US Patent 12028364 Communication control system, network controller and computer program

In a communication control system having a plurality of layer 2 switches and a network controller, the network controller includes a determination unit and an instruction unit, the determination unit being configured to determine whether or not a transfer communication flow feature indicating a feature of a communication flow transferred by a layer 2 switch of the plurality of layer 2 switches is similar to an abnormal communication flow feature indicating a feature of a communication flow when an abnormality occurs; and the instruction unit being configured to: output to the layer 2 switch, when the determination unit determines that the transfer communication flow feature is similar to the abnormal communication flow feature, a first instruction to lower priority of transfer processing for the communication flow and a second instruction to duplicate the communication flow to the layer 2 switch; or output the first instruction to the layer 2 switch, and output, to a server detecting a malicious attack, identification information identifying the communication flow having the transfer communication flow feature.