Title:
BLACKLIST GENERATION DEVICE, BLACKLIST GENERATION SYSTEM, BLACKLIST GENERATION METHOD, AND BLACKLIST GENERATION PROGRAM
Document Type and Number:
WIPO Patent Application WO/2016/132992
Kind Code:
A1
Abstract:
A blacklist generation device (300) acquires a malicious communication log (301a) and a normal communication log (301b). A malicious communication profile extraction function (305) calculates the statistic value of a communication pattern included in the malicious communication log (301a), and outputs a communication pattern that satisfies a prescribed condition as a blacklist candidate (305a). A normal communication profile extraction function (306) calculates the statistic value of a communication pattern included in the normal communication log (301b), and outputs a communication pattern that satisfies a prescribed condition as a white list (306a). A blacklist creation function (307) searches for the value of the blacklist candidate (305a) by the value of the white list (306a), excludes a matching communication pattern from the blacklist candidate (305a), and creates a blacklist (307a).
Inventors:
NAKATA KENSUKE (JP)
SATO TOHRU (JP)
AOKI KAZUFUMI (JP)
KAMIYA KAZUNORI (JP)
SATO TOHRU (JP)
AOKI KAZUFUMI (JP)
KAMIYA KAZUNORI (JP)
Application Number:
PCT/JP2016/053982
Publication Date:
August 25, 2016
Filing Date:
February 10, 2016
Export Citation:
Assignee:
NIPPON TELEGRAPH & TELEPHONE (JP)
International Classes:
G06F21/56
Foreign References:
| US20070226803A1 | 2007-09-27 | |||
| US20120090027A1 | 2012-04-12 | |||
| US8151341B1 | 2012-04-03 |
Other References:
KENSUKE NAKATA ET AL.: "Ruleset Optimization for Detecting Malware-Derived Traffic Based on Network-Dependent Log Analysis", IPSJ SIG NOTES SECURITY PSYCHOLOGY & TRUST (SPT) 2014-SPT-008, 26 March 2014 (2014-03-26), XP009500565
Attorney, Agent or Firm:
SAKAI INTERNATIONAL PATENT OFFICE (JP)
Patent business corporation Sakai international patent firm (JP)
Patent business corporation Sakai international patent firm (JP)
Download PDF: