公开(公告)号：US20190236270A1

公开(公告)日：2019-08-01

申请号：US16312354

申请日：2017-06-21

Applicant: NEC CORPORATION

Inventor： Masato YAMANE ,  Yuki ASHINO

IPC: G06F21/55 ,  H04L29/06 ,  H04L9/14 ,  G06F9/455

CPC classification number: G06F21/55 ,  G06F9/45533 ,  H04L9/14 ,  H04L63/0428 ,  H04L63/1408 ,  H04L63/1433

Abstract: Provided is a process control device, etc. capable of more reliably maintaining the soundness of an information processing system with regard to cybersecurity. A processing control device calculates a sum of a value indicating a risk included in processing information that includes one or more processing executed on an information processing apparatus during a certain period; and restricts processing to the information processing apparatus when the calculated sum value for the processing information satisfies a predetermined restriction condition.

公开(公告)号：US20170147817A1

公开(公告)日：2017-05-25

申请号：US15319431

申请日：2015-06-24

Applicant: NEC Corporation

Inventor： Masato YAMANE ,  Yuki ASHINO ,  Yoichiro MORITA ,  Masafumi WATANABE

IPC: G06F21/56 ,  G06F11/34

CPC classification number: G06F21/562 ,  G06F11/3037 ,  G06F11/34 ,  G06F2221/034

Abstract: Provided is an analysis apparatus including a first storage device configured to store data, and a processing circuitry that is configured to control the own apparatus to function as: a dispatcher that is communicably connected to an analysis target device that performs operational processing by use of a processor and a memory unit, and generates collection target data for reproducing at least part of a state of the operational processing in the analysis target device, in accordance with data being transmitted and received between the processor and the memory unit; a data mapper that assigns, to one or more areas included in the collection target data, tag information for identifying the area; and a data writer that saves the one or more areas into the first storage device in accordance with a first policy defining a procedure of saving the collection target data into the first storage device.

公开(公告)号：US20180268036A1

公开(公告)日：2018-09-20

申请号：US15758413

申请日：2016-09-14

Applicant: NEC Corporation

Inventor： Masato YAMANE ,  Yuki ASHINO

IPC: G06F17/30

CPC classification number: G06F16/248 ,  G06F16/00 ,  G06F16/2455 ,  G06F16/24564 ,  G06F16/2457 ,  G06F16/24578 ,  G06F21/552 ,  G06F2221/2101 ,  G06F2221/2105 ,  G06F2221/2151 ,  H04L41/00 ,  H04L63/1425

Abstract: A communication information generating apparatus refers, in response to a request for extracting information satisfying a first condition of a first item included in a plurality of items measured for communication and a second condition of a second item included in the plurality of items, to item information where partial items included in the plurality of items measured with respect to communication are associated and specifies a third item associated with the first item and the second item; generates a command for extracting data satisfying the first condition with respect to the first item and the second condition with respect to the second item, transmits the generated command to an apparatus that manages values of a plurality of items of the communication, and receives data extracted in response to the command by the apparatus; and calculates values of the first item to the third item based on the received data.

公开(公告)号：US20170279621A1

公开(公告)日：2017-09-28

申请号：US15510730

申请日：2015-09-17

Applicant: NEC Corporation

Inventor： Masato YAMANE ,  Yuki ASHINO ,  Masafumi WATANABE

IPC: H04L9/36 ,  H04L9/08 ,  G06F21/60 ,  G06F21/56

CPC classification number: H04L9/36 ,  G06F21/566 ,  G06F21/606 ,  H04L9/0894 ,  H04L12/4633 ,  H04L63/0272 ,  H04L63/1408 ,  H04L63/1425

Abstract: Provided is an analysis system configured to obtain an encryption key for encryption communication between an information communication apparatus and a communication network, from memory space provided in the information communication apparatus. The analysis system including a processing circuitry configured to function as: a memory acquisition unit that is configured to acquire at least part of data stored in a memory unit in an information communication apparatus including a computing unit and the memory unit; and a communication processing unit that is configured to determine whether key data including an encryption key used for encryption processing in a cryptographic communication protocol are stored in the memory unit, based on communication data transmitted and received in accordance with the cryptographic communication protocol between the information communication apparatus and a communication network, and instruct the memory acquisition unit to acquire data stored in the memory unit, based on the determination result.

公开(公告)号：US20200167465A1

公开(公告)日：2020-05-28

申请号：US16613164

申请日：2018-06-04

Applicant: NEC CORPORATION

Inventor： Yuki ASHINO ,  Masato YAMANE

IPC: G06F21/55

Abstract: An information processing device includes: a memory; and at least one processor coupled to the memory. The processor performs operations. The operations include: extracting a transmission source of communication from communication data received by a predetermined device, and generating first data that include the transmission source and a time associated with communication and included in the communication data; and totaling a first frequency of reception of the communication data for the each transmission source, based on the first data, in each of a first period and a second period that includes the first period and is longer than the first period.

