WO2017221299A1 - Dispositif de détermination de contre-mesure de sécurité, procédé de détermination de contre-mesure de sécurité et programme de détermination de contre-mesure de sécurité - Google Patents

Dispositif de détermination de contre-mesure de sécurité, procédé de détermination de contre-mesure de sécurité et programme de détermination de contre-mesure de sécurité Download PDF

Info

Publication number
WO2017221299A1
WO2017221299A1 PCT/JP2016/068266 JP2016068266W WO2017221299A1 WO 2017221299 A1 WO2017221299 A1 WO 2017221299A1 JP 2016068266 W JP2016068266 W JP 2016068266W WO 2017221299 A1 WO2017221299 A1 WO 2017221299A1
Authority
WO
WIPO (PCT)
Prior art keywords
threat
combination
security
conditions
unsatisfied
Prior art date
Application number
PCT/JP2016/068266
Other languages
English (en)
Japanese (ja)
Inventor
弘毅 西川
河内 清人
Original Assignee
三菱電機株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 三菱電機株式会社 filed Critical 三菱電機株式会社
Priority to JP2018506453A priority Critical patent/JP6324646B1/ja
Priority to PCT/JP2016/068266 priority patent/WO2017221299A1/fr
Publication of WO2017221299A1 publication Critical patent/WO2017221299A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms

