-
公开(公告)号:EP3067814B1
公开(公告)日:2020-02-26
申请号:EP14869490.4
申请日:2014-12-08
发明人: AKIYAMA, Mitsuaki , YAGI, Takeshi
IPC分类号: H04L29/06 , H04L29/08 , G06F21/51 , G06F13/30 , G06F16/33 , G06F16/903 , G06F16/951 , G06F16/955
-
公开(公告)号:EP3570504A1
公开(公告)日:2019-11-20
申请号:EP17899729.2
申请日:2017-08-22
发明人: CHIBA, Daiki , AKIYAMA, Mitsuaki , YAGI, Takeshi
摘要: An attack countermeasure determination (10) includes a domain name input unit (11) that receives any domain name as input, and acquires setting information corresponding to the domain name, registration information corresponding to the domain name, and external information corresponding to an internet protocol (IP) address corresponding to the domain name, as feature information on the domain name, an attack countermeasure determination unit (16) that specifies a pre-designated category for the domain name on the basis of the feature information and determines, in a stepwise manner, an attack countermeasure against the domain name in accordance with the specified category, and an attack countermeasure information output unit (15) that outputs attack countermeasure information corresponding to the attack countermeasure.
-
公开(公告)号:EP3136278B1
公开(公告)日:2018-10-10
申请号:EP15799613.3
申请日:2015-05-18
CPC分类号: G06F21/566 , G06F21/56 , G06F21/62 , G06F2221/033
摘要: A dynamically-loaded code analysis device includes a memory unit, an extraction unit, and a specification unit. The memory unit memorizes dynamically-loaded code information indicating a class structure of a dynamically-loaded code and call method information in which tag information added to user information is associated with a class structure of a code performed for the user information, for each of the dynamically-loaded codes acquired via a network. The extraction unit detects transmission of user information to another device and specifies tag information that matches the tag information added to the user information from the call method information memorized in the memory unit, to extract a class structure associated with the tag information. The specification unit searches the memory unit for dynamically-loaded code information indicating the class structure, to specify a dynamically-loaded code corresponding to the dynamically-loaded code information.
-
公开(公告)号:EP3379772A1
公开(公告)日:2018-09-26
申请号:EP17756284.0
申请日:2017-02-13
发明人: YAGI, Takeshi , CHIBA, Daiki
摘要: A network standpoint feature value creating unit (112) classifies access data collected at observation points into each detection target access source and creates network standpoint feature values for each of the detection target access sources. An access source detection unit (113) detects, based on the network standpoint feature value, an access source performs a predetermined continuous access. A point standpoint feature value creating unit (114) creates detection target standpoint feature values that are feature values for each access data collected at an observation point and training standpoint feature values that are feature values for each access data of the access source detected by the access source detection unit (113). An access detection unit (115) detects access data in which the similarity between the detection target standpoint feature value and the training standpoint feature value is not less than a predetermined value as access data by the predetermined continuous access.
-
公开(公告)号:EP3190536A1
公开(公告)日:2017-07-12
申请号:EP15850892.9
申请日:2015-10-13
发明人: TAKATA, Yuta , AKIYAMA, Mitsuaki , YAGI, Takeshi
CPC分类号: G06F8/42 , G06F13/00 , G06F17/30864 , G06F17/30887 , G06F21/56
摘要: A program analysis unit (273) of a browser emulator manager (23) exhaustively searches a code by performing syntax analysis of a code included in web content to search a transfer code to another site or a content acquisition code, and specifies at least any of an object and a function and a property of the object used in the code found as a result of the search. Further, the program analysis unit (273) extracts a code having a dependence relationship with the transfer code or the content acquisition code based on at least any of the object and the function and the property of the object thus specified.
