| 发明名称 |
SECURITY EVENT MONITORING DEVICE, METHOD, AND PROGRAM |
| 摘要 |
The security event monitoring device includes: a storage module which stores in advance a correlation rule; a log collection unit which receives each log from each monitoring target device; a correlation analysis unit which generates scenario candidates by associating each of the logs; a scenario candidate evaluation unit which calculates the importance degrees of each scenario candidate; and a result display unit which displays/outputs the scenario candidate of a high importance degree. The scenario candidate evaluation unit includes: a user association degree evaluation function which calculates user association degrees; an operation association degree evaluation function which calculates the operation association degrees; and a scenario candidate importance reevaluation function which recalculates the importance degrees of each of the scenario candidates by each user according to the user association degrees and the operation association degrees.
|
| 申请公布号 |
US2013067572(A1) |
申请公布日期 |
2013.03.14 |
| 申请号 |
US201213608741 |
申请日期 |
2012.09.10 |
| 申请人 |
MURAMOTO EIJI;NEC CORPORATION |
发明人 |
MURAMOTO EIJI |
| 分类号 |
G06F21/00 |
主分类号 |
G06F21/00 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
