Processing

Please wait...

Settings

Settings

Goto Application

1. WO2018143097 - DETERMINATION DEVICE, DETERMINATION METHOD, AND DETERMINATION PROGRAM

Publication Number WO/2018/143097
Publication Date 09.08.2018
International Application No. PCT/JP2018/002532
International Filing Date 26.01.2018
IPC
G06F 21/55 2013.1
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
G06F 17/30 2006.1
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
17Digital computing or data processing equipment or methods, specially adapted for specific functions
30Information retrieval; Database structures therefor
CPC
G06F 16/00
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
16Information retrieval; Database structures therefor; File system structures therefor
G06F 21/577
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
577Assessing vulnerabilities and evaluating computer system security
G06F 2221/034
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
2221Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
034Test or assess a computer or a system
Applicants
  • 日本電信電話株式会社 NIPPON TELEGRAPH AND TELEPHONE CORPORATION [JP]/[JP]
Inventors
  • 鐘 揚 ZHONG, Yang
  • 佐藤 徹 SATO, Tohru
Agents
  • 特許業務法人酒井国際特許事務所 SAKAI INTERNATIONAL PATENT OFFICE
Priority Data
2017-01595131.01.2017JP
Publication Language Japanese (ja)
Filing Language Japanese (JA)
Designated States
Title
(EN) DETERMINATION DEVICE, DETERMINATION METHOD, AND DETERMINATION PROGRAM
(FR) DISPOSITIF DE DÉTERMINATION, PROCÉDÉ DE DÉTERMINATION ET PROGRAMME DE DÉTERMINATION
(JA) 判定装置、判定方法、および、判定プログラム
Abstract
(EN) A determination device (10) comprises: a keyword extraction unit (12) for extracting a keyword characterizing vulnerability from known vulnerability information; and a 0-day attack determination unit (15) for comparing the keyword characterizing vulnerability with a keyword included in a request used for an attack, and when the value of a score indicating a degree by which the same keyword as the keyword characterizing vulnerability is included in the request is less than a predetermined threshold, determining that the request is a 0-day attack that is neither a known attack nor an attack similar to the known attack.
(FR) L'invention concerne un dispositif de détermination (10) comprenant : une unité d'extraction de mot-clé (12) pour extraire un mot-clé caractérisant une vulnérabilité à partir d'informations de vulnérabilité connues; et une unité de détermination d'attaque zero day (15) pour comparer le mot-clé caractérisant la vulnérabilité avec un mot-clé inclus dans une requête utilisée pour une attaque, et lorsque la valeur d'un score indiquant un degré par lequel le même mot-clé que le mot-clé caractérisant la vulnérabilité est inclus dans la demande est inférieure à un seuil prédéterminé, déterminer que la requête est une attaque zero day qui n'est ni une attaque connue ni une attaque similaire à l'attaque connue.
(JA) 判定装置(10)は、既知の脆弱性情報から、脆弱性を特徴づけるキーワードを抽出するキーワード抽出部(12)と、脆弱性を特徴づけるキーワードと、攻撃に用いられたリクエストに含まれるキーワードとを比較し、リクエストに、脆弱性を特徴づけるキーワードと同じキーワードが含まれる度合いの高さを示すスコアの値が所定の閾値未満である場合、リクエストを、既知の攻撃でもなく、また、既知の攻撃に類似する攻撃でもない0-day攻撃と判定する0-day攻撃判定部(15)とを備える。
Related patent documents
Latest bibliographic data on file with the International Bureau