INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSING METHOD AND STORAGE MEDIUM

US 20160063852A1
Filed: 04/15/2014
Published: 03/03/2016
Est. Priority Date: 04/23/2013
Status: Active Grant

First Claim

Patent Images

1-10. -10. (canceled)

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

To support work of an operator of a monitoring system to set a monitoring rule depending on an environment to be monitored. An information processing system includes an environment expression extracting unit which extracts environment expressions from incident information expressing a certain incident, which includes the environment expressions expressing environments to be monitored and action expressions expressing actions performed in the environments; an action expression extracting unit which extracts the action expressions from the incident information; and an information collecting unit which generates information in which the extracted action expressions are associated with the environment expressions expressing the environments when the actions expressed by the action expressions have been performed among the extracted environment expressions, conducts a search with respect to the generated information, with the action expressions as a key, and calculates, on the basis of the search, frequency at which the environment expressions have been extracted.

9 Citations

View as Search Results

28 Claims

1-10. -10. (canceled)

11. An information processing system comprising circuitry configured to:
- extract environment expressions from incident information, which describes an incident in which what abnormal action was performed in what environment, and which includesthe environment expressions expressing the environments to be monitored andaction expressions expressing actions performed in the environments;
  
  extract the action expressions from the incident information;
  
  generate information in which the extracted action expressions are associated with the environment expressions expressing the environments when the actions expressed by the action expressions have been performed among the extracted environment expressions, conducts a search with respect to the generated information, with the action expressions as a key, and calculates, on the basis of the search, frequency at which the environment expressions have been extracted;
  
  store the action expressions and the associated environment;
  
  refer to the stored expressions, and, when the frequency at which the environment expressions associated with a specific action expression among the stored action expressions have been extracted is higher than a predetermined threshold value, associates the specific action expression with the environment expressions having high frequency of extraction and outputs the associated expressions; and
  
  generate a monitoring rule for monitoring occurrence of an abnormal circumstance, on the basis of the outputted environment expressions and action expression, the monitoring rule having a conditional clause in which the environments expressed by the environment expressions are satisfied and the action expressed by the action expression is detected.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 12. The information processing system according to claim 11, the circuitry further configured toin the outputting, output information indicating that the actions expressed by the action expressions are abnormal actions in the environments expressed by the environment expressions.
  - 13. The information processing system according claim 11, the circuitry further configured toassociate an action expression with an environment expression extracted from the same incident information.
  - 14. The information processing system according to claim 12, the circuitry further configured toassociate an action expression with an environment expression extracted from the same incident information.
  - 15. The information processing system according to claim 11, the circuitry further configured toassociate an action expression with an environment expression extracted from the same sentence included in the incident information.
  - 16. The information processing system according to claim 12, the circuitry further configured toassociate an action expression with an environment expression extracted from the same sentence included in the incident information.
  - 17. The information processing system according to claim 13, the circuitry further configured toassociate an action expression with an environment expression extracted from the same sentence included in the incident information.
  - 18. The information processing system according to claim 11, the circuitry further configured tofor an action expression having frequency of extraction exceeding a predetermined threshold value, in the outputting, output the action expression and an environment expression associated with the action expression.
  - 19. The information processing system according to claim 12, the circuitry further configured tofor an action expression having frequency of extraction exceeding a predetermined threshold value, in the outputting, output the action expression and an environment expression associated with the action expression.
  - 20. The information processing system according to claim 13, the circuitry further configured tofor an action expression having frequency of extraction exceeding a predetermined threshold value, in the outputting, output the action expression and an environment expression associated with the action expression.
  - 21. The information processing system according to claim 14, the circuitry further configured tofor an action expression having frequency of extraction exceeding a predetermined threshold value, in the outputting, output the action expression and an environment expression associated with the action expression.
  - 22. The information processing system according to claim 11, the circuitry further configured toassociate a plurality of expressions expressing the same or similar actions or environments with a typical expression which is a typical expression of the plurality of expressions, and stores the associated expressions;
    - andrefer to the stored typical expression, on the basis of the environment expressions or the action expressions, to replace the environment expressions or the action expressions with the typical expression.
  - 23. The information processing system according to claim 12, the circuitry further configured toassociate a plurality of expressions expressing the same or similar actions or environments with a typical expression which is a typical expression of the plurality of expressions, and stores the associated expressions;
    - andrefer to the stored typical expression, on the basis of the environment expressions or the action expressions, to replace the environment expressions or the action expressions with the typical expression.
  - 24. The information processing system according to claim 13, the circuitry further configured toassociate a plurality of expressions expressing the same or similar actions or environments with a typical expression which is a typical expression of the plurality of expressions, and stores the associated expressions;
    - andrefer to the stored typical expression, on the basis of the environment expressions or the action expressions, to replace the environment expressions or the action expressions with the typical expression.
  - 25. The information processing system according to claim 14, the circuitry further configured toassociate a plurality of expressions expressing the same or similar actions or environments with a typical expression which is a typical expression of the plurality of expressions, and stores the associated expressions;
    - andrefer to the stored typical expression, on the basis of the environment expressions or the action expressions, to replace the environment expressions or the action expressions with the typical expression.
  - 26. The information processing system according to claim 15, the circuitry further configured toassociate a plurality of expressions expressing the same or similar actions or environments with a typical expression which is a typical expression of the plurality of expressions, and stores the associated expressions;
    - andrefer to the stored typical expression, on the basis of the environment expressions or the action expressions, to replace the environment expressions or the action expressions with the typical expression.