Definitions

  • the present invention relates to a security measure determining device, a security measure determining method, and a security measure determining program.
  • Patent Document 1 discloses a technology that collects system and asset configuration information, calculates a risk evaluation index using a logical expression that represents a threat generation condition, and implements countermeasures against vulnerable locations. Yes.
  • Patent Document 2 discloses a technique for finding a vulnerable part by deriving an attack tree for a system and presenting a risk mitigation measure.
  • Patent Document 3 discloses a technique for selecting a measure with a high risk reduction rate and selecting a measure with a low cost when the reduction rate is the same.
  • the present invention aims to reduce potential risks in the system.
  • a security measure determining apparatus includes: A combination of one or more conditions in which a threat affecting the system is generated, and threat information indicating whether the conditions included in the combination are satisfied or unsatisfied in the system are generated and generated.
  • a risk analysis unit that stores threat information in memory; Whether the threat is a threat to be dealt with by accessing the memory, referring to the threat information generated by the risk analysis unit, and according to the number of unsatisfied conditions included in the combination
  • Security measures that can change at least one satisfied condition included in the combination to an unsatisfied condition if the threat is determined to be a threat to be addressed.
  • a measure selection section to select.
  • whether or not the threat is a threat to be dealt with is determined based on how many unsatisfied conditions are present in a combination of one or more conditions that cause a threat that affects the system. If it is determined that the threat should be dealt with, a security measure that can change at least one satisfied condition to an unsatisfied condition is selected as the security countermeasure to be implemented. Is done. For this reason, the potential risk in the system can be reduced.
  • FIG. 2 is a block diagram showing a configuration of a security measure determination device according to the first embodiment.
  • 5 is a flowchart showing the operation of the security measure determining apparatus according to the first embodiment.
  • 6 is a flowchart showing an operation example of a countermeasure selection unit of the security countermeasure determining apparatus according to the first embodiment.
  • FIG. 4 is a block diagram illustrating a configuration of a security measure determining apparatus according to a second embodiment.
  • Embodiment 1 FIG. This embodiment will be described with reference to FIGS.
  • the security measure determining apparatus 100 is a computer.
  • the security measure determining apparatus 100 includes a processor 101 and other hardware such as a memory 102, an auxiliary storage device 103, an input interface 104, and a screen output interface 105.
  • the processor 101 is connected to other hardware via a signal line, and controls these other hardware.
  • the security measure determining apparatus 100 includes a configuration extracting unit 120, an information extracting unit 130, a risk analyzing unit 140, a measure selecting unit 150, and a measure applying unit 160 as functional elements.
  • Functions of “units” such as the configuration extraction unit 120, the information extraction unit 130, the risk analysis unit 140, the countermeasure selection unit 150, and the countermeasure application unit 160 are realized by software.
  • the processor 101 is an IC that performs processing.
  • IC is an abbreviation for Integrated Circuit.
  • the processor 101 is a CPU.
  • CPU is an abbreviation for Central Processing Unit.
  • the threat information 111 is stored in the memory 102.
  • the threat information 111 is information indicating a combination of one or more conditions in which a threat that affects the system 200 occurs and whether the conditions included in the combination are satisfied or not satisfied in the system 200. is there. Although the number of threats considered may be one, in the present embodiment, there are a plurality of threats. In other words, in the present embodiment, the threat information 111 includes, for a plurality of threats affecting the system 200, a combination of one or more conditions for generating each threat, and conditions included in each threat combination. This is information indicating whether the system 200 is satisfied or not satisfied.
  • the memory 102 is a flash memory or a RAM. “RAM” is an abbreviation for Random Access Memory.
  • a countermeasure database 112 is stored in the auxiliary storage device 103.
  • the countermeasure database 112 is a database that stores a set of cost and implementation contents for each security countermeasure that can be implemented for the system 200.
  • the countermeasure database 112 is appropriately expanded in the memory 102 and is referred to or operated by the processor 101.
  • the auxiliary storage device 103 further stores a program for realizing the function of “unit”. This program is loaded into the memory 102 and executed by the processor 101.
  • the auxiliary storage device 103 also stores an OS. “OS” is an abbreviation for Operating System.
  • the processor 101 executes a program for realizing the function of “unit” while executing the OS. A part or all of the program for realizing the function of “unit” may be incorporated in the OS.
  • the auxiliary storage device 103 is a flash memory or an HDD. “HDD” is an abbreviation for Hard Disk Drive.
  • the input interface 104 is a port to which an input device (not shown) is connected. Specifically, the input interface 104 is a USB terminal. “USB” is an abbreviation for Universal Serial Bus. Specifically, the input device is a mouse, a keyboard, or a touch panel.
  • the screen output interface 105 is a port to which a display (not shown) is connected. Specifically, the screen output interface 105 is a USB terminal. Specifically, the display is an LCD. “LCD” is an abbreviation for Liquid Crystal Display.
  • the security measure determining apparatus 100 may include a communication device as hardware.
  • the communication device includes a receiver that receives data and a transmitter that transmits data.
  • the communication device is a communication chip or a NIC.
  • NIC is an abbreviation for Network Interface Card.
  • the security measure determining apparatus 100 may include a plurality of processors that replace the processor 101.
  • the plurality of processors share the execution of a program that realizes the function of “unit”.
  • Each processor is an IC that performs processing in the same manner as the processor 101.
  • Information, data, signal values, and variable values indicating the processing results of “unit” are stored in the memory 102, the auxiliary storage device 103, or a register or cache memory in the processor 101.
  • the program for realizing the function of “unit” may be stored in a portable recording medium such as a magnetic disk or an optical disk.
  • the operation of the security measure determining apparatus 100 corresponds to the security measure determining method according to the present embodiment.
  • the operation of the security countermeasure determining apparatus 100 corresponds to the processing procedure of the security countermeasure determining program according to the present embodiment.
  • step S11 the configuration extraction unit 120 investigates the management target system 200, and extracts system configuration information indicating the configuration of the system 200.
  • the system configuration information includes information such as the network configuration and the OS version.
  • the system configuration information is defined and acquired in the same manner as the “diagnostic item” described in Patent Document 4.
  • the configuration extraction unit 120 inputs the extracted system configuration information to the risk analysis unit 140.
  • step S12 the information extraction unit 130 investigates the system 200 to be managed, and extracts asset information indicating the arrangement of information with asset value held by the system 200.
  • the asset information is information indicating the arrangement of information having asset value such as confidential information and customer information in the system 200 to be managed.
  • asset information is defined and acquired in the same manner as “placement information” described in Patent Document 1.
  • the information extraction unit 130 inputs the extracted asset information to the risk analysis unit 140.
  • step S13 a set of the contents and cost of the security countermeasure is input to the countermeasure database 112. This input may be automatically performed by importing data, but is manually performed in the present embodiment.
  • step S14 and step S15 the risk analysis unit 140 generates the threat information 111 and stores the generated threat information 111 in the memory 102.
  • the risk analysis unit 140 extracts an attack tree of the management target system 200 using the system configuration information and asset information input from the configuration extraction unit 120 and the information extraction unit 130.
  • the attack tree is a kind of risk analysis technique.
  • the attack tree is defined and acquired in the same manner as that described in Patent Document 2.
  • step S15 the risk analysis unit 140 obtains a logical expression of the threat occurrence condition based on the attack tree. This logical expression is expressed in an additive standard form and stored in the memory 102 as threat information 111. A specific example of the logical expression of the threat generation condition will be described later.
  • the countermeasure selection unit 150 accesses the memory 102 and refers to the threat information 111 generated by the risk analysis unit 140.
  • the threat information 111 is a combination of one or more conditions in which a threat that affects the system 200 occurs, and the conditions included in the combination are satisfied or not satisfied in the system 200. It is the information which shows.
  • the measure selection unit 150 determines whether the threat is a threat to be dealt with according to the number of unsatisfied conditions included in the combination. When it is determined that the threat should be dealt with, the countermeasure selection unit 150 performs security countermeasures that can implement a security countermeasure that can change at least one satisfied condition included in the combination to an unsatisfied condition. Select measures.
