Abstract: In an apparatus and method for protecting resources of a computing system from a malicious code by selective virtualization, at least a part of the resources is classified as compulsory resources for executing a program on the computing system. When a vulnerable program executed in a separate space attempts to access one of the compulsory resources, an operating system level virtualization is performed. Further, when the vulnerable program attempts to access one of the resources of the computing system which is other than the compulsory resources, the vulnerable program is permitted to access a modified resource which is generated by modifying content of the resource.

Abstract: Provided are a terminal and a file distributor determining method of the terminal. According to embodiments of the present invention, files pre-executed in the terminal and distributor information of the files are cached. When a new file is generated in the terminal, the new file and the cached files are compared, and distributor information of the new file is extracted so as to prevent the spread of a malicious code in advance.

Abstract: An apparatus for preemptively protecting against malicious code by selective virtualization comprises: a compulsory resource storage unit which selects and stores compulsory resources required for executing a vulnerable program having an interface with an external source in a separated space; a modified resource-generating unit which generates a new resource by modifying the content of a resource accessed by the vulnerable program in the event the vulnerable program accesses a resource other than said compulsory resources; and a resource control unit which performs an operating system-level virtualization when the vulnerable program accesses the compulsory resource, and permits the vulnerable program to access the modified resource when the vulnerable program accesses a resource other than the compulsory resource.