NON-TRANSITORY RECORDING MEDIUM RECORDING CYBER-ATTACK ANALYSIS SUPPORTING PROGRAM, CYBER-ATTACK ANALYSIS SUPPORTING METHOD, AND CYBER-ATTACK ANALYSIS SUPPORTING APPARATUS

US 20180063177A1
Filed: 08/07/2017
Published: 03/01/2018
Est. Priority Date: 08/26/2016
Status: Active Grant

First Claim

Patent Images

1. A non-transitory recording medium recording a cyber-attack analysis supporting program that causes a computer to execute a process, the process comprising:

accepting registration of information of one or more items regarding a cyber-attack event in response to detection of malware in an information processing system of a monitoring target; and

displaying the information registered regarding the cyber-attack event in a state in which each of the one or more items is coupled as a subordinate node to a representative node of the cyber-attack event.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A non-transitory recording medium recording a cyber-attack analysis supporting program that causes a computer to execute a process, the process includes: accepting registration of information of one or more items regarding a cyber-attack event in response to detection of malware in an information processing system of a monitoring target; and displaying the information registered regarding the cyber-attack event in a state in which each of the one or more items is coupled as a subordinate node to a representative node of the cyber-attack event.

26 Citations

View as Search Results

13 Claims

1. A non-transitory recording medium recording a cyber-attack analysis supporting program that causes a computer to execute a process, the process comprising:
- accepting registration of information of one or more items regarding a cyber-attack event in response to detection of malware in an information processing system of a monitoring target; and
  
  displaying the information registered regarding the cyber-attack event in a state in which each of the one or more items is coupled as a subordinate node to a representative node of the cyber-attack event.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The non-transitory recording medium according to claim 1, wherein the one or more items include an attacker, an attack method, a detection index, an observation event, an incident, a corrective measure, or an attack target.
  - 3. The non-transitory recording medium according to claim 2, wherein the information of the attacker includes information regarding at least one of a transmission source mail address of the cyber-attack event and an account of a social network service.
  - 4. The non-transitory recording medium according to claim 2, wherein the information of the attack method includes information of a pattern of an attack, a resource used by the attacker, an attack base of the attacker, or an attack target.
  - 5. The non-transitory recording medium according to claim 2, wherein the information of the detection index includes information indicative of an index that characterizes the cyber-attack event.
  - 6. The non-transitory recording medium according to claim 2, wherein the information of the observation event includes information indicative of an event relating to an operation observed in the cyber-attack event.
  - 7. The non-transitory recording medium according to claim 2, wherein the information of the incident includes information regarding at least one of an owner or a manager of an asset damaged by the attacker and a place of the asset.
  - 8. The non-transitory recording medium according to claim 2, wherein the information of the corrective measure includes information indicative of a measure to cope with a threat by the cyber-attack event.
  - 9. The non-transitory recording medium according to claim 2, wherein the information of the attack target includes information indicative of a weak point of an asset that becomes a target of an attack in the cyber-attack event.

10. A cyber-attack analysis supporting method, comprising:
- accepting, by a computer, registration of information of one or more items regarding a cyber-attack event in response to detection of malware in an information processing system of a monitoring target; and
  
  displaying the information registered regarding the cyber-attack event in a state in which each of the one or more items is coupled as a subordinate node to a representative node of the cyber-attack event.
- View Dependent Claims (11)
- - 11. The cyber-attack analysis supporting method according to claim 10, wherein the one or more items include an attacker, an attack method, a detection index, an observation event, an incident, a corrective measure, or an attack target.

12. A cyber-attack analysis supporting apparatus, comprising:
- a memory that stores a cyber-attack analysis supporting program; and
  
  a processor that executes a process based on the cyber-attack analysis supporting program,wherein the process includes;
  
  accepting registration of information of one or more items regarding a cyber-attack event in response to detection of malware in an information processing system of a monitoring target; and
  
  displaying the information registered regarding the cyber-attack event in a state in which each of the one or more items is coupled as a subordinate node to a representative node of the cyber-attack event.
- View Dependent Claims (13)
- - 13. The cyber-attack analysis supporting apparatus according to claim 12, wherein the one or more items include an attacker, an attack method, a detection index, an observation event, an incident, a corrective measure, or an attack target.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fujitsu Limited
Original Assignee
Fujitsu Limited
Inventors
YAMADA, Koji, YOSHIMURA, Kunihiko, TANABE, KOUTA, Satomi, Toshitaka, Masuoka, Ryusuke

Granted Patent

US 10,476,904 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/00   Information retrieval; Data...

G06F 21/552   involving long-term monitor...

G06F 21/554   involving event detection a...

H04L 2463/146   Tracing the source of attacks

H04L 63/1408   by monitoring network traff...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1433   Vulnerability analysis

H04L 63/1441   Countermeasures against mal...

NON-TRANSITORY RECORDING MEDIUM RECORDING CYBER-ATTACK ANALYSIS SUPPORTING PROGRAM, CYBER-ATTACK ANALYSIS SUPPORTING METHOD, AND CYBER-ATTACK ANALYSIS SUPPORTING APPARATUS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

26 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

NON-TRANSITORY RECORDING MEDIUM RECORDING CYBER-ATTACK ANALYSIS SUPPORTING PROGRAM, CYBER-ATTACK ANALYSIS SUPPORTING METHOD, AND CYBER-ATTACK ANALYSIS SUPPORTING APPARATUS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links