| 摘要 |
A network analyzer (10) includes a sampler (12) and a network anomaly detector (14). The sampler (12) acquires communication data (26) flowing through nodes by a data collector (16), estimates a topology of the nodes based on the acquired communication data (28) by a topology estimator (18), stores the estimated topology (30) of the nodes in a storage (20), reads out the estimated result (32) from the storage (20) to generate a predetermined item for each read-out topology of the nodes as a sampling rule (34) by a rule generator (22), and samples the supplied communication data (28) based on the generated sampling rule (34) by a packet sampler (24). The topology of the network is thereby estimated in advance to narrow down objects to be sampled. The behavior of the communication data can thus be grasped in correlation between a target network and other networks. |
