×

Device, method and program for detecting unauthorized access

  • US 20050091513A1
  • Filed: 04/12/2004
  • Published: 04/28/2005
  • Est. Priority Date: 10/28/2003
  • Status: Active Grant
First Claim
Patent Images

1. An unauthorized access detection device for detecting unauthorized accesses over a network, comprising:

  • unauthorized access scenario storage means for storing unauthorized access scenarios each defining a procedure of processes to be executed over the network until an unauthorized access is made through preparation;

    ongoing scenario storage means for storing ongoing scenarios by relating the ongoing scenarios to key data, the ongoing scenarios each indicating progress of processes executed over the network based on one of the unauthorized access scenarios, the key data differentiating processes associated with each of the ongoing scenarios from other processes;

    key data extraction means for obtaining a packet traveling on the network and extracting the key data from the packet obtained;

    ongoing scenario detection means for retrieving an ongoing scenario from the ongoing scenario storage means with the key data extracted by the key data extraction means as a search key;

    check means for determining whether execution of a process indicated by the packet after the ongoing scenario retrieved by the ongoing scenario detection means follows one of the unauthorized access scenarios being stored in the unauthorized access scenario storage means;

    ongoing scenario update means for updating the ongoing scenario being stored in the ongoing scenario storage means when a check result of the check means shows that the execution follows the one of the unauthorized access scenarios; and

    report output means for outputting an unauthorized access report showing progress of processes executed based on the one of the unauthorized access scenarios, depending on the check result of the check means.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×