Attack vector detection method, attack vector detection system and non-temporary computer-readable recording medium

摘要

PROBLEM TO BE SOLVED: To provide a method for detecting an attack route. SOLUTION: A step of establishing a link relationship between a plurality of hosts based on a host log set to generate a host relationship diagram, and a step of marking at least one host in which an abnormal state has occurred in the host relationship diagram. And the process of calculating the corresponding risk value of each of the hosts, and determining whether the corresponding risk value is larger than the first threshold value in the host where the abnormal state has not occurred, and the risk value is the first threshold value. Based on the process of making a larger host a high-risk host and the link relationship between the hosts in the host relationship diagram, at least one host attack route from between the high-risk host and at least one host in which an abnormal state has occurred. A process of searching for, and a method of detecting an attack route. [Selection diagram] Fig. 1