The event collection means which collect the event information which from the polish

摘要

PROBLEM TO BE SOLVED: To provide a policy generation system generating policy information without depending on an operator's skill, and to provide a program and a recording medium.;SOLUTION: An event collecting unit 1 collects event information output from either an NIDS or both a VDS and an HIDS. An event processing unit 4 associates the event information with one another according to the time of detecting each event. Based on the event information associated with one another, the event processing unit 4 calculates statistical values for the appearance frequency of events due to attack. Based on the statistical values, a policy file generation unit 6 calculates index values for monitoring by the HIDS, and generates information for specifying a target to be monitored by the HIDS and policy information including the index values.;COPYRIGHT: (C)2009,JPO&INPIT