Search International and National Patent Collections

1. (WO2018016671) DANGEROUS CODE DETECTION SYSTEM FOR CHECKING SECURITY VULNERABILITY AND METHOD THEREOF

Pub. No.:    WO/2018/016671    International Application No.:    PCT/KR2016/008749
Publication Date: Fri Jan 26 00:59:59 CET 2018 International Filing Date: Wed Aug 10 01:59:59 CEST 2016
IPC: G06F 21/12
G06F 21/55
G06F 21/56
G06F 21/60
Applicants: EVENSTAR CO., LTD.
주식회사 이븐스타
Inventors: OH, Seung Hyun
오승현
KIM, Seung Joon
김승준
LEE, Sang Kwon
이상권
Title: DANGEROUS CODE DETECTION SYSTEM FOR CHECKING SECURITY VULNERABILITY AND METHOD THEREOF
Abstract:
The present invention relates to a dangerous code detection system for checking a security vulnerability and a method thereof and, specifically, to a dangerous code detection system and a method thereof, which can previously detect a source code vulnerable to security risks from a source file to be checked for a security vulnerability and provide information on the same, thereby minimizing the time and system load required to analyze the security vulnerability. Also, the present invention comprises: a compiling unit for compiling a source file to generate a class file from the same; an analysis unit for generating a hierarchical structure tree by analyzing the class file; a detection unit for detecting a method to be analyzed where a dangerous code is assumed to exist, on the basis of the hierarchical structure tree; and a configuration unit for classifying the methods to be analyzed according to predetermined types and generating a priority list for checking a security vulnerability, whereby it is possible to check only a highly dangerous method without a total inspection of the source file. Therefore, the time and system load required to analyze the security vulnerability can be minimized.