公开(公告)号：KR1020030050085A

公开(公告)日：2003-06-25

申请号：KR1020010080475

申请日：2001-12-18

Applicant: 한국전자통신연구원

Inventor： 이승수 ,  오형근 ,  배병철 ,  고재영

IPC: G06F15/16

Abstract: PURPOSE: A method for detecting a pernicious java applet in a proxy server is provided to prevent a damage caused by a pernicious java applet and to monitor the pernicious java applet without increasing a load of a proxy server. CONSTITUTION: A signature verification is executed with respect to a class file entered in a proxy server(20). A hashing of the class file is executed(22). If a method to be substituted exists(24), the method is substituted(26). In the case that a code for a monitoring is inserted into the substituted method, a monitoring package is inserted in accordance with a set security policy(30). A monitoring code insertion unit discriminates a pernicious code by morning a code transfer or the amount of resources. A new code, which is inserted monitoring code, is signed again(28), and the new code is transmitted to a client(40).

Abstract translation: 目的：提供一种用于检测代理服务器中的恶意Java小应用程序的方法，以防止恶意Java小程序造成的损坏，并监视恶意Java小应用程序，而不增加代理服务器的负载。 构成：对代理服务器（20）中输入的类文件执行签名验证。 执行类文件的散列（22）。 如果存在替代方法（24），则替换方法（26）。 在将替代代码插入替代方法的情况下，根据设定的安全策略（30）插入监视包。 监控代码插入单元通过早上识别代码转移或资源量的恶意代码。 插入监控代码的新代码再次被签名（28），新的代码被传送给客户端（40）。