CPC H04L 63/1425 (2013.01) [G06F 16/906 (2019.01); G06N 20/00 (2019.01); H04L 43/08 (2013.01)] | 8 Claims |
1. A traffic characteristic information extracting device comprising:
a memory; and
processing circuitry coupled to the memory and configured to:
acquire traffic information satisfying a first predetermined condition from network traffic data,
extract characteristic information from the acquired traffic information,
classify the traffic information based on the extracted characteristic information,
analyze a classification result obtained at the classifying and generate signatures,
determine which of the generated signatures is a signature satisfying a second predetermined condition among the generated signatures,
output the signature satisfying the second predetermined condition among the generated signatures,
determine whether a terminal receives damage based on whether a response from a communication destination server includes the signature satisfying the second predetermined condition.
|