According to developments in communication and interact, an electronic device can provide various functions such as a camera, messenger, voice and video communication, and social network service. The electronic device can download various applications or contents through an application market such as an appstore, A malicious code generating a harmful behavior can be included in the applications and contents, and information spill or illegal charging can be generated without consent of users, A trend in which applications include a malicious code is increasing, and thereby various methods for preventing damages due to the malicious code are required.
Generally, in order to detect a malicious code, a method for detecting a danger of an application is performed by comparing a pattern identified as a malicious code during installation of the application with a recorded database (DB); or a method for identifying whether a corresponding application is malicious is performed by monitoring a behavior of the installed application (for example, transmission and reception of a communication packet) and comparing the pattern of behavior with a DB that includes patterns of malicious behaviors.
However, such methods for detecting a malicious code do not account for a possibility that damages may have already occurred as a result being exposed to the malicious code before a user can identify a dangerous aspect of the corresponding application.