Abstract: The present invention relates to a system and method for analyzing a repackaged application through risk calculation, and more specifically, to a system and method for analyzing a repackaged application through risk calculation, which confirms existence of a malicious code by scoring whether or not an application installed in an Android smart phone is repackaged. According to the present invention, malicious applications classified as a repackaged mutant may be extensively detected.
Type:
Application
Filed:
September 6, 2013
Publication date:
March 20, 2014
Applicant:
ESTsecurity Co., Ltd.
Inventors:
Ki Beom Shim, Myung Kuc Hwang, Jong Chul Kim, Jun Seob Kim
Abstract: Disclosed is a malicious code blocking system including: a fake website detector that repeatedly accesses a website to be monitored to detect an attack, stores a detection log of the attacked site, and provides a URL address of the attacked site or server; a malicious URL storage that temporarily stores a URL address of the attacked site or server and stores a status flag indicating whether or not a malicious URL list containing information on malicious URLs changes; and a URL filter associated with a user terminal to monitor a network packet transmitted or received by the user terminal, check whether or not the status flag changes in a case where DNS query request for visiting a specific site is generated, and update a malicious URL list containing information on a malicious URL based on information stored in the malicious URL storage if the status flag changes.
Type:
Application
Filed:
May 16, 2013
Publication date:
November 21, 2013
Applicants:
ESTSECURITY CO., LTD., ESTSOFT CORP.
Inventors:
Ki Beom SHIM, Myung Kuc HWANG, Jong Chul KIM, Jong Hwa PARK