-
公开(公告)号:US10372903B2
公开(公告)日:2019-08-06
申请号:US15381498
申请日:2016-12-16
Inventor: Yoshihiro Ujiie , Hideki Matsushima , Tomoyuki Haga , Yuji Unagami , Takeshi Kishikawa
Abstract: Provided is a fraud detection rule updating method enabling the updating of rules that serve as the basis for detecting malicious frames as necessary in an on-board network system. In an on-board network system equipped with multiple electronic control units (ECUs) that communicate via buses and fraud detecting ECUs that determine, based on fraud detection rules, whether messages transmitted on the buses conform to the rules, a fraud detection rule updating method is used in which delivery data including updated fraud detection rules is received from a server external to the on-board network system, and if a certain update condition is satisfied, the fraud detection rules in a fraud detecting ECU are updated to the updated fraud detection rules.
-
公开(公告)号:US10137862B2
公开(公告)日:2018-11-27
申请号:US15868663
申请日:2018-01-11
Inventor: Tomoyuki Haga , Hideki Matsushima , Manabu Maeda , Yuji Unagami , Yoshihiro Ujiie , Takeshi Kishikawa
Abstract: An anti-fraud method for use in an in-vehicle network system including a plurality of electronic control units that exchange, in an in-vehicle network, data frames, each having added thereto a message authentication code (MAC). The method includes generating a first MAC by using a MAC key and a value of a counter that counts a number of times a data frame having added thereto a MAC is transmitted to the in-vehicle network. The method also includes performing verification that the data frame received has added thereto the generated first MAC and incrementing a number of error occurrences when the verification has failed for the data frame, the data frame including a predetermined ID. When the number of error occurrences exceeds a predetermined threshold, a process associated in advance with the predetermined ID is executed.
-
公开(公告)号:US09933180B2
公开(公告)日:2018-04-03
申请号:US14780128
申请日:2014-04-11
Inventor: Tomoyuki Haga , Motoji Ohmori , Natsume Matsuzaki , Yuichi Futa
CPC classification number: F24F11/62 , F24F11/30 , F24F11/32 , F24F11/39 , F24F11/52 , F24F11/56 , F24F11/59 , F24F11/61 , F24F11/64 , F24F2110/10 , F24F2110/12 , G06Q50/00 , H04L12/28 , H04L67/12 , H04L67/16 , H04Q9/00
Abstract: A data providing method is carried out by a computer (460) built in a data processing system (1) which is designed to collect log information from electronic devices through a network (30) and provide services based on that log information for authenticated users. The data providing method includes: receiving an air conditioner (102a, 102b)'s log information through the network; generating display data by reference to pieces of information which are included in the air conditioner's log information and which indicate (i) a preset temperature of the air conditioner, (ii) an outdoor temperature outside a living space in which the air conditioner is installed, and (iii) an indoor temperature of the living space in which the air conditioner is installed, the display data representing a trend of change of a turnaround time that indicates how long it takes from when the air conditioner starts operating until the indoor temperature reaches the preset temperature; and providing the display data for an authenticated user's display terminal (130a, 130b).
-
公开(公告)号:US12126645B2
公开(公告)日:2024-10-22
申请号:US18384553
申请日:2023-10-27
Inventor: Takeshi Kishikawa , Hideki Matsushima , Tomoyuki Haga , Manabu Maeda , Takamitsu Sasaki
IPC: G06F21/00 , B60R16/023 , G07C5/00 , H04L9/40
CPC classification number: H04L63/1441 , B60R16/023 , G07C5/008 , H04L63/062 , H04L63/1416
Abstract: A gateway that notifies a fraud detection server located outside a vehicle of information about an in-vehicle network system including an in-vehicle network includes: a priority determiner that determines a priority using at least one of: a state of the vehicle including the in-vehicle network system; an identifier of a message communicated on the in-vehicle network; and a result of fraud detection performed on the message; a frame transmitter-receiver that transmits and receives the message communicated on the in-vehicle network; a frame interpreter that extracts information about the in-vehicle network based on the message received by the frame transmitter-receiver; and a frame uploader that notifies the fraud detection server of notification information including the priority and the information about the in-vehicle network.
-
公开(公告)号:US12088664B2
公开(公告)日:2024-09-10
申请号:US17843408
申请日:2022-06-17
Inventor: Yuji Unagami , Hideki Matsushima , Tomoyuki Haga , Manabu Maeda
IPC: H04L67/1087 , H04L9/00 , H04L9/40
CPC classification number: H04L67/1091 , H04L9/50 , H04L63/0807
Abstract: In a data distribution method according to the disclosure, first authentication servers and a first data server belong to a first group, and second authentication servers and a second data server belong to a second group different from the first group. A first authentication server obtains first transaction data that includes a data obtaining request indicating a request for obtaining or referring to data pertaining to an apparatus, and records a block including the first transaction data into its distributed ledger belonging to the first group. A second authentication server obtains the first transaction data, and records the block including the first transaction data into a distributed ledger belonging to the second group. The first authentication server causes the first data server to transfer the data pertaining to the apparatus held therein to the second data server or to make such data available for reference by the second data server.
