A malignant code refers to software which is intentionally produced to carry out malicious activities such as system destruction and information outflow against the intention and interest of a user.
A myriad of malignant codes are produced everyday and are predominantly disseminated through websites. Malignant codes come out into the world by detouring vaccines or passing through vaccine tests. Thus, difficulties are involved in detecting the installation and execution of malignant codes.
In particular, an exploit code, one of malignant codes having aggressive characteristics, is hidden in a website showing a vulnerable security level and is disseminated to users who gain access to the website. The exploit code is often written in JavaScript and is usually made hard to read by virtue of code obfuscation. In some cases, the exploit code has a property of being dynamically changed each time when a user pays a visit to the website. Such an exploit code makes it difficult to perform a patterning work for the detection thereof with a vaccine. In most cases, dynamically changing codes cannot be detected by a vaccine.
One of methods for coping with malignant codes is to rapidly collect information on the latest malignant codes. Failure to quickly collect samples of malignant codes makes it hard for a vaccine to detect the installation and execution of malignant codes in advance.
Nowadays, most of information security companies collect malignant code information in a passive manner by sharing information with relevant organizations or by relying on users' reports. It is therefore impossible to rapidly cope with the generation and dissemination of malignant codes.