Abstract: The present invention relates to a system and method for analyzing a repackaged application through risk calculation, and more specifically, to a system and method for analyzing a repackaged application through risk calculation, which confirms existence of a malicious code by scoring whether or not an application installed in an Android smart phone is repackaged. According to the present invention, malicious applications classified as a repackaged mutant may be extensively detected.

Abstract: Disclosed is a malicious code blocking system including: a fake website detector that repeatedly accesses a website to be monitored to detect an attack, stores a detection log of the attacked site, and provides a URL address of the attacked site or server; a malicious URL storage that temporarily stores a URL address of the attacked site or server and stores a status flag indicating whether or not a malicious URL list containing information on malicious URLs changes; and a URL filter associated with a user terminal to monitor a network packet transmitted or received by the user terminal, check whether or not the status flag changes in a case where DNS query request for visiting a specific site is generated, and update a malicious URL list containing information on a malicious URL based on information stored in the malicious URL storage if the status flag changes.