DEVICE FOR ANOMALY DETECTION, METHOD AND PROGRAM FOR ANOMALY DETECTION

DEVICE FOR ANOMALY DETECTION, METHOD AND PROGRAM FOR ANOMALY DETECTION

An anomaly detection device (30) acquires communication feature values of the communication devices (10), calculates, for each transmission source MAC address included in the communication feature values, a total value of the number of transmitted and received packets or the total value of the numbe...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: IZUMI, Masami, NAKATSURU, Takeshi, SATO, Tomoyasu, MINAMI, Takuya, FUJIKI, Naoto
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:An anomaly detection device (30) acquires communication feature values of the communication devices (10), calculates, for each transmission source MAC address included in the communication feature values, a total value of the number of transmitted and received packets or the total value of the number of bytes for each layer-2 switch (50) that is connected to a corresponding communication device (10), and determines, for each transmission source MAC address, that a communication device (10) corresponding to the transmission source MAC address is connected to the layer-2 switch (50) whose total value of the number of transmitted and received packets or total value of the number of bytes is the largest. Furthermore, the anomaly detection device (30) determines whether connection has been stopped or replacement has been performed, using the total value of the number of transmitted and received packets or the total value of the number of bytes.