Login| Sign Up| Help| Contact|

Patent Searching and Data


Title:
ATTACK OBSERVATION DEVICE AND ATTACK OBSERVATION METHOD
Document Type and Number:
WIPO Patent Application WO/2016/042587
Kind Code:
A1
Abstract:
 The present invention relates to an attack observation device which is a simulated environment constructed for running an illegal program such as malware created by an attacker and observing the behavior or attack method of the program. The attack observation device is provided with: a low-interactive-type simulated environment for executing a predetermined response to communication from malware on a terminal; a high-interactive-type simulated environment for executing a response to communication from malware by a virtual machine that simulates a terminal; and a communication management unit for monitoring the execution state of the low-interactive-type simulated environment for the communication from the malware, and switching the communication from the malware to the high-interactive-type simulated environment in accordance with the execution state of the low-interactive-type simulated environment.

Inventors:
KAWAUCHI KIYOTO (JP)
SAKURAI SHOJI (JP)
Application Number:
JP2014/004773
Publication Date:
March 24, 2016
Filing Date:
September 17, 2014
Export Citation:
Click for automatic bibliography generation   Help
Assignee:
MITSUBISHI ELECTRIC CORP (?1008310, JP)
International Classes:
G06F21/53; G06F21/56
Foreign References:
JP2008306610A2008-12-18
Other References:
MATTHEW L.BRINGER ET AL.: "A Survey:Recent Advances and Future Trends in Honeypot Research", INTERNATIONAL JOURNAL OF COMPUTER NETWORK AND INFORMATION SECURITY(IJCNIS, vol. 4, no. 10, September 2012 (2012-09-01), pages 63 - 75
YU ADACHI ET AL.: "Malware Analysis System using Process-level Virtualization", COMPUTERS AND COMMUNICATIONS, 2009 ISCC 2009, July 2009 (2009-07-01), pages 550 - 556, XP031510575
Attorney, Agent or Firm:
INABA, Tadahiko et al. (?1008310, JP)
Tadahiko Inaba (?1008310, JP)
Download PDF: