Non-transitory recording medium recording cyber-attack analysis supporting program, cyber-attack analysis supporting method, and cyber-attack analysis supporting apparatus
First Claim
1. A non-transitory recording medium encoded with a cyber-attack analysis supporting program, where the cyber-attack analysis supporting program, when executed by a processor, is operable to:
- accepting registration of pieces of information each including one or more items regarding respective cyber-attack events in response to detection of malware in an information processing system of a monitoring target;
displaying each of the pieces of information registered regarding the respective cyber-attack events in a state in which each of the one or more items is coupled as a subordinate node to a representative node of the respective cyber-attack events;
displaying pieces of data of the one or more items in a state in which each of the pieces of data is coupled as a sub-subordinate node to a node of the one or more items; and
displaying a coupling state between a first sub-subordinate node of the representative node of one of the cyber-attack events and a second sub-subordinate node of the representative node of another of the cyber-attack events when the first sub-subordinate node is associated with the second sub-subordinate node to recognize a relation between the one of the cyber-attack events and the another of the cyber-attack events.
1 Assignment
0 Petitions
Accused Products
Abstract
A non-transitory recording medium recording a cyber-attack analysis supporting program that causes a computer to execute a process, the process includes: accepting registration of information of one or more items regarding a cyber-attack event in response to detection of malware in an information processing system of a monitoring target; and displaying the information registered regarding the cyber-attack event in a state in which each of the one or more items is coupled as a subordinate node to a representative node of the cyber-attack event.
18 Citations
13 Claims
-
1. A non-transitory recording medium encoded with a cyber-attack analysis supporting program, where the cyber-attack analysis supporting program, when executed by a processor, is operable to:
-
accepting registration of pieces of information each including one or more items regarding respective cyber-attack events in response to detection of malware in an information processing system of a monitoring target; displaying each of the pieces of information registered regarding the respective cyber-attack events in a state in which each of the one or more items is coupled as a subordinate node to a representative node of the respective cyber-attack events; displaying pieces of data of the one or more items in a state in which each of the pieces of data is coupled as a sub-subordinate node to a node of the one or more items; and displaying a coupling state between a first sub-subordinate node of the representative node of one of the cyber-attack events and a second sub-subordinate node of the representative node of another of the cyber-attack events when the first sub-subordinate node is associated with the second sub-subordinate node to recognize a relation between the one of the cyber-attack events and the another of the cyber-attack events. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A cyber-attack analysis supporting method, comprising:
-
accepting registration of pieces of information each including one or more items regarding respective cyber-attack events in response to detection of malware in an information processing system of a monitoring target; displaying each of the pieces of information registered regarding the respective cyber-attack events in a state in which each of the one or more items is coupled as a subordinate node to a representative node of the respective cyber-attack events; displaying pieces of data of the one or more items in a state in which each of the pieces of data is coupled as a sub-subordinate node to a node of the one or more items; and displaying a coupling state between a first sub-subordinate node of the representative node of one of the cyber attack events and a second sub-subordinate node of the representative node of another of the cyber-attack events when the first sub-subordinate node is associated with the second sub-subordinate node to recognize a relation between the one of the cyber-attack events and the another of the cyber-attack events. - View Dependent Claims (11)
-
-
12. A cyber-attack analysis supporting apparatus, comprising:
-
a memory that stores a cyber-attack analysis supporting program; and a processor that executes a method based on the cyber-attack analysis supporting program, wherein the method includes; accepting registration of pieces of information each including one or more items regarding respective cyber-attack events in response to detection of malware in an information processing system of a monitoring target; displaying each of the pieces of information registered regarding the respective cyber-attack events in a state in which each of the one or more items is coupled as a subordinate node to a representative node of the respective cyber-attack events; displaying pieces of data of the one or more items in a state in which each of the pieces of data is coupled as a sub-subordinate node to a node of the one or more items; and displaying a coupling state between a first sub-subordinate node of the representative node of one of the cyber attack events and a second sub-subordinate node of the representative node of another of the cyber-attack events when the first sub-subordinate node is associated with the second sub-subordinate node to recognize a relation between the one of the cyber-attack events and the another of the cyber-attack events. - View Dependent Claims (13)
-
Specification