| 摘要 |
<p><P>PROBLEM TO BE SOLVED: To provide detailed information in order to allow a monitoring person to take measures against failure, in an abnormal traffic analysis technique. <P>SOLUTION: A flow information receiving function 201 receives flow information from a network device. An abnormal traffic detection function 203 detects the abnormal condition of traffic from the received flow information. An abnormal traffic analysis function 204 analyzes the flow information with the detection of the abnormal condition by the abnormal traffic detection function 203 as the momentum, extracts the flow information of the abnormal condition, and thereafter recursively analyzes the flow information with the optional value of the extracted result as a restraint condition. A GUI function 206 displays the table of the flow information and an address prefix tree in the process of the extraction result to the monitoring person by GUI. By clicking each value of the table and the address prefix tree, the value is regarded as the one input from the monitoring person. <P>COPYRIGHT: (C)2011,JPO&INPIT</p> |
