Abnormality detection apparatus, abnormality detection method, and abnormality detection program

Abnormality detection apparatus, abnormality detection method, and abnormality detection program

An abnormality detection apparatus (30) acquires communication feature amounts of communication devices (10), calculates, for each of transmission source MAC addresses included in the communication feature amounts, the total value of the number of bytes or the total value of the number of transmissi...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: IZUMI, Masami, NAKATSURU, Takeshi, SATO, Tomoyasu, MINAMI, Takuya, FUJIKI, Naoto
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:An abnormality detection apparatus (30) acquires communication feature amounts of communication devices (10), calculates, for each of transmission source MAC addresses included in the communication feature amounts, the total value of the number of bytes or the total value of the number of transmission/reception packets per layer 2 switch (50) connected to the corresponding communication devices (10), and, regarding each transmission source MAC address, determines that the communication device (10) corresponding to the transmission source MAC address has been connected to the layer 2 switch (50) having the highest total value of the number of bytes or the highest total value of the number of transmission/reception packets. Further, the abnormality detection apparatus (30) determines whether disconnection has been performed and whether replacement has been performed, by using the total value of the number of bytes or the total value of the number of transmission/reception packets.