APPARATUS AND METHOD TO COLLECT PACKETS RELATED TO ABNORMAL CONNECTION

APPARATUS AND METHOD TO COLLECT PACKETS RELATED TO ABNORMAL CONNECTION

An apparatus allocates a packet-identifier to each packet captured from a network, and stores the each packet in a buffer. The apparatus associates, with each of the packet-identifiers, a connection-identifier specifying a connection of a packet identified by the each packet-identifier, and detects...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: IIZUKA Fumiyuki, Nomura Yuji
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:An apparatus allocates a packet-identifier to each packet captured from a network, and stores the each packet in a buffer. The apparatus associates, with each of the packet-identifiers, a connection-identifier specifying a connection of a packet identified by the each packet-identifier, and detects a connection to which a primary abnormality is occurring by analyzing packets stored in the buffer. The apparatus stores, for each connection to which the primary abnormality has occurred, a primary-abnormality group of packets to which the packet-identifiers associated with the connection-identifier of the each connection are allocated, in a first storage-region, detects a connection to which a secondary abnormality is occurring, based on a statistical value related to results of analyses on packets captured in a sampling duration, and writes, in a second storage-region, packets related to connections to which the secondary abnormality has occurred, among the primary-abnormality groups stored in the first storage-region.