| 摘要 |
PROBLEM TO BE SOLVED: To provide an unauthorized access detection log information analysis support system which can accumulate know-how of an operation personnel. SOLUTION: This system is provided with an IDS manager part 12 which collects detection log information from an intrusion detection apparatus and performs format conversion, a detection log information DB (31) which accumulates the detection log information, an intrusion behavior pattern generating part 23 which generates intrusion behavior patterns and accumulates them in a intrusion behavior pattern DB (33), a pattern evaluating parameter DB (34) which stores pattern evaluating parameters, an intrusion behavior pattern evaluating part 25 which obtains correlation of detection log information to the intrusion behavior evaluating parameters and evaluates the intrusion behavior pattern based on the correlation and the pattern evaluating parameters, and an intrusion behavior pattern evaluating result DB (35) which stores evaluating results by the intrusion behavior pattern evaluating part. COPYRIGHT: (C)2004,JPO&NCIPI
|
