Information Security - MITSUBISHI ELECTRIC

An intrusion path tracing system is a system that identifies the source of unauthorized access detected by an Intrusion Detection System (IDS).

With this system, a trace is conducted by creating a database, the individual logs of which are sent into the domain from various devices. The logs on the database are then analyzed to conduct the trace. Results acquired from the tracing process are used so that effective measures can be built to safeguard against the detected unauthorized access.

	Packet Forwarded Router Identification Function

	The system will identify the intrusion path by identifying the router that forwarded the packet sent from the attacker. Therefore, even if a packet is IP spoofed the system is able to identify the true attacker.

	Stepstool Determination Function

	If the host of the sent packet is identified, the system will determine whether or not that host is being used as a stepstool or not. If the user is determined to be a stepstool, the tracing process will continue.

	Intrusion Path Tracing System

	Each log (packet log, process information log, communication history log) used in the path tracing process will be sent from the log acquisition device to the intrusion path tracing server and stored in a database.

	Detailed research of unauthorized access.
	Prevention of indirect unauthorized access.