摘要 |
PROBLEM TO BE SOLVED: To provide a policy generation system, program, and a recording medium for generating policy information without depending on an operator's technique. SOLUTION: An event collection part 1 collects event information output from HIDS (Host-based Intrusion Detection System) or VDS (Virus Intrusion Detection System) and NIDS (Network-based Intrusion Detection System). An event processing part 4 associates each event information on the basis of an event detection time. Also, the event processing part 4 calculates a statistic value related to appearance frequency of events by attack on the basis of associated event information. A policy file generation part 6 calculates an index value related to an event detected by the NIDS on the basis of the statistic value, and generates policy information including identification information and the index value for the event detected by the NIDS. COPYRIGHT: (C)2009,JPO&INPIT |