摘要 |
PROBLEM TO BE SOLVED: To monitor up to the inside of a system in detail. SOLUTION: A information processor includes a rule DB for storing behavior information for specifying a behavior showing illegal attack or intrusion. Then, the information processor collects various pieces of information generated by each module inside a process executed by a computer system showing the device, and monitors a behavior showing any illegal attack or intrusion on the basis of the collected various pieces of information. Meanwhile, when the collected various pieces of information are matched with behavior information stored in the rule DB, the information processor detects that any illegal attack or intrusion has occurred. COPYRIGHT: (C)2010,JPO&INPIT |