Title:
COMMUNICATION MONITORING DEVICE, COMMUNICATION MONITORING METHOD, AND COMMUNICATION MONITORING PROGRAM
Document Type and Number:
Japanese Patent JP2018093384
Kind Code:
A
Abstract:
PROBLEM TO BE SOLVED: To provide a communication monitoring device, a communication monitoring method, and a communication monitoring program that can detect, with high accuracy, an attack with a high possibility of having an impact on network equipment.SOLUTION: A communication monitoring device 1 includes: a detection unit 11 for detecting a suffering host candidate due to tons of communication on the basis of traffic by the destination address measured on the basis of information on communication packets; a service host estimation unit 12 for performing port scan to an address group included in a monitoring object network and obtaining information on a provision service by the address; and an evaluation unit 14 for evaluating an impact level of a communication packet on the basis of a difference level of a result of comparing a destination port number and a communication pattern of the communication packet destined to the suffering host candidate with information on the provision service.SELECTED DRAWING: Figure 1
More Like This:
Inventors:
YAMADA AKIRA
URAKAWA JUMPEI
KUBOTA AYUMI
URAKAWA JUMPEI
KUBOTA AYUMI
Application Number:
JP2016235845A
Publication Date:
June 14, 2018
Filing Date:
December 05, 2016
Export Citation:
Assignee:
KDDI CORP
International Classes:
H04L12/70; H04L12/26
Domestic Patent References:
| JP2015142324A | 2015-08-03 | |||
| JP2010239392A | 2010-10-21 | |||
| JP2008278272A | 2008-11-13 |
Foreign References:
| WO2006046345A1 | 2006-05-04 |
Other References:
牧田 大佑 、ほか: "早期インシデント対応を目的としたDRDoS攻撃アラートシステム", 情報処理学会論文誌 VOL.57 NO.9, JPN6019044840, September 2016 (2016-09-01), pages 1974 - 1985, ISSN: 0004157570
Attorney, Agent or Firm:
Masayuki Masabayashi
Hayashi Ichiyoshi
Hayashi Ichiyoshi