发明授权
- 专利标题: Access chain tracing system, network system, and storage medium
- 专利标题(中): 接入链跟踪系统,网络系统和存储介质
-
申请号: US09770531申请日: 2001-01-26
-
公开(公告)号: US07127510B2公开(公告)日: 2006-10-24
- 发明人: Kunikazu Yoda , Hiroaki Etoh
- 申请人: Kunikazu Yoda , Hiroaki Etoh
- 申请人地址: US NY Armonk
- 专利权人: International Business Machines Corporation
- 当前专利权人: International Business Machines Corporation
- 当前专利权人地址: US NY Armonk
- 代理商 Douglas W. CAmeron; Anne Vachon Dougherty
- 优先权: JP2000-025594 20000202
- 主分类号: G06F15/16
- IPC分类号: G06F15/16 ; G06F15/173
摘要:
Log data for a packet that is exchanged across a network are recorded in a log box. At this time, the data size of the packet and the detection time are recorded. When an illegal access has occurred at a target computer, the tracing of an access chain is performed on the log information. The tracing of the access chain is performed as follows. A change in the size of the data in a packet in accordance with the time of the first connection, and a change in the size of the data in a packet in accordance with the time of the second connection are calculated using the log data, and then the shapes of the graphs formed by these packet series are compared. When the shapes of the graphs are similar, it is ascertained that the pertinent connections are included in the same chain.