| 摘要 |
PROBLEM TO BE SOLVED: To provide an information processing system and program for extracting detailed information about fraudulent practice executed with arbitrary timing. SOLUTION: A log generation module 12 detects system call processing issued by a process operating on a computer to an operating system and generates a first log including file identification information for identifying a file to which file operation has been performed and process identification information for identifying a process to which file operation is performed. Also, the log generation module 12 generates a second log including process identification information for identifying a process to which the process operation has been performed and execution content information showing contents executed by the process. A log analysis module 15 extracts a log from the first log on the basis of the file identification information detected by an instruction detection system and extracts a log from the second log on the basis of the process identification information included in the extracted log. COPYRIGHT: (C)2010,JPO&INPIT |
