公开(公告)号：US20240281540A1

公开(公告)日：2024-08-22

申请号：US18568330

申请日：2021-06-15

Applicant: NEC Corporation

Inventor： Ryo MIZUSHIMA ,  Tomohiko Yagyu

IPC: G06F21/57

CPC classification number: G06F21/577 ,  G06F2221/034

Abstract: A configuration information acquisition means acquires configuration information of a system to be analyzed. A threat analysis means analyzes a way of attack that can be implemented in the system to be analyzed. An attack route generation means generates an attack route from the start point to the end point of the attack. A risk value calculation means calculates a risk value of the generated attack route. A result output means outputs a risk analysis result containing the calculated risk value. A risk re-analysis means causes re-analysis of risks for the system in which a security measure planned for the system is introduced to be performed from any one of the configuration information acquisition means, the threat analysis means, the attack route generation means, and the risk value calculation means to conduct re-analysis of risks depending on the security measure planned for the system.

公开(公告)号：US20230379351A1

公开(公告)日：2023-11-23

申请号：US18030907

申请日：2020-10-22

Applicant: NEC Corporation

Inventor： Ryo MIZUSHIMA ,  Hirofumi Ueda ,  Tomohiko Yagyu

IPC: H04L9/40

CPC classification number: H04L63/1433 ,  H04L63/145 ,  H04L2463/146

Abstract: Generation of an attack scenario to be used for risk analysis of a system to be analyzed is enabled without depending on the technique and the knowledge of a person who creates it. An analysis result acquisition means acquires a risk analysis result of a first risk analysis performed on a system to be analyzed. A condition acquisition means acquires conditions for an attack scenario to be used for a second risk analysis on the basis of an attack scenario table and the risk analysis result. An attack scenario generation means generates an attack scenario to be used for the second risk analysis on the basis of the conditions for the attack scenario acquired by the condition acquisition means.

公开(公告)号：US20250141917A1

公开(公告)日：2025-05-01

申请号：US18835576

申请日：2022-03-18

Applicant: NEC Corporation

Inventor： Ryo MIZUSHIMA ,  Tomohiko YAGYU

IPC: H04L9/40

Abstract: A measure candidate table includes a plurality of measures and indices indicating the effects of respective measures. A measure compatibility table includes combinations of measures in each of which two or more of the plurality of measures are combined with each other and indies indicating the effects of respective combinations of measures. A measure calculation means plans a measure against an attack used in an attack route by using the measure candidate table and the measure compatibility table. A risk value calculation means calculates, based on an index indicating an effect of a measure and an index indicating an effect of a combination of measures, a risk value of the attack route under an assumption that the planned measure is introduced into a system to be analyzed.

公开(公告)号：US20230018096A1

公开(公告)日：2023-01-19

申请号：US17786191

申请日：2019-12-25

Applicant: NEC Corporation

Inventor： Hirofumi UEDA ,  Ryo MIZUSHIMA ,  Tomohiko YAGYU

IPC: H04L9/40

Abstract: An analysis apparatus (10) includes an environment assessment unit (11) for assessing environmental metrics of a Common Vulnerability Scoring System (CVSS) as regards a vulnerability in an information system based on an attack path extracted from the information system to which the vulnerability to be analyzed is applied, a base assessment unit (12) for assessing base metrics of the CVSS as regards the vulnerability in the information system based on obtained CVSS base value information of the vulnerability and a predetermined base value countermeasure determination condition of the information system, and a determination unit (13) for determining whether or not the vulnerability in the information system needs to be addressed based on an assessment result of the environmental metrics and an assessment result of the base metrics.

公开(公告)号：US20230143808A1

公开(公告)日：2023-05-11

申请号：US17914546

申请日：2020-03-27

Applicant: NEC Corporation

Inventor： Kosuke AKIMOTO ,  Seng Pei LIEW ,  Ryo MIZUSHIMA ,  Kong Aik LEE

IPC: G06F21/32

CPC classification number: G06F21/32

Abstract: A feature calculation means calculates N features for first data and N features for second data by using N feature functions for obtaining a feature for data on the basis of the data. A similarity degree calculation means calculates a similarity degree between the first data and the second data on the basis of the N features for the first data and the N features for the second data. Values of N features obtained when the same data is substituted into the N feature functions are different from each other.

公开(公告)号：US20220414229A1

公开(公告)日：2022-12-29

申请号：US17775941

申请日：2019-11-15

Applicant: NEC Corporation

Inventor： Yoshinobu OHTA ,  Hirofumi UEDA ,  Shunichi KINOSHITA ,  Ryo MIZUSHIMA

IPC: G06F21/57

Abstract: An analysis unit 6 generates one or more pairs of a start point fact which is a fact representing possibility of the attack in a device that is a start point and an end point fact which is a fact representing possibility of the attack in the device that is an end point, analyzes, for each pair, whether or not it is possible to derive the end point fact from the start point fact, based on facts representing states of the devices generated based on information regarding the device that is the start point and information regarding the device that is the end point, the start point fact, and one or more analysis rules for analyzing the attack, and generates an attack scenario in a case where it is possible to derive the end point fact from the start point fact.

公开(公告)号：US20220329618A1

公开(公告)日：2022-10-13

申请号：US17641511

申请日：2019-09-27

Applicant: NEC Corporation

Inventor： Yoshinobu OHTA ,  Hirofumi UEDA ,  Shunichi KINOSHITA ,  Ryo MIZUSHIMA

IPC: H04L9/40 ,  G06F21/57

Abstract: The analysis unit generates one or more pairs of a start point fact which is a fact representing possibility of attack in a device that is a start point and an end point fact which is a fact representing possibility of attack in a device that is an end point. The analysis unit analyzes, for each pair, whether or not it is possible to derive the end point fact from the start point fact. The analysis unit generates an attack pattern that includes at least an attack condition, an attack result, and an attack means, in a case where it is possible to derive the end point fact from the start point fact.