WIPO logo
Mobile | Deutsch | Español | Français | 日本語 | 한국어 | Português | Русский | 中文 | العربية |
PATENTSCOPE

Search International and National Patent Collections
World Intellectual Property Organization
Options
Query Language
Stem
Sort by:
List Length
Some content of this application is unavailable at the moment.
If this situation persist, please contact us atFeedback&Contact
1. (WO2017061469) IDENTIFICATION SYSTEM, IDENTIFICATION DEVICE AND IDENTIFICATION METHOD
Latest bibliographic data on file with the International Bureau    Submit observation

Pub. No.: WO/2017/061469 International Application No.: PCT/JP2016/079620
Publication Date: 13.04.2017 International Filing Date: 05.10.2016
IPC:
H04L 12/70 (2013.01) ,G06F 21/56 (2013.01)
H ELECTRICITY
04
ELECTRIC COMMUNICATION TECHNIQUE
L
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
12
Data switching networks
70
Packet switching systems
G PHYSICS
06
COMPUTING; CALCULATING; COUNTING
F
ELECTRIC DIGITAL DATA PROCESSING
21
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50
Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55
Detecting local intrusion or implementing counter-measures
56
Computer malware detection or handling, e.g. anti-virus arrangements
Applicants: NIPPON TELEGRAPH AND TELEPHONE CORPORATION[JP/JP]; 5-1, Otemachi 1-chome, Chiyoda-ku, Tokyo 1008116, JP
Inventors: TERAMOTO, Yasuhiro; JP
HU, Bo; JP
KISHI, Toshiharu; JP
NAGAFUCHI, Yukio; JP
KOYAMA, Takaaki; JP
KITAZUME, Hideo; JP
Agent: SAKAI INTERNATIONAL PATENT OFFICE; Toranomon Mitsui Building, 8-1, Kasumigaseki 3-chome, Chiyoda-ku, Tokyo 1000013, JP
Priority Data:
2015-19875306.10.2015JP
Title (EN) IDENTIFICATION SYSTEM, IDENTIFICATION DEVICE AND IDENTIFICATION METHOD
(FR) SYSTÈME D'IDENTIFICATION, DISPOSITIF D'IDENTIFICATION ET PROCÉDÉ D'IDENTIFICATION
(JA) 特定システム、特定装置および特定方法
Abstract:
(EN) An identification device (10) receives detection information from a security device (20) which detects activity relating to an illegal intrusion into a network or an infection of a terminal (50), and identifies the state of the terminal (50) from the activity of the terminal (50) and terminal (50) information included in the detection information. If the state of a terminal (50) is identified by a state identification unit (11) as being a malware-infected state, the identification device (10) identifies, on the basis of connection information stored by a configuration information storage device (30), a terminal (50) suspected of having been infected up to the terminal (50) activity included in the detection information, and identifies, as an infected terminal candidate which might be infected, a terminal (50) positioned on a path the infected terminal might use in a future illegal intrusion or terminal infection.
(FR) La présente invention concerne un procédé selon lequel un dispositif d'identification (10) reçoit une information de détection provenant d'un dispositif de sécurité (20) qui détecte une activité se rapportant à une intrusion illégale dans un réseau ou une infection d'un terminal (50), et identifie l'état du terminal (50) à partir de l'activité du terminal (50) et l'information de terminal (50) incluses dans l'information de détection. Si l'état d'un terminal (50) est identifié par une unité d'identification d'état (11) comme étant un état infecté par un logiciel malveillant, le dispositif d'identification (10) identifie, sur la base d'information de connexion stockée par un dispositif de stockage d'information de configuration (30), un terminal (50) suspecté d'avoir été infecté jusqu'à l'activité du terminal (50) incluse dans l'information de détection, et identifie, comme étant un terminal candidat infecté qui pourrait être infecté, un terminal (50) positionné sur un trajet que le terminal infecté pourrait utiliser dans une infection de terminal ou d'intrusion illégale subséquente.
(JA) 特定装置(10)は、ネットワーク内への不正侵入または端末(50)の感染に関する活動を検知するセキュリティ装置20から検知情報を受信し、該検知情報に含まれる端末(50)の情報および該端末(50)の活動内容から当該端末(50)の状態を特定する。そして、特定装置(10)は、状態特定部(11)によって端末(50)の状態がマルウェアに感染した状態であると特定された場合には、構成情報記憶装置(30)によって記憶された接続情報に基づいて、検知情報に含まれる端末(50)の活動内容に至るまでに感染した疑いがある端末(50)を特定し、感染した端末(50)が今後不正侵入または端末の感染に用いる可能性がある経路上に位置する端末(50)を感染する可能性がある感染端末の候補と特定する。
front page image
Designated States: AE, AG, AL, AM, AO, AT, AU, AZ, BA, BB, BG, BH, BN, BR, BW, BY, BZ, CA, CH, CL, CN, CO, CR, CU, CZ, DE, DJ, DK, DM, DO, DZ, EC, EE, EG, ES, FI, GB, GD, GE, GH, GM, GT, HN, HR, HU, ID, IL, IN, IR, IS, JP, KE, KG, KN, KP, KR, KW, KZ, LA, LC, LK, LR, LS, LU, LY, MA, MD, ME, MG, MK, MN, MW, MX, MY, MZ, NA, NG, NI, NO, NZ, OM, PA, PE, PG, PH, PL, PT, QA, RO, RS, RU, RW, SA, SC, SD, SE, SG, SK, SL, SM, ST, SV, SY, TH, TJ, TM, TN, TR, TT, TZ, UA, UG, US, UZ, VC, VN, ZA, ZM, ZW
African Regional Intellectual Property Organization (ARIPO) (BW, GH, GM, KE, LR, LS, MW, MZ, NA, RW, SD, SL, ST, SZ, TZ, UG, ZM, ZW)
Eurasian Patent Office (AM, AZ, BY, KG, KZ, RU, TJ, TM)
European Patent Office (EPO) (AL, AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LT, LU, LV, MC, MK, MT, NL, NO, PL, PT, RO, RS, SE, SI, SK, SM, TR)
African Intellectual Property Organization (BF, BJ, CF, CG, CI, CM, GA, GN, GQ, GW, KM, ML, MR, NE, SN, TD, TG)
Publication Language: Japanese (JA)
Filing Language: Japanese (JA)