-
公开(公告)号:EP3367288A1
公开(公告)日:2018-08-29
申请号:EP16870317.1
申请日:2016-10-18
摘要: A classification device (10) constructs tree structure data in which attribute information relating to a single communication or multiple communications serves as a terminal node, from a series of communications with a single communication destination or multiple communication destinations that take place when software is executed, calculates attribute information on a higher node on the basis of attribute information on the terminal node, and classifies the software by specifying the type of the software on the basis of attribute information on the highest node.
-
公开(公告)号:EP4213044A1
公开(公告)日:2023-07-19
申请号:EP20957653.7
申请日:2020-10-14
发明人: NAKANO, Hiroki , CHIBA, Daiki
IPC分类号: G06F16/9532 , G06F21/44
摘要: An acquisition unit (15a) acquires user-generated content generated in each service in a predetermined period. A generation unit (15b) generates a search query by using words that appear in the user-generated content for each service. A collection unit (15c) collects user-generated content generated in a plurality of services by using the generated search query.
-
3.发明公开
公开(公告)号:EP4137976A1
公开(公告)日:2023-02-22
申请号:EP20935194.9
申请日:2020-05-15
发明人: KOIDE, Takashi , CHIBA, Daiki
摘要: A learning apparatus (10) is configured to receive an input of information relating to a web page, whether or not the web page is a malicious site being known, the malicious site presenting a false virus removal method, and generate a training model using, as training data, any one feature or a plurality of features from among a word/phraserelated feature, an image-related feature, an HTML source code-related feature and a communication log-related feature, the feature or the features being included in the information relating to the web page.
-
公开(公告)号:EP4030324A1
公开(公告)日:2022-07-20
申请号:EP19948248.0
申请日:2019-10-09
IPC分类号: G06F21/55
摘要: A level estimation apparatus (10) receives event logs of events detected by each network device or application. Then, the level estimation apparatus (10) calculates the degrees of similarity among the events, and estimates a level of a predetermined event based on the calculated degrees of similarity among the events and a level of at least one of the events. Here, in the calculation of the degrees of similarity among the events, when calculating a degree of similarity between events detected by different network devices or applications, the level estimation apparatus (10) uses a degree of similarity to a common event, which is an event that has been detected mutually by the different network devices or applications.
-
5.发明公开
公开(公告)号:EP3964987A1
公开(公告)日:2022-03-09
申请号:EP19931434.5
申请日:2019-05-24
发明人: KOIDE, Takashi , CHIBA, Daiki
IPC分类号: G06F21/55
摘要: A learning device (10) uses a web browser to crawl one or more web pages from an originating web page, and to accept input of log information obtained from the web browser until an ending web page is reached. The learning device (10) then generates a training model using, as training data, any one or more feature amounts among a feature amount of each web page included in the log information, a feature amount about an operation performed on the web browser on a path reaching the ending web page, and a feature amount about an event occurring on the path reaching the ending web page.
-
公开(公告)号:EP3379772B1
公开(公告)日:2020-08-12
申请号:EP17756284.0
申请日:2017-02-13
发明人: YAGI, Takeshi , CHIBA, Daiki
IPC分类号: H04L12/24 , H04L12/70 , H04L29/06 , G06F16/28 , G06F16/951
-
公开(公告)号:EP3252646B1
公开(公告)日:2019-06-05
申请号:EP16758732.8
申请日:2016-02-12
发明人: CHIBA, Daiki , YAGI, Takeshi
-
8.发明公开ANALYSIS RULE ADJUSTMENT DEVICE, ANALYSIS RULE ADJUSTMENT SYSTEM, ANALYSIS RULE ADJUSTMENT METHOD, AND ANALYSIS RULE ADJUSTMENT PROGRAM 有权装置:用于适配系统分析规则进行分析竞赛规则的调整分析规则进行调整和程序分析规则的调整方法
公开(公告)号:EP3099024A1
公开(公告)日:2016-11-30
申请号:EP15765105.0
申请日:2015-03-16
发明人: NAKATA, Kensuke , KAMIYA, Kazunori , YAGI, Takeshi , SATO, Tohru , CHIBA, Daiki
CPC分类号: H04L63/20 , G06F21/552 , G06F2221/2151 , H04L12/6418 , H04L43/04 , H04L63/1425 , H04L2463/144
摘要: There is provided an analysis rule adjustment device that adjusts an analysis rule used in a communication log analysis performed to detect malicious communication through a network. The analysis rule adjustment device includes a log acquisition unit, a log analysis unit, and a first analysis unit. The log acquisition unit acquires a communication log through a network to be defended and a communication log generated by malware. The log analysis unit analyzes the communication log acquired by the log acquisition unit on the basis of predetermined analysis rule and tuning condition. The first analysis unit analyzes an analysis result by the log analysis unit and calculates a recommended tuning value used in an adjustment of the predetermined analysis rule and satisfying the tuning condition.
摘要翻译: 有被提供给分析规则调整装置也bestimmt中进行的通过网络检测恶意通信的通信日志分析中使用的分析规则的。 分析规则调节装置包括一个日志获取单元,日志分析单元,以及一个第一分析单元。 日志获取单元通过获得辩护的网络和由恶意软件生成的通信日志获取的通信日志。 日志分析单元分析由日志获取单元分析预定规则和调谐条件的基础上获取的通信日志。 第一分析单元由日志分析部的分析结果的分析和计算在预定的分析规则的调整并满足调谐条件用于在推荐的调谐值。
-
公开(公告)号:EP4231179A1
公开(公告)日:2023-08-23
申请号:EP20957652.9
申请日:2020-10-14
发明人: NAKANO, Hiroki , CHIBA, Daiki
IPC分类号: G06F21/44 , G06F21/50 , G06F16/908
摘要: An extraction unit (15g) accesses an entrance URL described in user-generated content generated by a user in a plurality of services in a predetermined period to extract a feature quantity of the user-generated content. The training unit (15e) performs training by using the extracted feature quantity of the user-generated content generated by a normal user and a feature quantity of content generated by a malicious user. A determination unit (15f) determines whether or not the user-generated content has been generated by the malicious user using a trained model.
-
公开(公告)号:EP4213048A1
公开(公告)日:2023-07-19
申请号:EP20957650.3
申请日:2020-10-14
发明人: NAKANO, Hiroki , CHIBA, Daiki
IPC分类号: G06F21/44 , G06F21/50 , G06F16/908
摘要: A calculation unit (15d) calculates a characteristic amount of user-generated content generated by a user in a predetermined period. A learning unit (15e) performs learning using the calculated characteristic amount of the user-generated content generated by a legitimate user and a characteristic amount of content generated by a malicious user. A determination unit (15f) determines whether the user-generated content is generated by the malicious user using a learned model.
-
-
-
-
-
-
-
-
-
搜索结果
30 条记录 (耗时 0.019 秒)
