摘要 |
An abnormal traffic detection apparatus for detecting an abnormal traffic toward a communication apparatus by using information on traffics passing through a switch, comprising destination IP address counting units (C1 to C4) configured to store amount information on amount of traffics as an amount information table corresponding to each communication apparatus, a traffic separating unit (21) for registering amount information on a new destination IP address in the amount information table corresponding to the destination IP address, each time a traffics having the new destination IP address passes through the switch, and storing the amount information in the amount information table corresponding to each communication apparatus, and abnormal traffic judging units (J1 to J4) for detecting an abnormality of the traffic amount flowing through the switch on the basis of the amount information stored in the amount information table.
|