公开(公告)号：US20110265180A1

公开(公告)日：2011-10-27

申请号：US13089433

申请日：2011-04-19

申请人： Yuji UNAGAMI ,  Yuichi Futa ,  Natsume Matsuzaki ,  Hiroki Shizuya ,  Masao Sakai ,  Shuji Isobe ,  Eisuke Koizumi ,  Shingo Hasegawa

发明人： Yuji UNAGAMI ,  Yuichi Futa ,  Natsume Matsuzaki ,  Hiroki Shizuya ,  Masao Sakai ,  Shuji Isobe ,  Eisuke Koizumi ,  Shingo Hasegawa

IPC分类号： G06F11/00

CPC分类号： G06F11/3048 ,  G06F11/3065 ,  G06F21/12 ,  G06F21/552 ,  G06F21/6281 ,  G06F2221/2103 ,  G06F2221/2143

摘要： An information security apparatus (100c) includes a plurality of monitoring modules that monitor for tampering. A management apparatus (200c) includes a reception unit (230c) that receives a plurality of monitoring results each generated by a source monitoring module monitoring a target monitoring module; a detection unit (220c) that detects an abnormality by referring to fewer than all of the received monitoring results; and an identification unit (210c) that identifies, when an abnormality is detected, a monitoring module that has been tampered with from among (i) a monitoring module that generates a monitoring result related to the abnormality, and (ii) one or more monitoring modules identified by tracing back through a chain of monitoring modules consecutively from the target of monitoring to the source of monitoring, starting from the monitoring module that generates the monitoring result related to the abnormality.

摘要翻译： 信息安全装置（100c）包括监视篡改的多个监视模块。 管理装置（200c）包括：接收单元（230c），其接收由监视目标监视模块的源监视模块生成的多个监视结果; 检测单元（220c），其通过参考少于所有接收的监视结果来检测异常; 以及识别单元（210c），其在检测到异常时识别从（i）产生与异常相关的监视结果的监视模块中被篡改的监视模块，以及（ii）一个或多个监视 通过一系列监控模块从监控目标追溯到监控源，从产生与异常相关的监控结果的监控模块开始，确定模块。