摘要 |
<p><P>PROBLEM TO BE SOLVED: To provide a system for tracking unauthorized access such as DoS attack with high precision. <P>SOLUTION: In the method for tracking unauthorized access, a traffic measuring section 101 for logging temporal transition in number of packets from a network traffic as a traffic pattern having a width of a predetermined time T, and a storage section 102 for storing the information of traffic pattern are provided at each observation point. The system for detecting the directivity of unauthorized access by receiving the information of traffic pattern at each observation point comprises a traffic extracting section 103 for extracting the minimum number of packets of each traffic pattern by receiving traffic pattern at each of the plurality of predetermined times T stored in the storage section 102 at each observation point and generating a new traffic pattern by filtering, and a similarity determining section 104 for detecting the directivity of unauthorized access by comparing and evaluating similarity from the traffic pattern generated anew. <P>COPYRIGHT: (C)2007,JPO&INPIT</p> |