摘要 |
To determine, without performing an enormous number of verifications, whether or not an attack that cannot be detected using signature information exists. A signature detection excluded data pattern extraction unit (105) performs analysis on signature information (102), and extracts patterns of data not detected using the signature information (102). An attack data pattern extraction unit (107) performs analysis on a target program for which the signature information (102) is applied, and extracts patterns of attack data for attacking the target program. A pattern comparison unit (108) compares the signature detection excluded data patterns that have been extracted by the signature detection excluded data pattern extraction unit (105) with the attack data patterns that have been extracted by the attack data pattern extraction unit (107), and extracts attack data patterns corresponding to the signature detection excluded data patterns as attack data patterns that are not detected using the signature information (102). |