ABNORMAL TRAFFIC DETECTION METHOD AND DEVICE

ABNORMAL TRAFFIC DETECTION METHOD AND DEVICE

PROBLEM TO BE SOLVED: To provide a detection method of an abnormal traffic for performing monitoring with a small amount of memory capacity, monitoring data of N upper field values that are important as the objects to be monitored and a counter value, and detecting abnormality in time series. SOLUTI...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: KAWAHARA RYOICHI, MORI TATSUYA, KOBAYASHI JUNJI, YAMAMOTO KOYO, ISHIBASHI KEISUKE, HIROKAWA YUTAKA
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:PROBLEM TO BE SOLVED: To provide a detection method of an abnormal traffic for performing monitoring with a small amount of memory capacity, monitoring data of N upper field values that are important as the objects to be monitored and a counter value, and detecting abnormality in time series. SOLUTION: The method includes a step for acquiring traffic data; a step for designating at least one field to be monitored and the kind of counter to the field; a step for calculating N (N≥2) upper field values to the designation counter of a designated field at a preset interval from the acquired traffic data, and for counting the counter value; a step for storing the N calculated upper field values and the data of the counter value to calculate the degree of similarity between newly calculated data and past ones; and a fifth step for issuing an alarm as a fault when the calculated degree of similarity is smaller than a preset threshold to extract the field value estimated to be the cause of a decrease in the degree of similarity. COPYRIGHT: (C)2007,JPO&INPIT