公开(公告)号：US20220237302A1

公开(公告)日：2022-07-28

申请号：US17616219

申请日：2020-05-18

Applicant: NEC Corporation

Inventor： Tomohiko YAGYU

IPC: G06F21/57 ,  G06F21/56

Abstract: A rule generation apparatus 100 is an apparatus that automatically generates rules used to analyze an attack, and includes a collection unit 200, an attack success condition generation unit 300, an attack-time history generation unit 400, and a rule generation unit 500.

公开(公告)号：US20200007558A1

公开(公告)日：2020-01-02

申请号：US16485483

申请日：2017-02-24

Applicant: NEC Corporation

Inventor： Masaki INOKUCHI ,  Tomohiko YAGYU

IPC: H04L29/06 ,  G06F16/23

Abstract: At least one of nodes included in the second node group comprises a request means (521) for transmitting a request signal including verification information to at least any node of the first node group, and a verification means (522) for verifying response information for the request signal, the verification means determines, regarding the response information, whether or not desired information that is information requested by the request signal or a digest thereof is included, whether or not correct verification information is included, whether or not a value obtained by applying a one-way function to the response information satisfies a predetermined rule, and a response time that is the time taken between the transmission of the request signal and the obtainment of the desired information, and on the basis of the determination results thereof, assesses the presence or absence of reliability of the desired information or the degree of reliability thereof.

公开(公告)号：US20220311786A1

公开(公告)日：2022-09-29

申请号：US17641506

申请日：2019-09-27

Applicant: NEC Corporation

Inventor： Hirofumi UEDA ,  Yoshinobu OHTA ,  Tomohiko YAGYU ,  Norio YAMAGAKI

IPC: H04L9/40

Abstract: Provided is an analysis system that can analyze the degree of impact of vulnerability on individual systems. An analysis unit 6 generates an attack pattern that includes an attack condition, an attack result, an attack means that is vulnerability that is used by an attack, and a segment where the attack can occur in a system to be diagnosed. A calculation unit 12 calculates an evaluation value, for each vulnerability, which indicates degree of impact of the vulnerability on the system to be diagnosed. Specifically, the calculation unit 12 calculates the evaluation value, for each vulnerability, based on the number of the attack patterns that include the vulnerability focused on as the attack means and the number of the segments indicated by each attack pattern that includes the vulnerability focused on as the attack means.

公开(公告)号：US20210333787A1

公开(公告)日：2021-10-28

申请号：US16606537

申请日：2017-04-20

Applicant: NEC CORPORATION

Inventor： Satoru YAMANO ,  Norihito FUJITA ,  Tomohiko YAGYU

IPC: G05B23/02

Abstract: A device management system includes a learning unit 81 for learning a state model representing a normal state of a system including a control target device, based on a control sequence representing one or more time-series commands and data indicating a state of the control target device when the control sequence is issued.

公开(公告)号：US20190357096A1

公开(公告)日：2019-11-21

申请号：US16483076

申请日：2017-02-16

Applicant: NEC Corporation

Inventor： Yoshitomo WARASHINA ,  Tomohiko YAGYU

IPC: H04W36/00 ,  H04W36/08 ,  H04W52/38 ,  H04W48/20

Abstract: A communication node includes: a control information sharing unit which distributes a relay node reselection request; a transmission power control unit which adjusts transmission power based on the relay node reselection request; a reselection necessity determination unit which determines whether another communication node is to become a new relay node, and, in the case of determining that the other communication node is to become the new relay node, calculating priority of the communication node in the wireless ad-hoc network; and a relay node reselection request unit which performs a relay node reselection request process for transmitting a relay node reselection request included in the control information, depending on the priority.

公开(公告)号：US20250141917A1

公开(公告)日：2025-05-01

申请号：US18835576

申请日：2022-03-18

Applicant: NEC Corporation

Inventor： Ryo MIZUSHIMA ,  Tomohiko YAGYU

IPC: H04L9/40

Abstract: A measure candidate table includes a plurality of measures and indices indicating the effects of respective measures. A measure compatibility table includes combinations of measures in each of which two or more of the plurality of measures are combined with each other and indies indicating the effects of respective combinations of measures. A measure calculation means plans a measure against an attack used in an attack route by using the measure candidate table and the measure compatibility table. A risk value calculation means calculates, based on an index indicating an effect of a measure and an index indicating an effect of a combination of measures, a risk value of the attack route under an assumption that the planned measure is introduced into a system to be analyzed.

