Patent application number | Description | Published |
20090158434 | Method of detecting virus infection of file - Provided is a method of detecting virus infection of a file. The method includes the steps of a) copying an original file, and converting and simplifying data of the copied file; b) normalizing the simplified file data; c) acquiring distribution of similarity between data using the normalized file data; and d) analyzing the acquired distribution of similarity between data, and determining that the file is virus-infected when a preset dense distribution pattern exists. Thus, the method can effectively determine whether or not the file is infected with a virus without using a database (DB) of spam filtering or virus information. | 06-18-2009 |
20090165137 | Mobile device having self-defense function against virus and network-based attacks and self-defense method using the same - Provided are a mobile device having a self-defense function against virus and network-based attacks and a self-defense method using the same. The mobile device includes a virus checking module, which receives information on files required for virus checking on a basis of input/output (I/O) information created from a file system of an operating system, and determines whether or not the files are infected with a virus using distribution of similarity between data; a malicious packet determination module, which examines information on an Internet protocol (IP) packet created from a network to interrupt a denial-of-service attack (DoS attack); and a control module, which receives the I/O information created from the file system of the operating system, selects the files required for the virus checking, and transmits the selected files to the virus checking module, or receives information on the IP packet created from the network to transmit the received information to the malicious packet determination module, thereby preventing damage caused by the virus in advance, and effectively preventing a denial-of-service attack (DoS attack) caused by wireless network resource depletion and battery consumption that may occur in a wireless environment. | 06-25-2009 |
Patent application number | Description | Published |
20120036572 | SYSTEM-ON-A-CHIP MALICIOUS CODE DETECTION APPARATUS FOR A MOBILE DEVICE - System-on-chip (SoC)-based apparatus for detecting malicious code in portable terminal is provided. SoC-based apparatus includes SoC including central processing unit (CPU) configured to generally control respective units of SoC for SoC-based malicious code detection, SoC memory-based firewall configured to classify packets input from outside through network interface unit, perform filtering operation, such as allowing operation and dropping operation, on the classified packets according to a predetermined setting, and output the result of the filtering operation to an application memory or an anti-malware engine, the SoC memory-based anti-malware engine configured to detect malicious code by performing a pattern-matching operation between a code pattern in a file input from the firewall and a pattern of malicious code registered in a malware signature database (DB) of a mobile device application unit, and an SoC memory-based control module configured to control operation of the firewall and the anti-malware engine in connection with the CPU. | 02-09-2012 |
20120042375 | SYSTEM-ON-CHIP MALICIOUS CODE DETECTION APPARATUS AND APPLICATION-SPECIFIC INTEGRATED CIRCUIT FOR A MOBILE DEVICE - System-on-chip (SoC) and application-specific integrated circuit (ASIC)-based apparatus for detecting malicious code in portable terminal is provided. Apparatus includes SoC including hardware-based firewall packet-filtering packet received from outside through media access control unit according to setting of firewall setting unit in SoC memory and storing filtered packet in application memory or transferring filtered packet to anti-malware engine, hardware-based anti-malware engine detecting malicious code by performing pattern-matching operation between code pattern in file transferred from firewall or file received through input/output (I/O) interface unit and pattern of malicious code registered in malware signature database (DB) of mobile device application unit, SoC memory providing setting of firewall and support file decoding function for file format recognition of anti-malware engine, and hardware-based controller controlling switching operation to transfer file filtered by firewall directly to application memory or to anti-malware engine and control malicious code detection cycle of anti-malware engine. | 02-16-2012 |
20140196149 | ANTI-MALWARE SYSTEM, METHOD OF PROCESSING DATA IN THE SAME, AND COMPUTING DEVICE - Provided are an anti-malware (AM) system, a method of processing data in the AM system, and a computing device including the AM system. The AM system includes a hardware-based AV engine configured to perform hash matching on data for AV scanning of the data, and an AV function module configured to determine whether or not the data includes a virus pattern on the basis of a result of the hash matching. | 07-10-2014 |
20140201828 | ANTI-MALWARE SYSTEM, METHOD OF PROCESSING PACKET IN THE SAME, AND COMPUTING DEVICE - An anti-malware (AM) apparatus includes: a hardware-based firewall (FW) engine, including a packet matching engine configured to perform matching of a packet with a plurality of FW rules, and to generate a matching results; and an FW function module configured to determine an action for filtering the packet on the basis of the matching result. | 07-17-2014 |