To detect a shared account out of accounts that are assumed as unauthorized accounts from an operation log, by a technology for detecting unauthorized access in a log-on controlled system opened on the Internet, for example, for allowing processing meeting unauthorized content.
A log-on failure log extractor 203 extracts a log-on failure log. A simultaneous log-on/log-out determiner 204 detects frequent occurrence of log-on/log-out by the same user account in the same period, while an identical ID access command comparator 205 detects different command access of a predetermined frequency or more by the same user account. Then, a shared account determiner 206 determines whether log-on failure logs are frequently recorded just after the change of a password about the same user account. A manager interface 208 reports unauthorized use by the shared account or unauthorized access by an unknown user according to the determination results.
COPYRIGHT: (C)2011,JPO&INPIT
Naoya Watanabe
Kurihiro Kurita
JP2002297543A | ||||
JP2006195634A | ||||
JP10340254A |
virtue Tamio Ei