| CPC H04L 63/1425 (2013.01) [H04W 12/121 (2021.01); H04W 24/08 (2013.01)] | 9 Claims |
|
1. An abnormal traffic analysis apparatus comprising:
a processor; and
a non-transitory computer-medium having computer program instructions stored thereon, wherein the instructions are executable by the processor and perform to:
receive traffic from a device via a communication path of a plurality of communication paths in which different communication methods are used;
identify a communication path through which the traffic is transmitted;
determine an analysis algorithm of a plurality of analysis algorithms and one or more analysis parameters for detecting abnormality of the traffic according to the communication path identified, wherein:
the one or more analysis parameters includes a degree of detail of attack detection,
the degree of detail of attack detection is indicative of a level of threat associated with the traffic, and
each of the plurality of analysis algorithms is configured to perform an analysis for attack detection with respect to a specific communication path based on a determined degree of detail of attack detection; and
analyze whether or not the traffic is abnormal traffic by using the analysis algorithm and the determined one or more analysis parameters; and
record a result of analysis performed.
|