LOG ANALYSIS DEVICE AND LOG ANALYSIS METHOD

摘要

The present invention relates to a log analysis device for detecting malware contamination and discovering frauds in an organization. This log analysis device is provided with: a log collection unit that collects physical system logs, which are logs relating to a physical facility management device, and information system logs, which are logs relating to an information device for processing information in response to user operation; and a log analysis unit that calculates the frequency distribution of the time intervals between physical system logs and information system logs, and detects an abnormality relating to the information device by comparing the calculated frequency distribution with a frequency distribution calculated when the information device is in a normal state.