An unauthorized access to a vehicle is accurately detected. An attack detection rule generation server includes: a general unauthorized access information receiving section receiving, from an external information processing apparatus, general unauthorized access information about an unauthorized access made to an information processing apparatus; a vehicle unauthorized access characteristic information generation section generating vehicle unauthorized access characteristic information about characteristics of an unauthorized access to a vehicle in a case of comparing the unauthorized access to the vehicle with the unauthorized access to the information processing apparatus; a vehicle unauthorized access information generation section generating vehicle unauthorized access information indicating a configuration of the unauthorized access to the vehicle, on the basis of the general unauthorized access information and the vehicle unauthorized access characteristic information; and a vehicle unauthorized access detection rule generation section generating a vehicle unauthorized access detection rule detecting the unauthorized access to the vehicle, on the basis of the vehicle unauthorized access information.
展开▼