JP2013081146A5

JP2013081146A5 -

Info

Publication number: JP2013081146A5
Application number: JP2011221313A
Authority: JP
Filing date: 2011-10-05
Publication date: 2014-10-30
Anticipated expiration: 2031-10-05

Claims

An address extraction device that extracts a predetermined address from addresses accessed by a proxy server device that accesses an address notified as an access destination from a terminal device,
An address input unit for inputting a proxy log indicating an address of an access destination for each access performed by the proxy server device, and valid address information indicating an address defined as valid in advance;
An address extraction apparatus comprising: an address extraction unit that extracts an address not indicated in the valid address information from among the addresses indicated in the proxy log input by the address input unit.

The address input unit
Based on a user instruction, the terminal device inputs user instruction information indicating an address notified to the proxy server device as an access destination,
The address extraction unit
2. The address according to claim 1, wherein an address that is not indicated in either the valid address information or the user instruction information is extracted from the addresses indicated in the proxy log input by the address input unit. Extraction device.

The address input unit
A terminal operation in which an address notified by the terminal device to the proxy server device as an access destination based on an address instruction operation instructing the access destination address to the terminal device by the user is shown in association with the address instruction operation. 3. The address extracting apparatus according to claim 2, wherein a log is input as the user instruction information.

The address input unit
A terminal device having a local proxy inputs, as the user instruction information, a local proxy log indicating an address notified to the proxy server device as an access destination using the local proxy based on the user's instruction. The address extracting device according to claim 2.

The address input unit
Input related address information indicating an address associated with the web page of the address indicated in the user instruction information,
The address extraction unit
The address that is not indicated in any of the valid address information, the user instruction information, and the related address information is extracted from the addresses indicated in the proxy log input by the address input unit. Item 5. The address extracting device according to any one of Items 2 to 4.

The address input unit
For each access performed by the proxy server device, input a proxy log in which an access time when the access is performed and an address of the access destination are shown in association with each other,
The address extraction unit
Among the addresses indicated by the proxy log input by the address input unit, a detection device that detects the presence of a user is associated with an access time included in a period in which the user detects that the user does not exist before the terminal device. 6. The address extracting apparatus according to claim 1, wherein the address is extracted.

The address input unit
A proxy log in which an access time and an access destination address that are accessed for each access performed by the proxy server device are associated with each other;
Yu chromatography THE is shown an instruction operation as an instruction operation for each of the operating time indicated is associated to the terminal device, when the user instructs the access destination address to the terminal device, the The address notified by the terminal device to the proxy server device as the access destination based on the address instruction operation instructing the access destination address to the terminal device corresponds to the address instruction operation and the operation time of the address instruction operation. Enter the terminal operation log attached and shown,
The address extracting device further includes:
The first operation time after the start time of the predefined definition period and the last operation time before the end time of the definition period are extracted from the operation times indicated in the terminal operation log, and the start of the definition period A non-operation period consisting of a period from a time to the first operation time and a period from the last operation time to the end time of the definition period, or among the operation times indicated in the terminal operation log, The first address corresponding operation time that is the operation time after the start time of the definition period and is the first operation time associated with the address corresponds to the operation time that is the operation time before the end time of the definition period And the last address-corresponding operation time that is the last operation time attached, and the period from the start time of the definition period to the first address-corresponding operation time and the last Comprises a period calculation unit for calculating a non-address correspondence period comprising a period from dress corresponding operation time to the end time of the definition period,
The address extraction unit
When a non-operation period is calculated by the period calculation unit, an address associated with an access time included in the non-operation period is extracted from the addresses indicated in the proxy log input by the address input unit. When the non-address corresponding period is calculated by the period calculating unit, the address corresponding to the access time indicated in the proxy log input by the address input unit is included in the non-address corresponding period. The address extracting apparatus according to claim 1, wherein an address associated with an access time is extracted.

The address extracting device further includes:
8. A condition matching address specifying unit that specifies, as a condition matching address, a predetermined address that matches at least one predetermined condition among the addresses extracted by the address extraction unit. The address extraction device described.

