| 发明名称 | Method for detecting unauthorized access and network monitoring apparatus | ||
| 摘要 | A method for detecting unauthorized access is executed by a network monitoring apparatus connected to a network in which packets are transmitted between a plurality of information processing apparatuses. The method includes obtaining, by the network monitoring apparatus, packets regarding at least one access performed from a first information processing apparatus to a second information processing apparatus. The method includes selecting at least one condition from among predefined at least two conditions. The selection is performed according to a combination between the first information processing apparatus as an access source and the second information processing apparatus as an access destination. The method includes determining whether each of the obtained packets satisfies the selected at least one condition. The method includes determining a possibility that unauthorized access has been performed on the second information processing apparatus, based on a number of conditions determined to be satisfied. | ||
| 申请公布号 | US9203848(B2) | 申请公布日期 | 2015.12.01 |
| 申请号 | US201314015439 | 申请日期 | 2013.08.30 |
| 申请人 | FUJITSU LIMITED | 发明人 | Fujishima Yuki;Morinaga Masanobu |
| 分类号 | H04L29/06 | 主分类号 | H04L29/06 |
| 代理机构 | Staas & Halsey LLP | 代理人 | Staas & Halsey LLP |
| 主权项 | 1. A method for detecting unauthorized access, the method being executed by a network monitoring apparatus connected to a network in which packets are transmitted between a plurality of information processing apparatuses, the method comprising: obtaining, by the network monitoring apparatus, packets regarding at least one access performed from a first information processing apparatus to a second information processing apparatus; selecting a first condition from among predefined at least two conditions, the selection being performed according to a combination between the first information processing apparatus as an access source and the second information processing apparatus as an access destination; determining whether each of the obtained packets satisfies the selected first condition; repeating the selecting and determining for each of the conditions from among predefined at least two conditions other than the first condition regardless of whether or not each of the obtained packets satisfies the selected first condition; determining a level of unauthorized access that has been performed on the second information processing apparatus by the first information processing apparatus, the level of unauthorized access being based on a number of conditions determined to be satisfied among the predefined at least two conditions. | ||
| 地址 | Kawasaki JP | ||