INFORMATION PROCESSING PROGRAM, INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING SYSTEM, AND INFORMATION PROCESSING METHOD

To provide an information processing system which distinguishes a penetration test from an actual attack.SOLUTION: An information processing system includes a test management apparatus 2, monitoring apparatuses 3, 4, and devices 7, 8. The test management apparatus determines, on receipt of informati...

Full description

Saved in:
Bibliographic Details
Main Authors KOKUBO HIROTAKA, OHORI RYUICHI, IZU TETSUYA, FURUKAWA KAZUYOSHI
Format Patent
LanguageEnglish
Japanese
Published 23.12.2021
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online AccessGet full text

Cover

More Information
Summary:To provide an information processing system which distinguishes a penetration test from an actual attack.SOLUTION: An information processing system includes a test management apparatus 2, monitoring apparatuses 3, 4, and devices 7, 8. The test management apparatus determines, on receipt of information on a detection of an attack to the device 7 to be tested from the monitoring apparatus 3 (2), whether information on spread of infection relating to the attack from the device 7 to the device 8 different from the device 7 has been received from the monitoring apparatus 4 (5). When it is determined that the information on spread of infection relating to the attack has been received, the test management apparatus determines that the attack is not a test attack (6).SELECTED DRAWING: Figure 2 【課題】ペネトレーションテストと、本当の攻撃とを区別する情報処理システムを提供する。【解決手段】情報処理システムは、テスト管理装置2と、監視装置3,4と、対象機器7,8とを有する。テスト管理装置は、監視装置3からテスト対象の対象機器7に対する攻撃の検知に関する情報を受信した場合に<2>、監視装置4から対象機器7から対象機器7とは異なる他の対象機器8への攻撃に関連する感染拡大の通信を受信したか否かを判定する<5>。テスト管理装置は、攻撃に関連する感染拡大の通信を受信したと判定した場合には、攻撃がテストによるものでないと決定する<6>。【選択図】図2
Bibliography:Application Number: JP20200099713