首页>
外国专利>
Information processing device, information processing system, information processing method, and storage medium for intrusion detection by applying machine learning to dissimilarity calculations for intrusion alerts
Information processing device, information processing system, information processing method, and storage medium for intrusion detection by applying machine learning to dissimilarity calculations for intrusion alerts
An information processing device according to the present invention includes: a dissimilarity calculator that calculates dissimilarity that is a distance between already received first alert information, and newly received second alert information; a machine learning generator that generates a classifier by applying machine learning to the first alert information, and determines a classification result by applying the classifier to the second alert information; and a determiner that sets the determination result and information indicating that presentation is unnecessary for the second alert information, when the determination result is false detection and the dissimilarity is less than a threshold value, and sets information indicating that presentation is necessary for the second alert information, when the determination result is true detection, or when the determination result is false detection and the dissimilarity is equal to or more than a threshold value.
展开▼
