公开(公告)号：US20230040982A1

公开(公告)日：2023-02-09

申请号：US17793110

申请日：2020-01-17

Applicant: NEC CORPORATION ,  B. G. Negev Technologies and Applications Ltd., at Ben-Gurion University

Inventor： Masaki INOKUCHI ,  Tomohiko YAGYU ,  Asaf SHABTAI ,  Yuval ELOVICI ,  Ron BITTON ,  Hodaya BINYAMINI

IPC: G06F21/57

Abstract: An attack information processing apparatus (10) includes an extraction unit (11) configured to extract first and second attack knowledge pieces indicating conditions of a cyber attack from first and second attack information pieces including descriptions of the cyber attack, a determination unit (12) configured to determine similarity between the first and second attack information pieces, and a complementing unit (13) configured to complement the first attack knowledge piece with the second attack knowledge piece based on the determined similarity.

公开(公告)号：US20200259855A1

公开(公告)日：2020-08-13

申请号：US16651759

申请日：2017-09-29

Applicant: NEC CORPORATION

Inventor： Masaki INOKUCHI

IPC: H04L29/06 ,  G06N7/00

Abstract: To implement a security assessment system capable of assessing an attack path including an air gap path, there is provided an information processing apparatus including a system configuration detector that detects at least two hosts included in a system and a communication link between the at least two hosts, an air gap path detector that detects, among the at least two hosts, a pair of hosts between which there is no communication link but data movement can occur, a calculator that calculates a score concerning a possibility that the pair of hosts detected by the air gap path detector is used for an attack, and a security assessment unit that performs security assessment using the hosts, the communication link between the hosts, information of the pair of hosts, and the score.

公开(公告)号：US20240249008A1

公开(公告)日：2024-07-25

申请号：US18413193

申请日：2024-01-16

Applicant: NEC Corporation

Inventor： Masaki INOKUCHI ,  Shohei MITANI

IPC: G06F21/62

CPC classification number: G06F21/62

Abstract: A policy consistency verification apparatus includes a policy conversion part configured to generate an If-Then rule approximating a policy function used as an input, wherein the policy function is generated from policy definition defining attribute value of access and a rule regarding accessibility to obtain an output of accessibility from inputs of the attribute value; and an error sample generation part configured to verify consistency between the If-Then rule and the policy definition to generate inconsistent attribute value as an error sample.

公开(公告)号：US20220182406A1

公开(公告)日：2022-06-09

申请号：US17617380

申请日：2019-06-11

Applicant: NEC Corporation

Inventor： Masaki INOKUCHI

IPC: H04L9/40

Abstract: An analysis apparatus includes an analysis target selection unit configured to select entities to be analyzed, an attack graph generation unit configured to generate an attack graph for a set of the selected entities, and a countermeasure implementation assumption unit configured to assume that a countermeasure for invalidating an attack condition is implemented in the generated attack graph. The attack graph generation unit generates the attack graph on a precondition that the countermeasure for invalidating the attack condition assumed by the countermeasure implementation assumption unit has been implemented. The analysis target selection unit selects at least one of all the entities to be analyzed and adds the selected entity in the analysis targets in each of the plurality of cycles.

公开(公告)号：US20210250370A1

公开(公告)日：2021-08-12

申请号：US16980313

申请日：2018-03-14

Applicant: NEC CORPORATION ,  B. G. Negev Technologies and Applications Ltd. at Ben-Gurion University.

Inventor： Masaki INOKUCHI ,  Yoshinobu OHTA ,  Ron BITTON ,  Orly STAN ,  Asaf SHABTAI ,  Yuval ELOVICI

IPC: H04L29/06 ,  G06F21/57

Abstract: A security assessment system is configured to provide a duplicated environment which duplicates an assessment target system comprising a plurality of physical components. The security assessment system includes a duplicated environment design circuitry and a duplicated environment construction circuitry, The duplicated environment design circuitry is configured to select a duplication level based on constraints specified by a user in order to design the duplicated environment to produce a designed result indicative of a duplicated environment design. The duplication level is indicative of any one of a simulation sub-module, an emulation sub-module, and a physical sub-module which are for reproducing the physical components of the assessment target system. The duplicated environment construction circuitry is configured to construct the duplicated environment based on the designed result. The duplicated environment includes components which are duplicated by one of the duplication

