-
1.发明申请SEED INFORMATION COLLECTING DEVICE AND METHOD FOR DETECTING MALICIOUS CODE LANDING/HOPPING/DISTRIBUTION SITES 审中-公开收集信息的收集信息和检测恶意代码登陆/篡改/分发站点的方法公开(公告)号:US20120167220A1
公开(公告)日:2012-06-28
申请号:US13304986
申请日:2011-11-28
申请人: Jong-Il Jeong , Chae-Tae Im , Joo-Hyung Oh , Hong-Koo Kang , Jin-Kyung Lee , Byoung-Ik Kim , Seung-Goo Ji , Tai-Jin Lee , Hyun-Cheol Jeong
发明人: Jong-Il Jeong , Chae-Tae Im , Joo-Hyung Oh , Hong-Koo Kang , Jin-Kyung Lee , Byoung-Ik Kim , Seung-Goo Ji , Tai-Jin Lee , Hyun-Cheol Jeong
IPC分类号: G06F11/00
CPC分类号: G06F21/563
摘要: Provided is seed information collecting device for detecting malicious code landing/hopping/distribution sites. The device comprises: a seed information collecting module collecting social issue keywords from a seed information collecting channel and collecting address information of potential malicious code landing/hopping/distribution sites using the collected social issue keywords; a web source code collecting module collecting web source code of the potential malicious code landing/hopping/distribution sites using the address information of the potential malicious code landing/hopping/distribution sites collected by the seed information collecting module; and a policy management module managing collection policies of the seed information collecting module and the web source code collecting module.
摘要翻译: 提供了用于检测恶意代码登陆/跳跃/分发站点的种子信息收集装置。 该装置包括:种子信息收集模块,从种子信息采集通道收集社会问题关键词,并使用所收集的社会问题关键词收集潜在的恶意代码登陆/跳出/分发站点的地址信息; 网站源代码收集模块,利用种子信息收集模块收集的潜在恶意代码登陆/跳跃/分发站点的地址信息,收集潜在恶意代码登陆/分发站点的网站源代码; 以及策略管理模块,其管理种子信息收集模块和web源代码收集模块的收集策略。
-
2.发明申请AUTOMATIC MANAGEMENT SYSTEM FOR GROUP AND MUTANT INFORMATION OF MALICIOUS CODES 审中-公开自动管理系统,用于组合和错误信息的恶意代码公开(公告)号:US20120311709A1
公开(公告)日:2012-12-06
申请号:US13304981
申请日:2011-11-28
申请人: Hong-Koo Kang , Chae-Tae Im , Joo-Hyung Oh , Jong-Il Jeong , Jin-Kyung Lee , Byoung-Ik Kim , Hyun-Cheol Jeong , Seung-Goo Ji , Tai-Jin Lee
发明人: Hong-Koo Kang , Chae-Tae Im , Joo-Hyung Oh , Jong-Il Jeong , Jin-Kyung Lee , Byoung-Ik Kim , Hyun-Cheol Jeong , Seung-Goo Ji , Tai-Jin Lee
IPC分类号: G06F21/00
摘要: An automatic management system includes a malicious code group-mutant storage module that receives a malicious codes analysis result from a malicious code collection-analysis system and extracts group information and mutant information of the malicious codes based on the malicious code analysis result, a malicious code group-mutant DB that stores the extracted group information and mutant information, a malicious code group-mutant management module that provides interface to allow a user to detect the group information and mutant information stored in the malicious code group-mutant DB, and a visualizing module that outputs the detection result to the user, wherein the malicious code group-mutant management module that groups malicious codes having action associations using the group information and mutant information stored in the malicious code group-mutant DB, outputs the group information through the visualizing module and outputs the mutant information based on CFG similarity and string similarity through the visualizing module.
摘要翻译: 自动管理系统包括恶意代码组 - 突变存储模块,其从恶意代码收集分析系统接收恶意代码分析结果,并基于恶意代码分析结果提取恶意代码的组信息和突变信息,恶意代码 存储提取的组信息和突变体信息的组突变体DB,恶意代码组突变体管理模块,其提供接口以允许用户检测存储在恶意代码组突变体DB中的组信息和突变信息,以及可视化 向用户输出检测结果的模块,其中,使用存储在恶意代码组突变体DB中的组信息和突变信息分组具有动作关联的恶意代码的恶意代码组突变体管理模块通过可视化输出组信息 模块并输出基于CFG相似度的突变信息 通过可视化模块进行字符串相似。
-
搜索结果
2 条记录 (耗时 0.012 秒)
