摘要 |
<P>PROBLEM TO BE SOLVED: To avoid an adverse effect on packets which do not constitute an aggression flow and deterioration in accuracy to identify the flow when applying a multi-core processor for a network security platform. <P>SOLUTION: A security device includes multiple core processors and identifies an aggression flow by distributing multiple packets transmitted to a server to any of the multiple core processors so as to perform prescribed analysis processing. Each one of the multiple core processors determines whether or not the rate of the packets to perform the prescribed analysis processing is to be limited in accordance with a load on the core processor. When the rate is limited, the aggression flow is identified by estimation based on the rate of the packets on which the prescribed analysis processing is not performed. Besides, a flow which is not identified as the aggression flow is identified based on the performance result of the prescribed analysis processing with respect to the packets including response messages to the packets transmitted from the server. <P>COPYRIGHT: (C)2012,JPO&INPIT |