| 摘要 |
A network analyzer includes a sampler and a network anomaly detector. The sampler acquires communication data flowing through nodes by a data collector, estimates a topology of the nodes based on the acquired communication data by a topology estimator, stores the estimated topology of the nodes in a storage, reads out the estimated result from the storage to generate a predetermined item for each read-out topology of the nodes as a sampling rule by a rule generator, and samples the supplied communication data based on the generated sampling rule by a packet sampler. The topology of the network is thereby estimated in advance to narrow down objects to be sampled. The behavior of the communication data can thus be grasped in correlation between a target network and other networks.
|
