Provided are an apparatus, system and method for detecting malicious code inserted into a normal process in disguise. The apparatus includes a malicious code detection module for extracting information on a thread generated by a process running on a computer system to identify code related to the thread, preliminarily determining whether or not the identified code is malicious and extracting the code preliminarily determined to be malicious; and a forcible malicious code termination module for finally determining the code as malicious code based on an analysis result of behavior of the extracted code executed in a virtual environment and forcibly terminating execution of the code.
Public/Granted literature
- US20110271343A1 APPARATUS, SYSTEM AND METHOD FOR DETECTING MALICIOUS CODE Public/Granted day:2011-11-03
Information query