The address extracting device further includes:
For each address extracted by the address extraction unit, an information input unit is provided for inputting provided country information indicating a country to which the provider of the web page of the address belongs, and specific country information indicating a previously specified country,
The condition matching address specifying unit
A request for specifying, as a condition matching address, an address of a web page provided by a country that matches any of the countries indicated in the specific country information among the countries indicated in the providing country information input by the information input unit. Item 9. The address extracting device according to Item 8.

The address input unit
For each access performed by the proxy server device, input a proxy log in which the address of the access destination and the data communication amount at the time of access are shown in association with each other,
The address extracting device further includes:
Calculate the number of accesses per unit time for each address extracted by the address extraction unit from the proxy log input by the address input unit, or by the address extraction unit from the proxy log input by the address input unit A communication amount calculation unit that calculates a data communication amount per unit time for each extracted address,
The condition matching address specifying unit
When the number of accesses per unit time is calculated by the traffic calculation unit, the number of accesses per unit time calculated by the traffic calculation unit only during a predetermined period defined in advance When the number of addresses equal to or greater than the first threshold is specified as a condition-matching address, and the data traffic volume per unit time is calculated by the traffic volume calculation unit, the traffic volume only during a predetermined period defined in advance. The address extracting device according to claim 8, wherein an address at which the data communication amount per unit time calculated by the calculation unit is equal to or more than a first threshold value of the predefined data communication amount is specified as a condition matching address.

The address input unit
For each access performed by the proxy server device, input a proxy log in which the address of the access destination and the data communication amount at the time of access are shown in association with each other,
The address extracting device further includes:
Calculate the number of accesses per unit time for each address extracted by the address extraction unit from the proxy log input by the address input unit, or by the address extraction unit from the proxy log input by the address input unit A communication amount calculation unit that calculates a data communication amount per unit time for each extracted address,
The condition matching address specifying unit
When the number of accesses per unit time is calculated by the communication amount calculation unit, an address where the number of accesses per unit time is equal to or more than a second threshold value of the number of accesses defined in advance for every fixed period is a condition-matching address When the data communication amount per unit time is calculated by the communication amount calculation unit, the data communication amount per unit time is equal to or greater than a second threshold value of the data communication amount that is defined in advance for each fixed period The address extracting apparatus according to claim 8, wherein the address is specified as a condition matching address.

The address input unit
For each access performed by the proxy server device, an access destination address, a request size which is the size of data transmitted from the proxy server device to the access destination, and a size of data received from the access destination by the proxy server device Enter a proxy log that is associated with a response size,
The condition matching address specifying unit
The response size associated with each address extracted by the address extraction unit from the proxy log input by the address input unit is specified in access units,
9. The address extracting apparatus according to claim 8, wherein an address whose specified response size is less than a predefined response size threshold is specified as a condition matching address.

The condition matching address specifying unit
The response size and the request size associated with each address extracted by the address extraction unit from the proxy log input by the address input unit are specified in access units,
13. The address extraction according to claim 12, wherein the identified response size is less than a predefined response size threshold value, and an address having a request size less than the predefined request size threshold value is identified as a condition matching address. apparatus.

The address input unit
A terminal operation log the terminal device by operating Yu chromatography The said proxy notifies the server apparatus was based on the address of the web page of the access destination of the access to the proxy server device has performed a title is indicated,
Based on the address notified to the proxy server device by the terminal device using a local proxy, the title of the web page of the access destination accessed by the proxy server device and the access destination address are shown in association with each other. Enter a local proxy log containing at least one local proxy information,
The address extracting device further includes:
A local proxy information extraction unit that extracts local proxy information indicating a title that matches a title indicated in the terminal operation log from among the titles indicated in the local proxy information included in the local proxy log input by the address input unit With
The address extraction unit
Of the addresses indicated in the proxy log input by the address input unit, an address that is not indicated in either the valid address information or the local proxy information extracted by the local proxy information extraction unit is extracted. The address extracting device according to claim 1, wherein: