A DoS (Denial of Service) attack and a DDoS (Distributed Denial of Service) attack have been conventionally known as an attack made via a network on a device connected to the network.
The DoS attack is aimed at blocking a service provided by a device (e.g., a server or the like) connected to the network, and how to block and reject the service is that an attacker sends a large amount of IP packets to the device to cause resources of the network and the device to be consumed. The DDoS attack is that a computer installed with an attack program on a system thereof by unauthorized access or the like, which is so-called a “zombie”, implements attacks on devices on a targeted network at the same time.
The number of DoS attacks and DDoS attacks has increased in recent years, so to provide services stably through the Internet that has been already becoming a social infrastructure, it is important to implement measures against such DoS attacks and DDoS attacks.
As a method for defending against such DoS attacks and DDoS attacks, for example, there is a technology disclosed in Patent document 1 (Japanese Laid-open Patent Publication No. 2006-67078) and the like. Specifically, in Patent document 1, a router that has detected an attack (i.e., a closest router to a device subjected to an attack) transfers attack detection information to an administration device. When receiving the transfer, the administration device analyzes the received attack detection information, and gives each router an instruction to defend against the attack on the basis of a result of the analysis.
Patent document 1: Japanese Laid-open Patent Publication No. 2006-67078