摘要翻译: 浏览器仿真器管理器(23)的程序分析单元(273)通过对包含在网络内容中的代码执行语法分析以搜索到另一个站点的传输代码或内容获取代码来穷举地搜索代码,并且至少指定 作为搜索结果找到的代码中使用的对象和函数以及对象的属性。 此外,程序分析单元(273)至少基于如此指定的对象以及对象的功能和属性中的任何一个来提取具有与传送代码或内容获取代码的依赖关系的代码。
-
6.发明公开DYNAMICALLY LOADED CODE ANALYSIS DEVICE, DYNAMICALLY LOADED CODE ANALYSIS METHOD, AND DYNAMICALLY LOADED CODE ANALYSIS PROGRAM 审中-公开动态带电CODE分析装置,动态分析方法和加载的动态分析程序代码载入
公开(公告)号:EP3136278A1
公开(公告)日:2017-03-01
申请号:EP15799613.3
申请日:2015-05-18
CPC分类号: G06F21/566 , G06F21/56 , G06F21/62 , G06F2221/033
摘要: A dynamically-loaded code analysis device includes a memory unit, an extraction unit, and a specification unit. The memory unit memorizes dynamically-loaded code information indicating a class structure of a dynamically-loaded code and call method information in which tag information added to user information is associated with a class structure of a code performed for the user information, for each of the dynamically-loaded codes acquired via a network. The extraction unit detects transmission of user information to another device and specifies tag information that matches the tag information added to the user information from the call method information memorized in the memory unit, to extract a class structure associated with the tag information. The specification unit searches the memory unit for dynamically-loaded code information indicating the class structure, to specify a dynamically-loaded code corresponding to the dynamically-loaded code information.
摘要翻译: 一个动态加载的代码分析装置包括存储单元,以提取单元,以及指定单元。 存储器单元记忆动态加载的代码信息,其指示添加到用户信息,其中标签信息的动态加载的代码和呼叫方法的信息的一类结构用的执行用于用户信息的码的一类结构相关联,针对每一个 动态加载经由网络获取的代码。 所述提取单元检测的用户信息发送到另一装置并指定没有添加到从在存储单元中存储的呼叫信息的方法的用户信息的标签信息,以提取与该标签信息相关联的类结构相匹配的标签信息。 指定单元搜索存储器单元,用于动态加载的代码信息,其指示类的结构,要指定一个动态加载的代码对应于动态加载代码信息。
-
公开(公告)号:EP3547193A1
公开(公告)日:2019-10-02
申请号:EP17891283.8
申请日:2017-08-10
发明人: TAKATA, Yuta , AKIYAMA, Mitsuaki , YAGI, Takeshi
摘要: An analysis apparatus (10) has a transfer path matching unit (151) that is provided with a real browser log La and a browser emulator log Lb as input and identifies, as a specific transfer path, a transfer path that is not transferred to a malicious URL on a pseudo-browser where the transfer path is transferred to the malicious URL on a real browser, based on the malicious URL information in a malicious URL database (14), and an analysis avoidance code identification unit (152) that identifies an analysis avoidance code that avoids analysis by utilizing a browser-specific function or an implementation difference between the real-browser and the pseudo-browser, among script codes that are executed on a website, based on the specific transfer path.
-
公开(公告)号:EP3340097B1
公开(公告)日:2019-08-07
申请号:EP16861914.6
申请日:2016-10-17
发明人: TAKATA, Yuta , AKIYAMA, Mitsuaki , YAGI, Takeshi
-
9.发明公开
公开(公告)号:EP3454230A1
公开(公告)日:2019-03-13
申请号:EP17813066.2
申请日:2017-05-15
IPC分类号: G06F17/30
摘要: An access classification device (10) includes a tree construction unit (13), a node association unit (14), a similarity calculation unit (15), and a classification unit (16). The tree construction unit (13) creates a plurality of trees in each of which at least a first destination and a second destination are set as nodes, content information corresponding to the nodes is added to the nodes, and an instruction to transfer a series of accesses from the first destination to the second destination is set as an edge. For the plurality of trees, the node association unit (14) associates nodes of the plurality of trees with each other, based on similarity between local structures of the trees. The similarity calculation unit (15) calculates similarity between the nodes associated with each other, based on the content information, and calculates similarity between the plurality of trees using the calculated similarity between the nodes. The classification unit (16) classifies the accesses into a set with similar features, based on the calculated similarity.
-
公开(公告)号:EP3101580B1
公开(公告)日:2019-02-27
申请号:EP15765115.9
申请日:2015-03-17
发明人: SATO, Tohru , KAMIYA, Kazunori , YAGI, Takeshi , NAKATA, Kensuke , CHIBA, Daiki
-
-
-
-
-
-
-
-
-
搜索结果
35 条记录 (耗时 0.019 秒)
