LOG ANALYSIS DEVICE, LOG ANALYSIS METHOD, AND LOG ANALYSIS PROGRAM

WIPO Patent Application WO/2017/221711

A1

A log acquisition unit (201) acquires a communication log to be analyzed which can be obtained from communications in a predetermined network. A log analysis unit (204) detects terminals that match analysis rules involving signatures generated on the basis of characteristics of communication logs generated by malware-infected terminals. A primary scoring unit (206) and a secondary scoring unit (208) calculate, by using information about the analysis rules and information about the detection results, scores representing the degrees of threat with regard to the detection results including the information about the terminals detected by the log analysis unit (204) and the analysis rules matching the terminals. A detection result display unit (209) outputs the detection results and the scores calculated by the primary scoring unit (206) and the secondary scoring unit (208).

NAKATA KENSUKE (JP)

PCT/JP2017/021167

December 28, 2017

June 07, 2017

Click for automatic bibliography generation  

NIPPON TELEGRAPH & TELEPHONE (JP)

G06F21/55

WO2015141630A1

2015-09-24

KENSUKE NAKATA: "A Method of Extracting Common Malware Communication Patterns from Dynamic Analysis Result", CSS2015 COMPUTER SECURITY SYMPOSIUM 2015 RONBUNSHU GODO KAISAI ANTI MALWARE ENGINEERING WORKSHOP 2015 PRIVACY WORKSHOP 2015 IPSJ SYMPOSIUM SERIES, vol. 2015, 14 October 2015 (2015-10-14), pages 318 - 325, XP055445010
TAKUYA MISHINA: "IoT Muke SIEM System Sekkei no Tameno Kyoi Scenerio Kento", IEICE TECHNICAL REPORT, vol. 116, no. 65, 19 May 2016 (2016-05-19), pages 33 - 38

SAKAI INTERNATIONAL PATENT OFFICE (JP)

View/Download PDF      PDF Help

Previous Patent: SOLAR CELL MANUFACTURING METHOD

Next Patent: METHOD FOR MANUFACTURING THREE-DIMENSIONALLY SHAPED OBJECT