公开(公告)号：US20240095345A1

公开(公告)日：2024-03-21

申请号：US18273429

申请日：2021-01-28

Applicant: NEC Corporation

Inventor： Masaki INOKUCHI ,  Tomohiko YAGYU

IPC: G06F21/55 ,  H04L9/14

CPC classification number: G06F21/55 ,  H04L9/14

Abstract: A display apparatus (10) includes an acquiring unit (11) configured to acquire configuration information of an information system that includes a plurality of nodes; a determining unit (12) configured to determine a display method of displaying an object of security information display concerning a node in the acquired configuration information, based on a security characteristic of an attackable element used to attack the object of security information display and a security characteristic of a preventive measure element preventing an attack on the object of security information display; and a display unit (13) configured to, when displaying a system configuration of the information system, display the object of security information display in accordance with the determined display method.

公开(公告)号：US20230018096A1

公开(公告)日：2023-01-19

申请号：US17786191

申请日：2019-12-25

Applicant: NEC Corporation

Inventor： Hirofumi UEDA ,  Ryo MIZUSHIMA ,  Tomohiko YAGYU

IPC: H04L9/40

Abstract: An analysis apparatus (10) includes an environment assessment unit (11) for assessing environmental metrics of a Common Vulnerability Scoring System (CVSS) as regards a vulnerability in an information system based on an attack path extracted from the information system to which the vulnerability to be analyzed is applied, a base assessment unit (12) for assessing base metrics of the CVSS as regards the vulnerability in the information system based on obtained CVSS base value information of the vulnerability and a predetermined base value countermeasure determination condition of the information system, and a determination unit (13) for determining whether or not the vulnerability in the information system needs to be addressed based on an assessment result of the environmental metrics and an assessment result of the base metrics.

公开(公告)号：US20240056464A1

公开(公告)日：2024-02-15

申请号：US17641211

申请日：2019-09-27

Applicant: NEC Corporation

Inventor： Hirofumi UEDA ,  Yoshinobu OHTA ,  Tomohiko YAGYU ,  Norio YAMAGAKI

IPC: H04L9/40

CPC classification number: H04L63/1433

Abstract: Provided is an analysis system that allows a security administrator to understand the impact of known vulnerabilities on the system to be diagnosed. The topology identification unit 14 identifies network topology of devices included in a system to be diagnosed. The analysis unit 6 generates an attack pattern that includes an attack condition, an attack result, an attack means that is vulnerability that is used by an attack, and a segment where the attack can occur in the system to be diagnosed. The display control unit 8 displays segments included in attack patterns superimposed on the network topology, on a display device. At this time, the display control unit 8 changes a display mode of the segment according to a type of the vulnerability that corresponds to the attack means included in the attack pattern including the segment.

公开(公告)号：US20240022589A1

公开(公告)日：2024-01-18

申请号：US18032632

申请日：2020-10-27

Applicant: NEC Corporation

Inventor： Masaki INOKUCHI ,  Tomohiko YAGYU ,  Shunichi KINOSHITA ,  Hirofumi UEDA

IPC: H04L9/40

CPC classification number: H04L63/1433 ,  H04L63/1491 ,  H04L63/20 ,  H04L63/104

Abstract: A risk analysis is conducted without increasing the computational cost. A grouping means groups a plurality of hosts included in a system to be analyzed into a plurality of groups. A virtual analysis element generation means generates at least one virtual analysis element for each of the plurality of groups. An analysis means analyzes whether an attack against the virtual analysis element being an end point of an attack is possible by using the virtual analysis element. An analysis target element determination means determines, as a target of a risk analysis, a host corresponding to the virtual analysis element included in a path where the attack occurs among hosts included in the system to be analyzed. An analysis means analyzes whether an attack against the host being the end point of the attack is possible for the host determined as a target of the risk analysis.