公开(公告)号：US20220156371A1

公开(公告)日：2022-05-19

申请号：US17439509

申请日：2019-03-25

Applicant: NEC Corporation

Inventor： Jun NISHIOKA ,  Yoshiaki SAKAE ,  Kazuhiko ISOYAMA ,  Etsuko ICHUHARA

IPC: G06F21/56

Abstract: A warning apparatus (2000) acquires first detected event information (10) representing, at a first abstraction level, an event set being a set of events having occurred in a target system. The warning apparatus (2000) generates second detected event information (20) from the first detected event information (10). The second detected event information (20) represents, at a second abstraction level, the event set represented by the first detected event information (10). The warning apparatus (2000) determines, from among a plurality of pieces of threat information (30) each representing a threat activity, the threat information (30) having a high degree of relevance to at least either of the first detected event information (10) and the second detected event information (20). The warning apparatus (2000) generates warning information (40) relating to a threat being occurring in the target system, based on the determined threat information (30) and a matching level being an abstraction level associated with the detected event information having a high degree of relevance to the threat information (30).