APPLICATION DETERMINATION SYSTEM AND PROGRAM

PROBLEM TO BE SOLVED: To provide an application determination system and program for determining whether or not an application under consideration is unauthorized based on a log in which the behavior of an application is recorded.SOLUTION: A process ID extraction section 20a extracts the identificat...

Full description

Saved in:
Bibliographic Details
Main Authors TAKEMORI KEISUKE, ISOHARA TAKAMASA, HATASE YASUHIRO, TAKANO TOMOAKI, YANAGIHARA MASANORI, MIYAKE MASARU, USHIYAMA SATOSHI, IMAGAWA TOSHIHIKO
Format Patent
LanguageEnglish
Published 12.01.2012
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online AccessGet full text

Cover

More Information
Summary:PROBLEM TO BE SOLVED: To provide an application determination system and program for determining whether or not an application under consideration is unauthorized based on a log in which the behavior of an application is recorded.SOLUTION: A process ID extraction section 20a extracts the identification information of a process associated with the identification information of a specific application from an application log. A kernel log extraction section 20b extracts a part having the identification information of the process extracted by the process ID extraction section 20a from a kernel log. A file operation content extraction section 20c extracts the execution content of a system call associated with the identification information of a system call relating to a file operation from the part extracted by the kernel log extraction section 20b. A determination section 20d determines whether or not the execution content of the system call extracted by the file operation content extraction section 20c shows an operation to a specific directory.
Bibliography:Application Number: JP20100143712