首页>
外国专利>
Attack detection system, attack detection equipment, attack detection methods and attack detection program
Attack detection system, attack detection equipment, attack detection methods and attack detection program
展开▼
机译:攻击检测系统,攻击检测设备,攻击检测方法和攻击检测程序
展开▼
页面导航
摘要
著录项
相似文献
摘要
[Problems] The long-term log analysis as well as carried out in real time, it determines the continuity of attack for efficient security operations by preventing duplicate detection of events. A attack detection unit 10 uses the collected logs, every predetermined short time period, and counts the number of times the communication destination IP address of the user terminal matches the destination IP address of the blacklist. Also, the attack detection unit 10, using the number of times that is counted in a predetermined period among the counted number of times per a predetermined long time to detect the unauthorized communication conforming to the predetermined detection rule of the communication user terminal . Then, the attack detecting device 10, among the sensed unauthorized communications, it is determined whether the communication source IP address and destination IP address as the illegal communication is detected within a predetermined time period there is a bad communication are the same, is the same If there is bad communication, detects that said non positive communication is continuing state. .BACKGROUND 2
展开▼