摘要 |
PROBLEM TO BE SOLVED: To quickly and flexibly discriminate whether or not data included in a packet to be transferred on a communication network are belonging to a predetermined data group.SOLUTION: A hash value is generated with a predetermined entry pattern to be detected as a key, and the hash value is stored as collation data. Also, a mask for using data having desired inspection length included in traffic as an entry is generated and stored. Data from a desired position designated by an offset value are segmented from a traffic pattern, and the mask is applied to the segmented data such that a hash value is generated as an entry having the inspection length. Thus obtained hash value of each packet is compared with the stored collation data such that whether or not a suspicious pattern is included is determined. |