-
公开(公告)号:US20220254198A1
公开(公告)日:2022-08-11
申请号:US17728085
申请日:2022-04-25
Inventor: Ryo HIRANO , Takeshi KISHIKAWA , Yoshihiro UJIIE , Tomoyuki HAGA
Abstract: A vehicle log transmission device includes: an anomaly detector that obtains a vehicle log from at least one electronic control unit, detects an anomaly based on log information in the vehicle log, and extracts log information in which the anomaly is detected as an anomaly log; an anomaly notifier that transmits the anomaly log to a server; a change instructor that, based on a vehicle state extracted from the vehicle log, transmits, to the at least one electronic control unit, a change instruction to change a save priority level of the log information included in the vehicle log; and a vehicle log request responder that, when a vehicle log request is received, obtains the vehicle log including log information saved based on the save priority level changed in response to the change instruction, and transmits the vehicle log obtained to the server.
-
公开(公告)号:US20220182404A1
公开(公告)日:2022-06-09
申请号:US17665218
申请日:2022-02-04
Inventor: Takeshi KISHIKAWA , Ryo HIRANO , Tomoyuki HAGA , Yoshihiro UJIIE
IPC: H04L9/40
Abstract: The control network system is connected to electronic control unit(s) and a communication device, and includes security sensor(s) that transmits a security alert indicating that an indication of a security breach is detected to the network, if the indication is detected in at least one of the network, the electronic control unit(s), or the communication device. The intrusion path analysis device includes: an alert obtainer that obtains the security alert from the security sensor(s); an event obtainer that obtains an event history of an event that occurs in the control network system; and an intrusion path analyzer that performs an analysis on an intrusion path of an attack on the basis of the security alert, the event history, and an intrusion depth indicating an intrusion level to be assumed in a case the security alert occurs, and that outputs a result of the analysis.
-
公开(公告)号:US20210349997A1
公开(公告)日:2021-11-11
申请号:US17380228
申请日:2021-07-20
Inventor: Ryo HIRANO , Takeshi KISHIKAWA , Yoshihiro UJIIE , Tomoyuki HAGA
IPC: G06F21/56
Abstract: An anomalous vehicle detection server includes an anomaly score calculator that detects a suspicious behavior different from a predetermined driving behavior based on pieces of vehicle information that are received from a plurality of vehicles, respectively, and are each based on a vehicle log including the content of an event that has occurred in a vehicle system provided in the vehicle, and acquires an anomaly score of each of the plurality of vehicles that indicates a likelihood that reverse engineering is performed on the vehicle; and an anomalous vehicle determiner that determines whether one vehicle of the plurality of vehicles is an anomalous vehicle based on the anomaly score of the one vehicle and a statistical value of the anomaly scores of two or more vehicles of the plurality of vehicles.
-
公开(公告)号:US20210152287A1
公开(公告)日:2021-05-20
申请号:US17128542
申请日:2020-12-21
Inventor: Takeshi KISHIKAWA , Tatsumi OBA , Manabu MAEDA
Abstract: An information processing method performed by an information processing system including a storage device to process a plurality of data frames flowing in an in-vehicle network including at least one electronic control unit includes a receiving step of sequentially receiving a plurality of data frames flowing in the in-vehicle network, a frame collection step of recording, in a reception log held in the storage device, reception interval information indicating reception intervals between the plurality of data frames as frame information, a feature acquisition step of acquiring, from the reception interval information, a feature relating to distribution of the reception intervals between the plurality of data frames, and an unauthorized data presence determination step of determining the presence/absence of an unauthorized data frame among the plurality of data frames.
-
公开(公告)号:US20210056206A1
公开(公告)日:2021-02-25
申请号:US17094377
申请日:2020-11-10
Inventor: Ryo HIRANO , Takeshi KISHIKAWA
IPC: G06F21/56
Abstract: An intrusion point identification device includes: a threat information collector that collects and stores threat information including identification information identifying a moving body, route information indicating a route through which the threat has intruded into the moving body, and discovery information indicating a discovery date of an attack; a vehicle log collector that collects logs, extracts, from the logs, histories of points that indicate locations of one or more moving bodies within a predetermined period, and stores the histories of the points as history information, the logs indicating points that indicate locations of the one or more moving bodies, the predetermined period being set based on the discovery information; an intrusion point identification unit that identifies an intrusion point of the threat from a first attack source through a first route among the points indicated in the history information; and an intrusion point notifier that outputs the intrusion point.