公开(公告)号：US20210243213A1

公开(公告)日：2021-08-05

申请号：US16973596

申请日：2018-06-12

Applicant: NEC CORPORATION ,  B.G. Negev Technologies and Applications Ltd., at Ben-Gurion University

Inventor： Yoshiyuki YAMADA ,  Masaki INOKUCHI ,  Yoshinobu OHTA ,  Yuval ELOVICI ,  Asaf SHABTAI ,  Ron BITTON

IPC: H04L29/06 ,  H04L29/12

Abstract: An information collection system includes: a side-channel information processing unit that derives load information to estimate an impact on the availability of a target machine for active scanning by using side-channel data; an allow list generation unit that generates an allow list including a scan timing and a scan range in which the availability is not affected, the allow list generation unit generating the allow list based on the load information; and an allow list storage unit that stores the allow list. An active scan of the target machine is executed by referencing the allow list stored in the allow list storage unit to collect asset information of the target machine.

公开(公告)号：US20210042423A1

公开(公告)日：2021-02-11

申请号：US16980269

申请日：2018-03-14

Applicant: NEC CORPORATION ,  B. G. Negev Technologies and Applications Ltd., at Ben-Gurion University

Inventor： Masaki INOKUCHI ,  Yoshinobu OHTA ,  Ron BITTON ,  Orly STAN ,  Tomer GLUCK ,  Asaf SHABTAI ,  Yuval ELOVICI

IPC: G06F21/57

Abstract: A security assessment system is configured to provide a duplicated environment which duplicates an assessment target system comprising a plurality of physical components. The security assessment system includes a duplicated environment design circuitry and a duplicated environment construction circuitry. The duplicated environment design circuitry is configured to select a duplication level based on constraints specified by a user and effects associated with the physical components in order to design the duplicated environment to produce a designed result indicative of a duplicated environment design. The duplication level is indicative of any one of a simulation sub-module, an emulation sub-module, and a physical sub-module which are for reproducing the physical components of the assessment target system. The duplicated environment construction circuitry is configured to construct the duplicated environment based on the designed result. The duplicated environment includes components which are duplicated by one of the duplication level.

公开(公告)号：US20210006582A1

公开(公告)日：2021-01-07

申请号：US16975901

申请日：2018-03-27

Applicant: NEC Corporation

Inventor： Yoshiyuki YAMADA ,  Yoshinobu OHTA ,  Masaki INOKUCHI

IPC: H04L29/06

Abstract: This security evaluation system includes a first graph generation part that generates a first evaluation graph representing a connection relationship between resources as a target for security evaluation; a second graph generation part that generates a second evaluation graph representing a personal relationship between areas where the resources are located; and display part that displays the first evaluation graph and the second evaluation graph in association with each other.

公开(公告)号：US20200296745A1

公开(公告)日：2020-09-17

申请号：US16086045

申请日：2017-01-12

Applicant: NEC CORPORATION

Inventor： Masaki INOKUCHI ,  Kazushi MURAOKA

IPC: H04W72/12

Abstract: An apparatus (3) for uplink scheduling is configured to distinguish a plurality of uplink transmissions (120, 121, 122) related to a transfer of data originating from a first remote terminal (1A) from other uplink transmissions. The apparatus (3) further determines allocation of uplink radio resources at least partly based on whether the plurality of uplink transmissions (120, 121, 122) can be scheduled in the same transmission period. In this way, for example, it is possible to contribute to an improvement in performance of a plurality of uplink transmissions related to a transfer of data originating from one remote terminal.

公开(公告)号：US20200296738A1

公开(公告)日：2020-09-17

申请号：US16086039

申请日：2017-01-12

Applicant: NEC CORPORATION

Inventor： Masaki INOKUCHI ,  Kazushi MURAOKA

IPC: H04W72/12

Abstract: An apparatus (1 or 3) determines a device-to-device (D2D) radio resource to be allocated to one or more D2D transmissions from at least one remote terminal (1) to a first relay terminal (2) while considering a quality metric of an uplink from the first relay (2) terminal to a base station (3). In this way, for example, it is possible to contribute to avoiding inconsistency of performance between sidelink transmission from the remote terminal to the relay terminal and uplink transmission from the relay terminal to the base station.