APPLICATION DETERMINATION SYSTEM AND PROGRAM

PROBLEM TO BE SOLVED: To provide an application determination system and a program capable of determining whether a target application is fraudulent on the basis of a log in which application behavior is recorded.SOLUTION: A process ID extraction part 20a extracts identification information of a pro...

Full description

Saved in:
Bibliographic Details
Main Authors TAKEMORI KEISUKE, ISOHARA TAKAMASA, HATASE YASUHIRO, TAKANO TOMOAKI, YANAGIHARA MASANORI, MIYAKE MASARU, USHIYAMA SATOSHI, IMAGAWA TOSHIHIKO
Format Patent
LanguageEnglish
Published 05.01.2012
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online AccessGet full text

Cover

More Information
Summary:PROBLEM TO BE SOLVED: To provide an application determination system and a program capable of determining whether a target application is fraudulent on the basis of a log in which application behavior is recorded.SOLUTION: A process ID extraction part 20a extracts identification information of a process associated with identification information of a particular application from an application log. A kernel log extraction part 20b extracts a part having the identification information of the process extracted by the process ID extraction part 20a from a kernel log. A communication content extraction part 20c extracts execution content of a system call associated with identification information of a system call related to communication from the part extracted by the kernel log extraction part 20b. A determination part 20d determines whether the execution content of the system call extracted by the communication content extraction part 20c shows communication with a particular IP address as a communication partner.
Bibliography:Application Number: JP20100140489