Advanced Unknown Malicious Code Detection Model

As IT technology increases, it became part of our life. Because of change in numbers, the files and
data used in IT also increased. With simple data and file, malicious codes also increased in great
number. This malicious code leads too many problems in the society. In fact, recently, new malicious
codes that have not been detected yet are used in attacks such as APT (Advanced Persistent
Threat). These codes became problem and lead to great damages. Thus, the speed of finding the
undefined malicious code and making countermeasures became one of the important key words of
the security. However, finding new malicious codes that is currently in action seems impossible. In
order to find the malicious codes faster, there are researches on finding the special properties of the
malicious code’s file or action pattern. Through finding the properties of the codes, detecting the
malicious codes became more effective and the results are satisfactory. This research will find the
relation of malicious code’s file property, behavior property, and property of each group or group
as a hole in order to effectively detect the code that is suspicious of being malignant effectively and
precisely. Thus, this paper will present a way to apply priority when it comes to detecting malicious
code.