  • the threat information 111 includes, for a plurality of threats affecting the system 200, a combination of one or more conditions in which each threat occurs and a condition included in each threat combination. It is the information which shows whether it is satisfied in (2). Therefore, the countermeasure selection unit 150 individually determines whether each threat is a threat to be dealt with according to the number of unsatisfied conditions included in each combination of threats. That is, the countermeasure selection unit 150 identifies a threat to be addressed from a plurality of threats according to the number of unsatisfied conditions included in each threat combination. Then, the measure selection unit 150 selects a security measure that can change at least one satisfied condition included in the identified combination of threats to an unsatisfied condition as a security measure to be implemented.
  • step S ⁇ b> 16 the measure selection unit 150 performs analysis based on the logical expression of the threat generation condition obtained by the risk analysis unit 140 and determines whether security measures are necessary. If a security measure is necessary, in step S17, the measure selection unit 150 refers to the measure database 112, determines which security measure can be implemented while considering the cost, and actually implements the security measure. To the countermeasure application unit 160.
  • step S18 the countermeasure application unit 160 receives an instruction from the countermeasure selection unit 150, calls the actually implemented security countermeasure from the countermeasure database 112, and implements the security countermeasure on the management target system 200.
  • the security measure there is a measure to change the setting of the security device included in the system 200 to be managed.
  • security measures are defined and implemented in the same manner as described in Patent Document 1.
  • step S16 and step S17 With reference to FIG. 3, the operation example of the measure selection unit 150 in step S16 and step S17 will be described.
  • Expression 1 is a logical expression of threat generation conditions in the system 200 to be evaluated.
  • j 1, 2, ⁇ ⁇ ⁇ , when the m i, pij denotes one one of the conditions for threat ri occurs, the number of conditions for m i is the threat ri occurs Show.
  • the condition there is a condition of being connected to a network.
  • “ ⁇ ” represents a logical sum
  • represents a logical product.
  • step S21 the countermeasure selection unit 150 checks the value of Expression 1, which is a logical expression of the threat occurrence condition.
  • Expression 1 is a logical expression of the threat occurrence condition.
  • step S22 the measure selection unit 150 evaluates which item is “1” and identifies the corresponding item.
  • step S23 the measure selection unit 150 calculates f (ri) for all ri, and if there is a value whose calculated value is smaller than the threshold th, executes step S24.
  • the threshold th is set to an arbitrary value larger than “0”. If there are a plurality of corresponding ri in step S22, step S24 is executed for all corresponding ri.
  • step S24 the countermeasure selecting unit 150 selects a security countermeasure for dealing with the threat ri identified in step S22 or step S23, and notifies the countermeasure applying section 160 of it.
  • the selected security measure is a procedure such that “1” is changed to “0”.
  • “blocking the network” is selected as a security measure.
  • the security measures to be implemented are to deal with other threats rk by implementing that one security measure, and to implement that one security measure. It is desirable that the cost of A plurality of security measures may be selected.
  • step S23 The selection of security measures for dealing with the threat ri identified in step S23 will be described in detail.
  • the countermeasure selection unit 150 extracts all pij whose values are “1” in ri specified in step S23.
  • Equation 3 a condition that requires security measures can be extracted for the threat ra.
  • the countermeasure selection unit 150 selects a security countermeasure that can set one or more elements e of the set E to “0” from the countermeasure database 112.
  • the security measures to be selected are selected from two viewpoints.
  • the first viewpoint is whether or not the number of elements e that can be set to “0” by implementing one security measure is large. This is because it is a good countermeasure that can eliminate a plurality of attack conditions with one security countermeasure.
  • the second viewpoint is the cost required when taking security measures.
  • the measure selection unit 150 calculates a cost necessary for implementing the security measure and preferentially selects a security measure with a low cost.
  • the cost may be time or money, and the time may be converted into money and evaluated on a common scale.
  • the countermeasure database 112 is a database that stores a set of cost and implementation contents for each security countermeasure that can be implemented for the system 200. Therefore, it is possible to select security measures from the viewpoint of cost.
  • whether or not a threat is a threat to be dealt with is determined based on how many unsatisfied conditions exist in a combination of one or more conditions that cause a threat that affects the system 200. Is done. If it is determined that the threat should be dealt with, a security measure that can change at least one satisfied condition to an unsatisfied condition is selected as the security countermeasure to be implemented. Is done. Thus, potential risks in the system 200 can be reduced.
  • the countermeasure selection unit 150 compares the number of unsatisfied conditions included in the combination of the conditions pij in which each threat ri occurs with a threshold th greater than “0”, and the threshold th A threat ri that includes a small number of unsatisfied conditions in the combination is identified as a threat to be dealt with. Therefore, even when the risk of threats is not obvious, it is possible to detect and deal with potential risks.
  • the countermeasure selection unit 150 gives priority to a security countermeasure that can change two or more satisfied conditions included in a combination of conditions in which the identified threat occurs to two or more unsatisfied conditions. Select security measures to be implemented. Desirably, the countermeasure selection unit 150 should prioritize security countermeasures that can change the satisfied conditions included in the combination of the conditions for generating the identified threats to more unsatisfied conditions. Select security measures. Thereby, an increase in the number of security measures to be implemented can be suppressed.
  • the countermeasure selection unit 150 selects a security countermeasure to be implemented with priority given to a security countermeasure implemented at a lower cost. Thereby, the increase in the cost concerning implementation of a security measure can be suppressed.
  • the function of “unit” is realized by software.
  • the function of “unit” may be realized by a combination of software and hardware. That is, a part of the function of “unit” may be realized by a dedicated electronic circuit, and the rest may be realized by software.
  • the dedicated electronic circuit is a single circuit, a composite circuit, a programmed processor, a parallel programmed processor, a logic IC, a GA, an FPGA, or an ASIC.
  • GA is an abbreviation for Gate Array.
  • FPGA is an abbreviation for Field-Programmable Gate Array.
  • ASIC is an abbreviation for Application Specific Integrated Circuit.
  • the processor 101, the memory 102, and the dedicated electronic circuit are collectively referred to as a “processing circuit”. That is, regardless of whether the function of “part” is realized by software or a combination of software and hardware, the function of “part” is realized by a processing circuit.
  • Part may be read as “Process”, “Procedure”, or “Process”.
  • Embodiment 2 FIG. The difference between the present embodiment and the first embodiment will be mainly described with reference to FIG.
  • the security measure determining apparatus 100 includes a configuration extracting unit 120, an information extracting unit 130, a risk analyzing unit 140, a measure selecting unit 150, a measure applying unit 160, and an impact reflecting unit 170 as functional elements.
  • Functions of “units” such as the configuration extraction unit 120, the information extraction unit 130, the risk analysis unit 140, the countermeasure selection unit 150, the countermeasure application unit 160, and the influence reflection unit 170 are realized by software.
  • pij in the above-described expression 2 is currently “0” and safe, but unless the pij is set to “1”. It may not be possible. However, if the value of ri becomes “1” by setting pij to “1”, another pij must be set to “0” in ri. Therefore, the influence reflecting unit 170 changes pij that needs to be “1” to “1”. The contents of this change are input to the risk analysis unit 140, and thereafter, the same processing as in the first embodiment is performed.
  • the impact reflection unit 170 is a condition that should be satisfied in the system 200 in order for the system 200 to provide a service among unsatisfied conditions included in a combination of one or more conditions in which a threat occurs.
  • the information is changed to information indicating that the essential condition is satisfied in the system 200.
  • the countermeasure selecting unit 150 refers to the threat information 111 after being changed by the influence reflecting unit 170, and determines whether or not the threat is a threat to be dealt with. When it is determined that the threat is to be dealt with, the countermeasure selecting unit 150 changes at least one condition different from the essential condition among the satisfied conditions included in the combination to an unsatisfied condition. Select security measures that can be implemented as security measures to be implemented.
  • the impact reflection unit 170 satisfies the threat information 111 generated by the risk analysis unit 140 in the system 200 in order for the system 200 to provide a service among unsatisfied conditions included in each threat combination.
  • the information is changed to information indicating that the indispensable condition, which is a condition to be performed, is satisfied in the system 200.
  • the countermeasure selecting unit 150 refers to the threat information 111 after being changed by the influence reflecting unit 170 and identifies a threat to be dealt with. Then, the countermeasure selection unit 150 can change at least one condition different from the essential condition among the satisfied conditions included in the combination of the conditions in which the identified threat occurs to an unsatisfied condition. Select security measures as security measures to be implemented.
  • the function of “unit” is realized by software.
  • the function of “unit” is software and hardware. It may be realized by a combination.
  • 100 security countermeasure determination device 101 processor, 102 memory, 103 auxiliary storage device, 104 input interface, 105 screen output interface, 111 threat information, 112 countermeasure database, 120 configuration extraction unit, 130 information extraction unit, 140 risk analysis unit, 150 Countermeasure selection section, 160 countermeasure application section, 170 impact reflection section.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

