Apparatus and method for diagnosing malicious applications

Assignee

• AHNLAB, INC. · KR

Inventors

• Seungwon Lee · Seoul, KR
• Donghyun Kang · Seoul, KR
• Seol Woo Joo · Seojong-myeon, KR
• Yonggoo Kim · Seoul, KR
• Changyeon HWANG · Seojong-myeon, KR

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04W12/128
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

An apparatus for diagnosing malicious applications includes: a signature storage unit which stores malicious application executable files, which can be run in a mobile operating system, and common feature information of variant files derived from said malicious application executable files as signature data for diagnosing maliciousness; an information collection unit which collects information corresponding to common feature information from executable files which are targeted for diagnosis and are diagnosed as malicious or not; a diagnosis determination unit which compares the corresponding information collected by the information collection unit with the common feature information stored in the signature storage unit in order to determine whether the application executable files are malicious; and a result provision unit which provides the results of the determination of whether the application executable files are malicious from the diagnosis determination unit.