Malware detection method and mobile terminal therefor

PURPOSE: A malicious program detecting method and a portable terminal implementing the same are provided to detect most of malicious programs based on action classification matched with features of a portable terminal. CONSTITUTION: An extracting unit extracts an API(Application Program Interfaces) which a platform provides to an application according to a call of the application(51,52). If the application does not exist in a malicious program list, a monitoring unit checks action of the application(54,58). If the action of the application is a pre-defined trigger action, the monitoring unit reads a white list(59,61). If the action corresponds to a malicious action pattern by comparing an object used for the action with the white list, the monitoring unit displays a warning message(64,65). [Reference numerals] (51) Application execution; (52) Platform API extraction and classification; (53) Malicious program list reading; (54) Malicious program?; (55) Displaying a deletion recommendation message; (56,66) Deletion command?; (57) Application deletion; (58) Action checking; (59) Trigger action?; (60) Application termination?; (61) White list reading; (62) Doubt action?; (63) Malicious action pattern file reading; (64) Malicious action?; (65) Generating a log file and displaying a warning message; (67) White list recording; (68) Application deletion and log file transmission; (AA) Start; (BB,DD,FF,HH,JJ,LL,NN) Yes; (CC,EE,GG,II,KK,MM,OO) No; (PP,QQ) Termination