With development of the IT industry, computers and networks have become indispensable in daily life. For example, people have been accustomed to processing various data, searching different kinds of information, shopping and exchanging data via network by computers. Furthermore, network services such as setting an account with an E-credit card, ordering via the Internet and withdrawing money from a web ATM are also frequently used.
When using the aforesaid network services, the users usually have to transmit data having private information of the users to the network service providers via the network, wherein the private information may comprise account/password information, an ID card No., online transaction records or the like. Typically, the data having the private information of the users is transmitted through a browser interface. Hence, many hackers use existing bugs of the browser interface to steal the data transmitted to the network service providers, thereby causing breaching events of private information.
For example, after a user inputs an account/password in a webpage of a network service provider (e.g., Yahoo) and logs in a membership page, the data associated with the Yahoo account/password inputted by the user will be stored in the user's computer with a storage path and a data name. Later, when the user wants to log in the Yahoo webpage again, the computer can access the data associated with the Yahoo account/password via the storage path and the data name, so the user can log in the membership page directly. In this process, hackers may use browser bugs to execute a malware through an encoded scripting language and transmit the data having the Yahoo account/password via the browser to a network address assigned in advance by the hacker.
To solve this problem, prior art provides software for detecting the malware, wherein the software analyzes different malwares and establishes a database of different malwares signatures. Accordingly, the malwares can be detected according to the malware signatures, the software further avoids running the malwares and transmitting the data having private information of the user to the network address assigned in advance by the hacker.
However, because of properties of the scripting language, it is not only difficult for the conventional malware detecting software to detect malwares executed by scripting languages, but also impossible to establish a database having general signatures for all malwares. In other words, the conventional malware detecting software would fail to detect and analyze a malware if the scripting language of the malware is processed through other coding modes.
Accordingly, as the network services become sophisticated while the malwares are flooding, there remains a need for solutions to safeguard private information against threats such as improper transmission by the malwares.