Abstract: A system and method for analyzing a patch file determine the similarity between a patch file of an application program and an existing file in terms of an operation pattern and a file type and also determine whether risky behavior is performed by the patch file, thereby detecting a file disguised as a patch file. The system for analyzing a patch file includes: a program analysis module configured to collect setup information configured in an application program and generate the collected information as reference information; a reference information database (DB) configured to store the reference information; a patch file analysis module configured to generate setup information configured in a patch file of the application program as patch information by analyzing the patch file; and a comparison module configured to search for reference information and compare the patch information with the reference information.

Abstract: Provided is a security device and method that protect a data processing system from various types of malicious code and prevent the divulgence of data and erroneous operation. The security device for a data processing system includes: an execution module configured to be called by a security loader when a stub file, including a security loader formed in a routine form and a stub composed of an original executable file, is executed, and to perform processing so that the original executable file restored from the stub by the security loader is executed; and a monitoring module configured to monitor the operation of the data processing system attributable to the execution of the restored original executable file.

Abstract: A file security management apparatus and method which protect various types of systems for executing files, entering from the outside, from malicious code, and which prevent data from being divulged from the systems and also prevent the systems from operating erroneously, thereby ultimately protecting the systems. The file security management apparatus includes a conversion module configured to convert an incoming file, received by a system, into a monitoring target file; a search module configured to identify a selection for the execution of the monitoring target file, and to output incoming files, configured in the monitoring target file, into a search window; and a security module configured to decrypt the monitoring target file to the incoming file, and to perform processing so that the incoming file is executed via a corresponding application program in an isolated drive set as an isolated environment.

Abstract: A system and method for analyzing a patch file determine the similarity between a patch file of an application program and an existing file in terms of an operation pattern and a file type and also determine whether risky behavior is performed by the patch file, thereby detecting a file disguised as a patch file. The system for analyzing a patch file includes: a program analysis module configured to collect setup information configured in an application program and generate the collected information as reference information; a reference information database (DB) configured to store the reference information; a patch file analysis module configured to generate setup information configured in a patch file of the application program as patch information by analyzing the patch file; and a comparison module configured to search for reference information and compare the patch information with the reference information.

Abstract: A local environment protection method and system for a terminal against malicious code in link information, which are capable of preventing malicious code from being installed on a terminal without permission by selecting a text, an image, or the like included in the posted content of the body of an email, one of various webpages, or the like. The method includes a link information checking step of checking the presence of link information of content that is to be received by a general communication module and then changing a communication protocol set in the connection path information of the link information; a virtual communication module execution step of checking the content selection of a user, and executing a communication connection via the connection path of the changed communication protocol; and a content execution step of storing external data in a virtual area.

Abstract: A system and method for inspecting data through file format conversion, which filter out various types of malicious code attached to data, entering into a terminal from the outside and stored in the terminal, by inspecting the data, thereby enabling the stable execution of the data. The method includes a stored file inspection step of converting the file format of a stored file inside the terminal and then restoring the converted file format to an original file format.

Abstract: A file security management apparatus and method which protect various types of systems for executing files, entering from the outside, from malicious code, and which prevent data from being divulged from the systems and also prevent the systems from operating erroneously, thereby ultimately protecting the systems. The file security management apparatus includes a conversion module configured to convert an incoming file, received by a system, into a monitoring target file; a search module configured to identify a selection for the execution of the monitoring target file, and to output incoming files, configured in the monitoring target file, into a search window; and a security module configured to decrypt the monitoring target file to the incoming file, and to perform processing so that the incoming file is executed via a corresponding application program in an isolated drive set as an isolated environment.

Abstract: Provided is a security device and method that protect a data processing system from various types of malicious code and prevent the divulgence of data and erroneous operation. The security device for a data processing system includes: an execution module configured to be called by a security loader when a stub file, including a security loader formed in a routine form and a stub composed of an original executable file, is executed, and to perform processing so that the original executable file restored from the stub by the security loader is executed; and a monitoring module configured to monitor the operation of the data processing system attributable to the execution of the restored original executable file.

Abstract: A system for controlling exit of saved data from a security zone, comprising an access control device, the access control device comprising an access detection module for detecting access of an application to a security zone and access of an application to a general zone, a target checking module for comparing the application, detected by the access detection module, with a list and then controlling access of the application to the security zone and access of the application to the general zone, and a processing control module for controlling writing of data of the application to the general zone.

Abstract: A system for controlling exit of saved data from a security zone, comprising an access control device, the access control device comprising an access detection module for detecting access of an application to a security zone and access of an application to a general zone, a target checking module for comparing the application, detected by the access detection module, with a list and then controlling access of the application to the security zone and access of the application to the general zone, and a processing control module for controlling writing of data of the application to the general zone.

Abstract: An application-based access control system is disclosed. The access control system includes a Virtual space of a hard disk in a file form; a VSD drive for processing security-sensitive access control module 50 files within the VSD image file module; an encryption and decryption module for encrypting and decrypting data input/output between the VSD image file module and the VSD drive; a VSD file system module for allowing an operating system to recognize a separate disk volume at a time of access to the security-sensitive files within the VSD image file module; and an access control module for determining access by determining whether an access location is a disk drive or the VSD drive and the application module has been authorized to access a certain file at a time of access to the file, which is stored on the hard disk, to perform tasks in the application module.

Abstract: This invention relates to an Internet searching method, and which is characterized to be proceeded by: a hyper link information searching process for visiting the linked web documents and storing by searching a keyword contained in the web document and contents related to the keyword; an index constructing process for constructing an index by making the keyword of searched hyper link and contents related to the keywords to be data base; and a keyword handling process which searches a keyword connected by hyper link to the inputted keyword when the keyword is inputted, and outputting to one portion of screen by constructing a predetermined conceptional drawing in accordance with connecting strength between each other of searched keywords, and outputting data picture screen indicating address and content for keyword in order to be able to see detailed content of the keywords consisting of conceptional drawing to remaining portion, and which provides an Internet searching method utilizing hyper link informati