| CPC G06F 21/556 (2013.01) [G06F 21/54 (2013.01); G06F 21/552 (2013.01); G06F 21/554 (2013.01)] | 11 Claims |
|
1. A backdoor inspection apparatus comprising:
at least one processor and at least one memory;
a static analysis unit implemented at least by the hardware and that:
executes static analysis processing for a backdoor on each of a plurality of code blocks included in target software to be inspected to specify a first code block that is potentially the backdoor and a condition under which the first code block is being executed; and
outputs the target software to which first information indicating the specified first code block is added and second information indicating the specified condition; and
a dynamic analysis unit implemented at least by the hardware and that controls dynamic analysis processing for the backdoor performed on the target software to which the first information is added based on the first information and the second information, by:
determining whether or not each of the plurality of code blocks corresponds to the backdoor based on a value of a security parameter used for determining the backdoor and a value of a determination threshold for determining the backdoor at a time of the dynamic analysis; and
adjusting the value of the determination threshold at a time of determining a code block to which the first information is not added and at a time of determining the first code block to which the first information is added.
|