27. An information processing method executed by a computer, comprising processes of:
- extracting environment expressions from incident information, which describes an incident in which what abnormal action was performed in what environment, and which includesthe environment expressions expressing the environments to be monitored andaction expressions expressing actions performed in the environments;
  
  extracting the action expressions from the incident information;
  
  generating information in which the extracted action expressions are associated with the environment expressions expressing the environments when the actions expressed by the action expressions have been performed among the extracted environment expressions, conducts a search with respect to the generated information, with the action expressions as a key, and calculates, on the basis of the search, frequency at which the environment expressions have been extracted;
  
  storing the action expressions and the associated environment expressions;
  
  referring to the stored expressions, and, when the frequency at which the environment expressions associated with a specific action expression among the stored action expressions have been extracted is higher than a predetermined threshold value, associates the specific action expression with the environment expressions having high frequency of extraction and outputs the associated expressions; and
  
  generating a monitoring rule for monitoring occurrence of an abnormal circumstance, on the basis of the outputted environment expressions and action expression, the monitoring rule having a conditional clause in which the environments expressed by the environment expressions are satisfied and the action expressed by the action expression is detected.

28. A non-transitory computer-readable storage medium storing a program which causes a computer to execute processing for:
- extracting environment expressions from incident information, which describes an incident in which what abnormal action was performed in what environment, and which includesthe environment expressions expressing the environments to be monitored andaction expressions expressing actions performed in the environments;
  
  extracting the action expressions from the incident information;
  
  generating information in which the extracted action expressions are associated with the environment expressions expressing the environments when the actions expressed by the action expressions have been performed among the extracted environment expressions, conducts a search with respect to the generated information, with the action expressions as a key, and calculates, on the basis of the search, frequency at which the environment expressions have been extracted;
  
  storing the action expressions and the associated environment expressions;
  
  referring to the stored expressions, and, when the frequency at which the environment expressions associated with a specific action expression among the stored action expressions have been extracted is higher than a predetermined threshold value, associates the specific action expression with the environment expressions having high frequency of extraction and outputs the associated expressions; and
  
  generating a monitoring rule for monitoring occurrence of an abnormal circumstance, on the basis of the outputted environment expressions and action expression, the monitoring rule having a conditional clause in which the environments expressed by the environment expressions are satisfied and the action expressed by the action expression is detected.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NEC Corporation
Original Assignee
NEC Corporation
Inventors
ISHIZAWA, YOSHIO, NAKAZAWA, SATOSHI

Granted Patent

US 9,666,064 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06Q 10/06   Resources, workflows, human...

G06V 20/52   Surveillance or monitoring ...

G08B 21/02   Alarms for ensuring the saf...

G08B 31/00   Predictive alarm systems ch...

INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSING METHOD AND STORAGE MEDIUM

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

9 Citations

28 Claims

Specification

Use Cases

Quick Links

Others

INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSING METHOD AND STORAGE MEDIUM

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

9 Citations

28 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others