Monitoring system, program-executing device, monitoring program, recording medium and integrated circuit
    3.
    发明授权
    Monitoring system, program-executing device, monitoring program, recording medium and integrated circuit 有权
    监控系统,程序执行装置,监控程序,记录介质和集成电路

    公开(公告)号:US08745735B2

    公开(公告)日:2014-06-03

    申请号:US13128080

    申请日:2009-11-20

    IPC分类号: H04L29/06 G06F21/00

    CPC分类号: G06F21/57 G06F21/55

    摘要: To aim to provide a monitoring system and a program execution apparatus that are capable of maintaining the security intensity even in the case where an unauthentic install module is invalidated. Install modules included in an apparatus each monitor an install module, which is a monitoring target indicated by a monitoring pattern included therein, as to whether the install module performs malicious operations. An install module that performs malicious operations is invalidated in accordance with an instruction from an update server. The monitoring patterns are restructured by the update server such that the install modules except the invalidated install module are each monitored by at least another one of the install modules. The restructured monitoring patterns are distributed to the install modules except the invalidated install module.

    摘要翻译: 为了提供即使在不正当的安装模块被无效的情况下也能够保持安全强度的监视系统和程序执行装置。 安装在装置中的模块各自监视作为由其中包含的监视模式指示的监视目标的安装模块,关于该安装模块是否执行恶意操作。 根据更新服务器的指令,执行恶意操作的安装模块无效。 监视模式由更新服务器重构,使得除了无效的安装模块之外的安装模块各自由至少另一个安装模块监视。 重组的监控模式分发到除了无效的安装模块之外的安装模块。

    Tampering monitoring system, management apparatus, and management method
    4.
    发明授权
    Tampering monitoring system, management apparatus, and management method 有权
    篡改监测系统,管理装置和管理方法

    公开(公告)号:US08707430B2

    公开(公告)日:2014-04-22

    申请号:US13089433

    申请日:2011-04-19

    摘要: An information security apparatus includes a plurality of monitoring modules that monitor for tampering. A management apparatus includes a reception unit that receives a plurality of monitoring results each generated by a source monitoring module monitoring a target monitoring module; a detection unit that detects an abnormality by referring to fewer than all of the received monitoring results; and an identification unit that identifies, when an abnormality is detected, a monitoring module that has been tampered with from among (i) a monitoring module that generates a monitoring result related to the abnormality, and (ii) one or more monitoring modules identified by tracing back through a chain of monitoring modules consecutively from the target of monitoring to the source of monitoring, starting from the monitoring module that generates the monitoring result related to the abnormality.

    摘要翻译: 信息安全装置包括监视篡改的多个监视模块。 管理装置包括:接收单元,其接收由监视目标监视模块的源监视模块生成的多个监视结果; 检测单元,通过参照少于全部所接收到的监视结果来检测异常; 以及识别单元,其在检测到异常时识别从(i)产生与异常相关的监视结果的监视模块中被篡改的监视模块,以及(ii)由所述异常检测到的一个或多个监视模块, 从产生与异常相关的监测结果的监控模块开始,通过连续监控模块从监控目标追溯到监控源。

    TAMPERING MONITORING SYSTEM, CONTROL DEVICE, AND TAMPERING CONTROL METHOD
    7.
    发明申请
    TAMPERING MONITORING SYSTEM, CONTROL DEVICE, AND TAMPERING CONTROL METHOD 有权
    篡改监测系统,控制装置和篡改控制方法

    公开(公告)号:US20110239297A1

    公开(公告)日:2011-09-29

    申请号:US13133029

    申请日:2010-02-15

    IPC分类号: G06F21/00

    摘要: A management device detects whether any normal monitoring module that has not been tampered with exists by referring to monitoring results received from an information security device and selects, when existence is detected, one of the monitoring modules and assumes that the selected monitoring module has been tampered with. The monitoring device then successively applies a procedure to monitoring modules other than the selected monitoring module by referring to the monitoring results, starting from the selected monitoring module, the procedure being to assume that any monitoring module determining that a monitoring module assumed to have been tampered with is normal has also been tampered with. As a result of the procedure, when all of the monitoring modules are assumed to have been tampered with the management device determines the selected monitoring module to be a normal monitoring module that has not been tampered with.

    摘要翻译: 管理设备通过参考从信息安全设备接收到的监视结果来检测是否存在尚未被篡改的任何正常监视模块,并且当检测到存在时选择监视模块中的一个并假定所选监控模块已被篡改 与。 然后,监视装置依次从所选择的监视模块开始,参考监视结果,对所选择的监视模块以外的监控模块应用程序,该过程是假设任何监视模块确定监视模块被假定为被篡改 与正常也被篡改。 作为该过程的结果,当假定所有监视模块被篡改时,管理装置将所选择的监视模块确定为未被篡改的正常监视模块。

    Tampering monitoring system, control device, and tampering control method
    9.
    发明授权
    Tampering monitoring system, control device, and tampering control method 有权
    篡改监控系统,控制装置和篡改控制方法

    公开(公告)号:US08800038B2

    公开(公告)日:2014-08-05

    申请号:US13375912

    申请日:2011-04-15

    IPC分类号: G06F11/00 G06F21/55

    摘要: Provided is a tampering monitoring system that can identify a monitoring module that has been tampered with among a plurality of monitoring modules. A management apparatus is provided with an acquisition unit that acquires a new monitoring module that has not been tampered with, a generation unit that generates a decoy monitoring module by modifying the acquired monitoring module, a transmission unit that transmits the decoy monitoring module to the information security device and causes the information security device to install the decoy monitoring module therein, a reception unit that receives from the information security device, after the decoy monitoring module has been installed, monitoring results generated by the monitoring modules monitoring other monitoring modules, and a determination unit that identifies, by referring to the received monitoring results, a monitoring module that determines the decoy monitoring module to be valid and determines the identified monitoring module to be invalid.

    摘要翻译: 提供了可以识别在多个监视模块中被篡改的监视模块的篡改监视系统。 一种管理装置,具备获取单元,其获取未被篡改的新的监视模块;生成单元,其通过修改获取的监视模块来生成诱饵监视模块;发送单元,将所述诱饵监视模块发送到所述信息 安全装置,使信息安全装置安装诱饵监视模块,在安装了诱饵监视模块之后从信息安全装置接收监视其他监视模块的监视模块生成的监视结果的接收部,以及 确定单元,其通过参考所接收的监视结果来识别监视模块,其将所述诱饵监视模块确定为有效并且将所识别的监视模块确定为无效。