首页>
外国专利>
LOG ANALYSIS DEVICE, ATTACK DETECTION DEVICE, ATTACK DETECTION METHOD AND PROGRAM
LOG ANALYSIS DEVICE, ATTACK DETECTION DEVICE, ATTACK DETECTION METHOD AND PROGRAM
展开▼
机译:日志分析设备,攻击检测设备,攻击检测方法和程序
展开▼
页面导航
摘要
著录项
相似文献
摘要
The log analysis device has: storage unit (12), and for storing a profile, which determines whether there is standard attack information processing unit; Parameter extraction unit (31), these parameters from extract access request; Character string class converting unit (32), for each parameter, more each parameter value and predefined character string class, instead of the component and the character string class to matching length maximum, therefore conversion parameter is class's pupil's handbook in replacement sequence; Profil storage unit (43), it, together just frequently as learning data, stores the frequency occurred in those list of categories in storage unit (12) and is greater than or equal to specified value as profile from one group of list of categories loop-around data access request; With abnormality detecting unit (53), determine whether request is the attack analyzed, according to the above-mentioned class's pupil's handbook of similarity and above-mentioned profile.
展开▼