Title:
攻撃検知システム、攻撃検知方法および攻撃検知プログラム
Document Type and Number:
Japanese Patent JP7028559
Kind Code:
B2
Abstract:
PROBLEM TO BE SOLVED: To prevent damage from increasing by preventing damage, such as secondary infection or information leakage, quickly.SOLUTION: An attack detector 10 obtains log information about each communication event from a security appliance 20 and a network apparatus 30. The attack detector 10 performs correlation analysis of the obtained log information, and extracts a communication event having possibility of illegal communication event, out of respective communication events related to the log information. Subsequently, the attack detector 10 performs advanced analysis more detailed than the correlation analysis for the log information related to the extracted communication event, thus calculating the degree of risk due to occurrence of the communication event. Thereafter, when the calculated degree of risk goes above a prescribed threshold level, the attack detector 10 instructs a controller 50 to perform prescribed processing for the communication of a specific client terminal 40.SELECTED DRAWING: Figure 1
More Like This:
Inventors:
Yuichi Omizu
Keisuke Sakata
Kensuke Nakata
Suzuki Suzuki
Katsushi Kamata
Keisuke Sakata
Kensuke Nakata
Suzuki Suzuki
Katsushi Kamata
Application Number:
JP2017011522A
Publication Date:
March 02, 2022
Filing Date:
January 25, 2017
Export Citation:
Assignee:
NTT Communications Corporation
International Classes:
H04L43/00
Domestic Patent References:
JP2015179979A | ||||
JP2006319633A | ||||
JP2014236461A | ||||
JP2015198301A |
Foreign References:
WO2014129587A1 |
Attorney, Agent or Firm:
Sakai International Patent Office