-
1.发明申请Attack node set determination apparatus and method, information processing device, attack dealing method, and program 审中-公开攻击节点集确定装置和方法,信息处理装置,攻击处理方法和程序公开(公告)号:US20100050260A1
公开(公告)日:2010-02-25
申请号:US12461363
申请日:2009-08-10
申请人: Hirofumi Nakakoji , Tetsuro Kito , Masato Terada , Shinichi Tankyo , Isao Kaine
发明人: Hirofumi Nakakoji , Tetsuro Kito , Masato Terada , Shinichi Tankyo , Isao Kaine
IPC分类号: G06F11/00
CPC分类号: H04L63/0227 , H04L63/1425 , H04L2463/144
摘要: An attack node set determination apparatus obtains an event log basic parameter extracted from collected event logs and attribute information based on the event log basic parameter. The attack node set determination apparatus performs a clustering on a space having dimensions of part or all of the obtained attribute information and event log basic parameter, computes a cluster, and transmits information on the cluster and a countermeasure against the cluster to a firewall. Upon detecting an attack packet from an attack node set, the firewall identifies a cluster including the attack packet and conducts a countermeasure against the whole identified cluster.
摘要翻译: 攻击节点集确定装置根据事件日志基本参数获取从收集的事件日志中提取的事件日志基本参数和属性信息。 攻击节点集确定装置对获得的属性信息和事件日志基本参数的部分或全部的空间的空间进行聚类,计算群集,并且将关于群集的信息和针对群集的对策发送到防火墙。 在从攻击节点集中检测到攻击报文时,防火墙会识别包含攻击报文的集群,并针对整个识别的集群进行对策。
-
2.发明申请公开(公告)号:US20120005147A1
公开(公告)日:2012-01-05
申请号:US13170943
申请日:2011-06-28
申请人: HIROFUMI NAKAKOJI , Tetsuro Kito , Masato Terada , Shinichi Tankyo , Isao Kaine , Tomohiro Shigemoto
发明人: HIROFUMI NAKAKOJI , Tetsuro Kito , Masato Terada , Shinichi Tankyo , Isao Kaine , Tomohiro Shigemoto
IPC分类号: G06N5/02
CPC分类号: G06F21/566 , G06F21/606 , G06Q10/063114 , G06Q10/0635
摘要: A technique for collecting information concerning those files distributed on a file sharing network and for detecting an information leak file to take corrective measures is provided. Supervised information is generated by adding as attributes a file type, a speech-part appearance frequency of words making up a file name and a result of human-made judgment as to whether a file being inspected is the information leak file to key information collected from the file sharing network. Next, the supervised information is input to a decision tree leaning algorithm, thereby causing it to learn an information leak file judgment rule and then derive a decision tree for use in information leak file judgment. Thereafter, this decision tree is used to detect the information leak file from key information flowing on the file sharing network, followed by alert transmission and key information invalidation, thereby preventing damage expansion.
摘要翻译: 提供了一种用于收集关于在文件共享网络上分发的文件的信息和用于检测信息泄漏文件以采取纠正措施的技术。 通过将文件类型,构成文件名的单词的语音部分出现频率和关于被检查文件的人为判断结果作为属性添加到信息泄漏文件来生成关键信息,从而从 文件共享网络。 接下来,将监督信息输入到决策树倾斜算法,从而使其学习信息泄漏文件判断规则,然后导出用于信息泄漏文件判断的决策树。 此后,该决策树用于从文件共享网络上流动的密钥信息中检测信息泄漏文件,随后进行警报传输和密钥信息无效,从而防止损坏扩展。
-
公开(公告)号:US20060259968A1
公开(公告)日:2006-11-16
申请号:US11271798
申请日:2005-11-14
IPC分类号: G06F12/14
CPC分类号: H04L63/145 , G06F21/552
摘要: An analysis unit which effectively detects incidents on the basis of events detected by a security unit such as an intrusion detection system (IDS) or a firewall (FW) installed in a network stores statistical information that is frequency-distributed information of event information obtained from the collection unit, frequency component information obtained by frequency-analyzing the statistical information and the result obtained by making analysis on the basis of the frequency component. The collection unit collects and normalizes event log information outputted by IDS or FW to be stored in an event database (DB). An alert notification unit includes an alert database (DB) for storing an alert instruction transmitted from the analysis unit and an alert notification destination and reports occurrence of incidents to a manager or the like in accordance with the instruction.