-
Patent Agency Ranking
公开(公告)号:US12063235B2
公开(公告)日:2024-08-13
申请号:US17015569
申请日:2020-09-09
Inventor: Takeshi Kishikawa , Tomoyuki Haga , Hideki Matsushima
CPC classification number: H04L63/1425 , H04L12/40013 , H04L63/123 , H04L2012/40215 , H04L2012/40273
Abstract: A communication control device connects an engine ECU to a network and includes: a communicator that receives a message from the engine ECU and transmits the message to the network, and receives a message from the network and transmits the message to the engine ECU; a transmission ID list holder that holds a transmission ID list including a transmission ID included in the message from the engine ECU; and a controller that controls the communicator and the transmission ID list holder. When the transmission ID included in the message from the engine ECU is not in the transmission ID list, the controller adds the transmission ID to the transmission ID list and transmits information related to the transmission ID list to the network.
-
公开(公告)号:US11956262B2
公开(公告)日:2024-04-09
申请号:US17330020
申请日:2021-05-25
Inventor: Ryo Hirano , Takeshi Kishikawa , Yoshihiro Ujiie , Tomoyuki Haga
CPC classification number: H04L63/1425 , H04L63/20 , H04L67/12
Abstract: An anomaly detection device (IDS ECU) includes a detection rule generator that monitors a communication establishment frame flowing over Ethernet in a communication establishment phase of service-oriented communication and that generates, for each communication ID, a detection rule including the communication ID written in the communication establishment frame and a server (or client) address written in the communication establishment frame; an anomaly detector that monitors a communication frame flowing over the Ethernet in a communication phase of the service-oriented communication and that, by referring to a detection rule that includes a communication ID written in the communication frame, detects the communication frame as an anomalous frame when a server (or client) address written in the communication frame differs from a server (or client) address included in the detection rule; and an anomaly notifier that provides a notification of an anomaly in response to the anomalous frame being detected.
-
68.发明授权公开(公告)号:US11818024B2
公开(公告)日:2023-11-14
申请号:US17240098
申请日:2021-04-26
Inventor: Tomoyuki Haga , Yuishi Torisaki , Manabu Maeda , Ryo Kato
IPC: H04L43/0823 , H04L43/06 , H04L67/12 , H04L69/22
CPC classification number: H04L43/0823 , H04L43/06 , H04L67/12 , H04L69/22
Abstract: A statistical information generation device that generates statistical information from Ethernet frames on a mobility network includes: a transceiver that transmits and receives the Ethernet frames; and a statistical information generator that collects a plurality of Ethernet frames transmitted or received by the transceiver within a predetermined time period, and classifies, out of the plurality of Ethernet frames collected, Ethernet frames containing the same destination IP address, source IP address, destination port number, source port number, and protocol, and containing, in payloads, same identification information related to mobility control, into the same group, generates the statistical information for each group from the Ethernet frames classified into groups, and transmits the generated statistical information from the transceiver.
-
69.发明授权公开(公告)号:US11652643B2
公开(公告)日:2023-05-16
申请号:US17101876
申请日:2020-11-23
Inventor: Yuji Unagami , Manabu Maeda , Tomoyuki Haga , Hideki Matsushima , Jun Anzai
CPC classification number: H04L9/3247 , G06F21/6236 , G06F21/64 , H04L9/3242 , H04L63/123 , H04L67/12 , G08G1/09 , H04L2209/84
Abstract: A method for verifying content data to be used in a vehicle is provided. The method includes acquiring content data, acquiring, from partial data divided from the content data, a respective plurality of first hash values, acquiring a signature generated by using the first hash values and a key, acquiring state information that indicates a state of a vehicle, determining an integer N that is greater than or equal to one based on the acquired state information, generating, from N pieces of partial data included in the partial data, respective second hash values, verifying the content data by using each of (a) a subset of the plurality of first hash values respectively generated from partial data other than the N pieces of partial data, (b) the second hash values, and (c) the signature, and outputting information that indicates a result of the verifying.
-
公开(公告)号:US11595422B2
公开(公告)日:2023-02-28
申请号:US17344097
申请日:2021-06-10
Inventor: Yoshihiro Ujiie , Hideki Matsushima , Tomoyuki Haga , Manabu Maeda , Yuji Unagami , Takeshi Kishikawa
Abstract: A method for use in a network communication system including a plurality of electronic controllers that communicate with each other via a bus in accordance with a Controller Area Network (CAN) protocol determines whether or not content of a predetermined field in a frame which has started to be transmitted meets a predetermined condition indicating fraud. In a case where the content of the predetermined field meets the predetermined condition, a frame including predetermined consecutive dominant bits for notifying an anomaly is transmitted before an end of the frame is transmitted. A number of times the frame including the predetermined consecutive dominant bits is transmitted is recorded for each identifier (ID) represented by content of an ID field included in a plurality of frames which has been transmitted. A malicious electronic controller is determined in accordance with the number of times recorded for each ID.
-
-
-
-
-
-
-
-
-
Search Results
108
records
(took 0.027 seconds)