-
Patent Agency Ranking
36.发明申请公开(公告)号:US20210014230A1
公开(公告)日:2021-01-14
申请号:US17039107
申请日:2020-09-30
Inventor: Takeshi KISHIKAWA , Manabu MAEDA , Tohru WAKABAYASHI , Toshihisa NAKANO , Hideki MATSUSHIMA
IPC: H04L29/06 , B60R16/023 , H04L12/40
Abstract: A method for use in a network system is provided. The network system includes a plurality of electronic controllers that transmits and receives, via a network, a plurality of frames. The plurality of frames includes at least one control frame that instructs predetermined control to an object of control. The method receives, sequentially, the plurality of frames from the network, and determines whether the predetermined control, instructed by the control frame received in the receiving, is to be suppressed, based on a set of frames received in the receiving. The set of frames is received in the receiving within a predetermined period preceding a time of reception of the control frame.
-
公开(公告)号:US20200336504A1
公开(公告)日:2020-10-22
申请号:US16919809
申请日:2020-07-02
Inventor: Manabu MAEDA , Jun ANZAI , Takeshi KISHIKAWA
Abstract: A log generation method for generating a log of communication on an in-vehicle network includes: performing a plurality of determination processes for determining, by using different methods, whether or not a message sent to the in-vehicle network is anomalous; generating a log in accordance with results of the plurality of determination processes; and transmitting the generated log. In the generating, information items to be included in the log are determined in accordance with a combination of the results of the plurality of determination processes so that the log does not include identical information items.
-
公开(公告)号:US20200310782A1
公开(公告)日:2020-10-01
申请号:US16902780
申请日:2020-06-16
Inventor: Yoshihiro UJIIE , Hideki MATSUSHIMA , Jun ANZAI , Toshihisa NAKANO , Tomoyuki HAGA , Manabu MAEDA , Takeshi KISHIKAWA
Abstract: A gateway device is connected via one or more networks to electronic controllers on-board a vehicle. The gateway device includes one or more memories, and circuitry that acquires firmware update information. The circuitry determines whether or not a first electronic controller satisfies a second condition based on second information about the first electronic controller, where the second information is whether the first electronic controller includes a firmware cache for performing a pre-update firmware cache operation. The circuitry also causes, when the second condition is not satisfied, the gateway device to execute a proxy process, where the gateway device requests the first electronic controller to transmit boot ROM data to the gateway device, creates updated boot ROM data with the updated firmware, and transmits the updated boot ROM data to the first electronic controller that updates the boot ROM and resets the first electronic controller with the updated firmware.
-
39.发明申请公开(公告)号:US20200053112A1
公开(公告)日:2020-02-13
申请号:US16654728
申请日:2019-10-16
Inventor: Yuishi TORISAKI , Tomoyuki HAGA , Takamitsu SASAKI , Takeshi KISHIKAWA , Hideki MATSUSHIMA
Abstract: A vehicle anomaly detection server includes: a communicator that communicates with a vehicle to receive a log of an in-vehicle network in the vehicle; a processor; and a memory including at least one set of instructions that, when executed by the processor causes the processor to perform operations including: selecting, when information indicating that an anomaly is occurring to a first vehicle among vehicles is obtained by the processor, an anomaly-related vehicle from among the vehicles based on the anomaly, the first vehicle being the vehicle that communicates with the communicator; transmitting, to the anomaly-related vehicle via the communicator, a first request to transmit a log of an in-vehicle network in the anomaly-related vehicle; and determining whether an anomaly is occurring to the anomaly-related vehicle, based on information indicated by the log transmitted from the anomaly-related vehicle and received by the communicator.
-
40.发明申请公开(公告)号:US20190263336A1
公开(公告)日:2019-08-29
申请号:US16413035
申请日:2019-05-15
Inventor: Tomoyuki HAGA , Hideki MATSUSHIMA , Yoshihiro UJIIE , Takeshi KISHIKAWA
IPC: B60R16/023 , H04W12/12 , G08G1/00 , G08G1/16
Abstract: An anomaly handling method using a roadside device is disclosed. The method includes receiving, from a vehicle, an anomaly detection notification, which includes level information indicating a level affecting safety, and a location of the vehicle. The method also includes obtaining a location of the roadside device and determining whether a distance between the location of the vehicle and the location of the roadside device is within a predetermined range. When the distance is within the predetermined range and shorter than a first predetermined distance, transmitting the received anomaly detection notification externally from the roadside device. When the distance is within the predetermined range and is longer than or equal to the first predetermined distance, changing to decrement a level indicated by the level information, and transmitting changed anomaly detection notification. When the distance is not within the predetermined range, not transmitting the received anomaly detection notification.
-
-
-
-
-
-
-
-
-
Search Results
73
records
(took 0.031 seconds)
