INFORMATION PROCESSING PROGRAM, INFORMATION PROCESSING METHOD, AND INFORMATION PROCESSING DEVICE

INFORMATION PROCESSING PROGRAM, INFORMATION PROCESSING METHOD, AND INFORMATION PROCESSING DEVICE

Data is efficiently extracted based on a communication risk.A control unit (11) determines risk levels of pseudo session data (dp) and session data segment (d3) and collects file information from the pseudo session data (dp) and the session data segment (d3). In this case, because no file is include...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: OIKAWA, Takanori, INUI, Maki, FUJISHIMA, Yuki
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Data is efficiently extracted based on a communication risk.A control unit (11) determines risk levels of pseudo session data (dp) and session data segment (d3) and collects file information from the pseudo session data (dp) and the session data segment (d3). In this case, because no file is included in the session data segment (d3) and a file is included in the pseudo session data (dp), file information is collected from the file included in the pseudo session data (dp). In addition, an a.exe file is included in the pseudo session data (dp) and is associated with a schtasks command associated with 3 as the risk level. Thus, the control unit (11) collects, as the file information, meta information, a file hash value, and a file main body from the a.exe file.