公开(公告)号：US11934495B2

公开(公告)日：2024-03-19

申请号：US17262745

申请日：2018-11-26

Applicant: FOUNDATION OF SOONGSIL UNIVERSITY-INDUSTRY COOPERATION

Inventor： Jeong Hyun Yi ,  Min Koo Kang

IPC: G06F21/14 ,  G06F8/41 ,  G06F8/75 ,  G06F16/903 ,  G06F21/64

CPC classification number: G06F21/14 ,  G06F8/427 ,  G06F8/75 ,  G06F16/90344 ,  G06F21/64

Abstract: A device for automatically identifying anti-analysis techniques by using the signature extraction, includes an extraction unit which extracts a DEX file and an ELF file from an application file after unpacking the application file, which is in an APK format and includes compressed execution code to be executed on Android, a detection unit which receives the acquired signature classified according to types of the signature, analytically compares the input signature with the signature stored in a database, and detects the signature used in anti-analysis techniques, and a determination unit which determines according to the detected signature what anti-analysis technique is applied to the application. According to the present invention, it is possible to enable an appropriate and quick response to damages due to malicious applications by shortening the time required for analysis and automatically recognizing the application to which the anti-analysis technique is applied.