Selon l'invention, une unité d'analyse de risques (140) d'un dispositif de détermination de contre-mesures de sécurité (100) produit des informations de menace (111). Les informations de menace (111) sont des informations qui indiquent, pour chaque menace d'une pluralité de menaces touchant un système (200), si oui ou non le système (200) respecte une combinaison d'une ou de plusieurs conditions dans lesquelles la menace se produit, et si oui ou non le système (200) respecte chaque condition individuelle comprise dans cette combinaison de conditions provoquant une menace. Une unité de sélection de contre-mesure (150) du dispositif de détermination de contre-mesure de sécurité (100) se réfère aux informations de menace (111) et identifie une menace à traiter, parmi la pluralité de menaces, en fonction du nombre de conditions qui sont comprises dans la combinaison de conditions provoquant une menace pour chaque menace et qui ne sont pas respectées actuellement par le système (200). L'unité de sélection de contre-mesure (150) sélectionne ensuite, en tant que contre-mesure de sécurité à effectuer, une contre-mesure de sécurité avec laquelle le système (200) peut être modifié de façon à ne pas respecter au moins une condition comprise dans la combinaison de conditions provoquant une menace pour la menace identifiée, ladite condition étant actuellement respectée par le système (200).
PCT/JP2016/068266 2016-06-20 2016-06-20 Dispositif de détermination de contre-mesure de sécurité, procédé de détermination de contre-mesure de sécurité et programme de détermination de contre-mesure de sécurité WO2017221299A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2018506453A JP6324646B1 (ja) 2016-06-20 2016-06-20 セキュリティ対策決定装置、セキュリティ対策決定方法およびセキュリティ対策決定プログラム
PCT/JP2016/068266 WO2017221299A1 (fr) 2016-06-20 2016-06-20 Dispositif de détermination de contre-mesure de sécurité, procédé de détermination de contre-mesure de sécurité et programme de détermination de contre-mesure de sécurité