摘要翻译: 基于由安装在网络中的入侵检测系统(IDS)或防火墙(FW)等安全单元检测到的事件来有效地检测事件的分析单元存储作为从网络中获取的事件信息的频率分布信息的统计信息 收集单元,通过频率分析统计信息获得的频率分量信息和通过基于频率分量进行分析而获得的结果。 收集单元收集并规范要存储在事件数据库(DB)中的由IDS或FW输出的事件日志信息。 警报通知单元包括用于存储从分析单元发送的警报指令和警报通知目的地的警报数据库(DB),并且根据该指令将事件发生事件报告给管理者等。
-
公开(公告)号:US07752663B2
公开(公告)日:2010-07-06
申请号:US11271798
申请日:2005-11-14
IPC分类号: G06F12/14
CPC分类号: H04L63/145 , G06F21/552
摘要: An analysis unit which effectively detects incidents on the basis of events detected by a security unit such as an intrusion detection system (IDS) or a firewall (FW) installed in a network stores statistical information that is frequency-distributed information of event information obtained from the collection unit, frequency component information obtained by frequency-analyzing the statistical information and the result obtained by making analysis on the basis of the frequency component. The collection unit collects and normalizes event log information outputted by IDS or FW to be stored in an event database (DB). An alert notification unit includes an alert database (DB) for storing an alert instruction transmitted from the analysis unit and an alert notification destination and reports occurrence of incidents to a manager or the like in accordance with the instruction.
摘要翻译: 基于由安装在网络中的入侵检测系统(IDS)或防火墙(FW)等安全单元检测到的事件来有效地检测事件的分析单元存储作为从网络中获取的事件信息的频率分布信息的统计信息 收集单元,通过频率分析统计信息获得的频率分量信息和通过基于频率分量进行分析而获得的结果。 收集单元收集并规范要存储在事件数据库(DB)中的由IDS或FW输出的事件日志信息。 警报通知单元包括用于存储从分析单元发送的警报指令和警报通知目的地的警报数据库(DB),并且根据该指令将事件发生事件报告给管理者等。
-
公开(公告)号:US06258432B1
公开(公告)日:2001-07-10
申请号:US09284312
申请日:1999-04-27
申请人: Masato Terada , Tatsuya Okamura , Kazuyuki Furuya
发明人: Masato Terada , Tatsuya Okamura , Kazuyuki Furuya
IPC分类号: B32B302
CPC分类号: G11B7/26 , G11B7/2403 , G11B7/24047 , G11B7/2533 , G11B7/2534 , G11B7/2578 , G11B7/2585 , G11B2007/25706 , G11B2007/2571 , G11B2007/25715 , G11B2007/25716 , Y10S428/913 , Y10S430/146 , Y10T428/21
摘要: An optical information recording medium comprising a thin plastic substrate of 0.6 mm or thinner, wherein the substrate is protected against strain without being limited by a film structure and a film formation condition. A single-layer or multilayer thin film (70) is formed on a plastic disk-like substrate having a center hole (10). This thin film (70) has a strain relief area (72) inside a recording area (71). This strain relief area (72) is formed by setting an outer diameter of an undeposited inner portion (5) to a value satisfying the following formula (1), for example: A0≦AX≦−0.172P+0.163 where A0: diameter of center hole, AX: outer diameter of undeposited inner portion, P: total strain occurring in thin film when film depositing.
摘要翻译: 一种光学信息记录介质,包括0.6mm或更薄的薄塑料基板,其中所述基板被保护而不受薄膜结构和成膜条件的限制。 在具有中心孔(10)的塑料盘状基板上形成单层或多层薄膜(70)。 该薄膜(70)在记录区域(71)的内部具有应变消除区域(72)。 通过将未沉积的内部部分(5)的外径设定为满足下面的公式(1)的值来形成该应变消除区域(例如):A0 <= AX <= - 0.172P + 0.163其中A0: 中心孔直径,AX:未沉积内部部分的外径,P:膜沉积时在薄膜中产生的总应变。
-
公开(公告)号:US5919258A
公开(公告)日:1999-07-06
申请号:US796566
申请日:1997-02-06
申请人: Makoto Kayashima , Masato Terada
发明人: Makoto Kayashima , Masato Terada
IPC分类号: G06F12/14 , G06F1/00 , G06F11/30 , G06F13/00 , G06F21/00 , G06F21/24 , H04L12/24 , H04L29/06 , H04L29/14
CPC分类号: G06F11/3017 , G06F11/302 , G06F11/3055 , G06F21/554 , H04L29/06 , H04L41/0686 , H04L41/28 , H04L43/0817 , H04L63/1408 , H04L69/40
摘要: A security system for a network connected with a plurality of computers is disclosed, in which one of the computers monitors the internal status thereof. An internal status monitor unit of the one computer detects the occurrence of a fault and the type of the fault in the one computer. An access control unit of the one computer controls the access to the resources of the one computer. An information transmission unit of the one computer transmits a message to other computers of the network indicating the occurrence of a fault and the type of the fault in the one computer through the network in the case where the internal status monitor unit detects the occurrence of the fault in the one computer. The access control unit executes the processing for protecting the resources of the one computer in accordance with the type of the fault of the one computer in the case where the internal status monitor unit detects the fault of the one computer.
