ANOMALY DETECTION SYSTEM, ANOMALY DETECTION METHOD, AND PROGRAM

To detect an anomaly using a log, with less computational complexity, while maintaining confidentiality.SOLUTION: An anomaly detection system includes: a log storage unit which stores a log file that records logs output from a network device; an information acquisition unit which periodically acquir...

Full description

Saved in:
Bibliographic Details
Main Authors UENO YUKITO, HIROSE MASATO, KANAI AKIRA
Format Patent
LanguageEnglish
Japanese
Published 10.05.2023
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:To detect an anomaly using a log, with less computational complexity, while maintaining confidentiality.SOLUTION: An anomaly detection system includes: a log storage unit which stores a log file that records logs output from a network device; an information acquisition unit which periodically acquires, from the log storage unit, file information including a file size and a file name of the log file; and an analysis unit which calculates time-series data of an increase rate of the file size of the log file, from the file information, and detects an anomaly from the time-series data.SELECTED DRAWING: Figure 1 【課題】ログを用いた異常検知を、少ない計算量で、機密性を保ちながら実行する。【解決手段】異常検知システムにおいて、ネットワーク機器から出力されたログを記録したログファイルを格納するログ格納部と、前記ログ格納部から、前記ログファイルのファイルサイズとファイル名とを含むファイル情報を定期的に取得する情報取得部と、前記ファイル情報から、前記ログファイルのファイルサイズの増加レートの時系列データを計算し、当該時系列データから異常検知を行う解析部と、を備える。【選択図】図1
Bibliography:Application Number: JP20210173917