Abstract: Provides an apparatus for detecting variants of malicious code based on neural network learning, a method therefor and a computer readable recording medium storing a program for performing the method. According to the present invention, one-dimensional binary data is converted into two-dimensional data without separate extraction of features, and deep learning is performed through a neural network having a nonlinear multilayered structure, such that the features of the malicious code and variants thereof may be extracted by performing the deep learning. Therefore, since no separate feature extraction or artificial effort by an expert is required, an analysis time is reduced, and variants of malicious code that cannot be captured by existing malicious code classification tools may be detected by performing the deep learning.

Abstract: An apparatus for LAN booting environment-based file security and centralization, a method therefor, and a computer-readable recording medium recorded with a program for performing the method are proposed. The apparatus can include a central server including a storage module for storing a plurality of operating system images; a communication module for communicating with a user device; and a LAN booting management module configured to, when receiving a LAN booting start request message from the user device through the communication module, select an operating system image that can be used in the user device among the plurality of operating systems according to user device information, and transmit the selected operating system image, a user apparatus corresponding to the same, a method for LAN booting environment-based file security and centralization of these devices, and a computer-readable recording medium recorded with a program for performing the method.

Abstract: An apparatus for selecting a representative token of the present invention includes a token graph generation unit configured to extract a plurality of tokens from a plurality of detection names for malicious files and generate a detection name token graph representing a relationship between the extracted plurality of tokens, and a representative token selection unit configured to select a representative detection name token for the input file based on the detection name token graph.