公开(公告)号：US20190215231A1

公开(公告)日：2019-07-11

申请号：US16312441

申请日：2017-06-21

Applicant: NEC CORPORATION

Inventor： Masato YAMANE ,  Yuki ASHINO

IPC: H04L12/24 ,  H04L12/26

CPC classification number: H04L41/069 ,  H04J3/02 ,  H04L43/067 ,  H04L43/0852

Abstract: Provided is a log information generation apparatus and the like that generates log information where log of communication via a communication network are arranged in communication occurrence order. A log information generation apparatus provides time information including a second time in an information processing apparatus to a difference calculation apparatus in accordance with communication start information transmitted to a plurality of information processing apparatuses communicably connecting to a communication network at a start of communication processing via the communication network, the difference calculation apparatus calculating a difference between a input first time and a reference time; and generates log information associating arranged time with a content of communication processing, the arranged time obtained by arranging a time of the communication processing based on the difference calculated for the second time by the difference calculation apparatus.

公开(公告)号：US20190213190A1

公开(公告)日：2019-07-11

申请号：US16334074

申请日：2017-09-20

Applicant: NEC CORPORATION

Inventor： Tatsuya ITO ,  Yuki ASHINO ,  Masato YAMANE

IPC: G06F16/2455 ,  G06F16/25 ,  G06N20/00

CPC classification number: G06F16/24558 ,  G06F16/00 ,  G06F16/254 ,  G06N5/02 ,  G06N20/00

Abstract: An information collection system for efficiently collecting target information from an enormous amount of contents in a variety of formats is provided. The information collection system 100 includes a learning unit 110 and an extraction unit 130. The learning unit 110 generates, by using learning data, a parser rule for extracting a target character string from data, the target character string being a character string including specific information. The extraction unit 130 extracts the target character string from data by using the parser rule.

公开(公告)号：US20180288075A1

公开(公告)日：2018-10-04

申请号：US15753620

申请日：2016-09-07

Applicant: NEC Corporation

Inventor： Masato YAMANE ,  Yuki ASHINO

IPC: H04L29/06 ,  H04L12/26

Abstract: Provided are a communication destination determination device and the like in which a communication destination that is highly likely to pose a threat can be detected. A communication destination determination device 101 is provided with: a signal transmission unit 102 which transmits, when a first signal transmitted from a communication destination 104 is received via a communication network, a second signal in response to the first signal to the communication destination 104; and a communication destination determination unit 103 which classifies whether the communication destination 104 is highly likely to pose a threat or not, on the basis of whether or not a third signal transmitted from the communication destination 104 is received within a certain time period from the timing of transmission of the second signal.

公开(公告)号：US20170288854A1

公开(公告)日：2017-10-05

申请号：US15510742

申请日：2015-09-17

Applicant: NEC Corporation

Inventor： Masato YAMANE ,  Yuki ASHINO ,  Masafumi WATANABE

IPC: H04L9/00 ,  H04L9/36 ,  H04L29/06 ,  H04L9/08 ,  H04L9/14

Abstract: Provided is an analysis system including a memory acquisition unit that is configured to acquire at least part of data stored in a memory unit in an information communication apparatus including a computing unit and the memory unit; a communication processing unit that is configured to instruct the memory acquisition unit to acquire data stored in the memory unit when determining that key data including an encryption key for cryptographic communication protocol are stored in the memory unit; and a cryptanalysis unit that is configured to extract one or more key data candidates that are candidates of the key data, from the stored in the memory unit, and extract, from one or more of the key data candidates, correct key data that enables to decrypt correctly the encrypted communication data. The communication processing unit is further configured to execute specific processing according to the decrypted communication data.

公开(公告)号：US20200210454A1

公开(公告)日：2020-07-02

申请号：US15753647

申请日：2016-09-07

Applicant: NEC Corporation

Inventor： Masato YAMANE ,  Yuki ASHINO

IPC: G06F16/28 ,  H04L29/06 ,  G06F16/2455

Abstract: A category information generating apparatus generates a measurement identifier of a measured value with respect to measurement information where the measured value for communication and a resource identifier of an apparatus generating the measured value are associated; extracts, when the resource identifier in the measurement information satisfies a condition regarding the resource identifier in extracted information where a condition for the resource identifier, an extraction item representing an item extracted from the measurement information when the condition is satisfied, and an extracted information identifier of the extraction item are associated, a particular measured value associated with the resource identifier; reads a value representing an extraction item in the extracted information from the particular measured value; and generates category information where a measurement identifier representing the particular measured value, the extracted information identifier in the extracted information, and the read value are associated.