摘要翻译: 公开了一种用于与多台计算机连接的网络的安全系统,其中一台计算机监视其内部状态。 一台计算机的内部状态监视单元检测到一台计算机出现故障和故障类型。 一台计算机的访问控制单元控制对一台计算机的资源的访问。 一台计算机的信息发送单元,在内部状态监视单元检测到发生故障的情况下,通过网络向网络的其他计算机发送指示故障发生和故障类型的消息。 一台电脑出现故障。 在内部状态监视单元检测到一台计算机的故障的情况下,访问控制单元根据一台计算机的故障类型执行用于保护一台计算机的资源的处理。
-
公开(公告)号:US06754212B1
公开(公告)日:2004-06-22
申请号:US09625975
申请日:2000-07-26
申请人: Masato Terada , Makoto Kayashima , Takahiko Kawashima , Tetsuya Fujiyama , Minoru Koizumi , Kazuo Nishimura , Kazunari Hirayama , Takaaki Ogino
发明人: Masato Terada , Makoto Kayashima , Takahiko Kawashima , Tetsuya Fujiyama , Minoru Koizumi , Kazuo Nishimura , Kazunari Hirayama , Takaaki Ogino
IPC分类号: H04L1228
CPC分类号: H04L63/0218 , H04L63/08 , H04L63/126
摘要: In view of providing a network system enabling communication having passed fire walls (repeaters) and assuring high security and operation flexibility through access control based on users and applications, a user-held table indicating correspondence between repeaters and passwords, a repeater-held table indicating correspondence between users and passwords and a table indicating access regions are defined respectively for users, departments of users and official positions of users and a route control information storing table indicating correspondence between networks and next transmitting destination is also provided to execute the access control for each user. Moreover, the repeater is provided with the repeating route control table so that a repeater located in the course of route to the transmitting destination computer and allowing communication from the transmitting side computer is selected from the data repeating control table and the process for requesting the repeating operation of communication with the destination is executed to the selected repeater.
摘要翻译: 鉴于提供通过防火墙(中继器)进行通信并且通过基于用户和应用的访问控制来确保高安全性和操作灵活性的网络系统,指示中继器和密码之间的对应关系的用户表,指示 分别为用户,用户部门和用户的正式位置分别定义用户和密码之间的对应关系以及指示访问区域的表,还提供了指示网络和下一个发送目的地之间的对应关系的路由控制信息存储表,以执行每个 用户。 此外,中继器设置有重复路由控制表,从数据重复控制表和请求重复的处理的过程中选择位于发送目的地计算机的路由的过程中的中继器,并允许来自发送侧计算机的通信 执行与目的地的通信的操作到所选择的中继器。
-
8.发明授权公开(公告)号:US06335069B1
公开(公告)日:2002-01-01
申请号:US09380192
申请日:1999-08-26
IPC分类号: B32B302
CPC分类号: G11B7/26 , G11B7/24 , G11B7/243 , G11B7/257 , G11B7/258 , G11B2007/24312 , G11B2007/24314 , G11B2007/24316 , Y10S428/913 , Y10S430/146 , Y10T428/21 , Y10T428/31678
摘要: A phase change optical disk having a reflectance relation of Rc
摘要翻译: 具有反射率关系为Rc
-
9.发明授权Network management system for generating setup information for a plurality of devices based on common meta-level information 失效网络管理系统,用于基于公共的元级信息生成多个设备的设置信息公开(公告)号:US07143151B1
公开(公告)日:2006-11-28
申请号:US09314629
申请日:1999-05-19
IPC分类号: G06F15/173
CPC分类号: H04L41/0869 , H04L41/0806 , H04L41/082 , H04L41/0853 , H04L63/0263
摘要: A network management system which includes a plurality of network devices operating in a coordinated manner and a management server managing the network devices. The management server includes apparatus for defining policy information and for generating setup information using policy information to generate setup information for each network device. The system generates setup information for each network device, distributes setup information to each network device, installs setup information to each network device, enables settings, collects setup information for each network device, and organizes and checks for consistency in the collected information.
摘要翻译: 一种网络管理系统,其包括以协调方式操作的多个网络装置和管理所述网络装置的管理服务器。 管理服务器包括用于定义策略信息和使用策略信息生成设置信息以产生每个网络设备的设置信息的设备。 系统生成每个网络设备的设置信息,将设置信息分配到每个网络设备,将设置信息安装到每个网络设备,启用设置,收集每个网络设备的设置信息,并组织并检查收集的信息的一致性。
-
10.发明授权Method of collectively managing dispersive log, network system and relay computer for use in the same 失效共同管理分散式日志,网络系统和中继计算机的使用方法公开(公告)号:US06336141B1
公开(公告)日:2002-01-01
申请号:US09393618
申请日:1999-09-10
IPC分类号: G06F1130
CPC分类号: H04L41/00
摘要: In a network system in which each of multiple networks, each containing computers and relay computers, is connected to another network via multiple relay computers which belong to the network concerned, and the communication between two computers belonging to different networks is performed on a communication path via multiple relay computers, there is provided a management computer for collectively managing logs which are dispersively and separately recorded in the multiple respective relay computers.
摘要翻译: 在其中包含计算机和中继计算机的多个网络中的每个网络通过属于相关网络的多个中继计算机连接到另一网络的网络系统中,并且属于不同网络的两台计算机之间的通信在通信路径 通过多个中继计算机,提供了一种管理计算机,用于共同管理分散地并分别记录在多个相应的中继计算机中的日志。
-
-
-
-
-
-
-
-
-
搜索结果
16 条记录 (耗时 0.022 秒)
