-
公开(公告)号:US20210329020A1
公开(公告)日:2021-10-21
申请号:US17363463
申请日:2021-06-30
发明人: Aiko IWASAKI , Kiyoto KAWAUCHI , Kazuhiro ONO , Takuya SHOYA , Hiromitsu SHIRAI , Hideaki IJIRO
摘要: An erroneous detection amount obtaining unit (110) obtains using an overall detection rule group corresponding to an overall phase group that configures a series of attack activities, an erroneous detection amount of each phase of when attack detection is performed. A final stages verification unit (121) verifies whether or not an erroneous detection amount of a final phases group satisfies a final stages limitation. An overall verification unit (123) verifies whether or not the erroneous detection amount of the overall phase group satisfies an overall limitation. In a case where the erroneous detection amount of the final phases group does not satisfy the final stages limitation, a final stages adjustment unit (122) adjusts a parameter value of each detection rule of a final stages detection rule group. In a case where the erroneous detection amount of the final phases group satisfies the final stages limitation and the erroneous detection amount of the overall phase group does not satisfy the overall limitation, an overall adjustment unit (124) adjusts a parameter value of each detection rule other than the final stages detection rule group.
-
2.发明申请公开(公告)号:US20190081988A1
公开(公告)日:2019-03-14
申请号:US16081325
申请日:2016-06-01
发明人: Tomonori NEGI , Kiyoto KAWAUCHI , Junko NAKAJIMA , Yukio IZUMI , Hiroyuki SAKAKIBARA , Shigeki KITAZAWA , Kazuhiro ONO , Takeshi ASAI , Hideaki IJIRO , Hiroki NISHIKAWA
摘要: A second communication unit (411) of a security management apparatus (201) externally receives dependency information (412) indicating a dependence relation between information assets individually held by a first system and a second system. Then, a selection unit (415) of the security management apparatus (201) selects a security measure to be implemented, from among candidates for a security measure against a threat to an information asset held by the first system, in accordance with a dependence relation indicated by the dependency information (412) received by the second communication unit (411).
-
3.发明申请公开(公告)号:US20210117538A1
公开(公告)日:2021-04-22
申请号:US16634832
申请日:2017-12-06
发明人: Kazuhiro ONO , Hisashige ITO , Motoka TAKAHASHI
IPC分类号: G06F21/55
摘要: If an attack activity is detected using a detection rule, an analysis information calculation unit analyzes a situation in which a current attack activity that is the detected attack activity is detected, a situation in which each of a plurality of past attack activities has been detected, the plurality of past attack activities being a plurality of attack activities that has been detected in the past using the detection rule, and a situation that the detection rule assumes, and chooses, based on an analysis result, an arbitrary number of attack activities from the plurality of past attack activities. A warning importance estimation unit presents a countermeasure that has been implemented against the attack activity chosen by the analysis information calculation unit.
-
-
搜索结果
3 条记录 (耗时 0.016 秒)