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2016/068266 WO2017221299A1 (fr) 2016-06-20 2016-06-20 Dispositif de détermination de contre-mesure de sécurité, procédé de détermination de contre-mesure de sécurité et programme de détermination de contre-mesure de sécurité

Publications (1)

Publication Number Publication Date
WO2017221299A1 true WO2017221299A1 (fr) 2017-12-28

Family

ID=60784282

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2016/068266 WO2017221299A1 (fr) 2016-06-20 2016-06-20 Dispositif de détermination de contre-mesure de sécurité, procédé de détermination de contre-mesure de sécurité et programme de détermination de contre-mesure de sécurité

Country Status (2)

Country Link
JP (1) JP6324646B1 (fr)
WO (1) WO2017221299A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022162821A1 (fr) * 2021-01-28 2022-08-04 日本電気株式会社 Dispositif d'affichage, système d'affichage, procédé d'affichage et support non transitoire lisible par ordinateur

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP7258801B2 (ja) 2020-03-10 2023-04-17 株式会社東芝 情報処理装置、情報処理方法およびプログラム

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008004498A1 (fr) * 2006-07-06 2008-01-10 Nec Corporation Système, dispositif, procédé et programme de gestion des risques de sécurité
JP2016045736A (ja) * 2014-08-22 2016-04-04 株式会社日立製作所 セキュリティ設計支援装置およびセキュリティ設計支援方法

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20060030993A (ko) * 2004-10-07 2006-04-12 한국전자통신연구원 정보 자산의 보안 수준 분석 방법
JP5020776B2 (ja) * 2007-10-29 2012-09-05 株式会社エヌ・ティ・ティ・データ 情報セキュリティ対策決定支援装置及び方法ならびにコンピュータプログラム
JP5413010B2 (ja) * 2009-07-17 2014-02-12 日本電気株式会社 分析装置、分析方法およびプログラム

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008004498A1 (fr) * 2006-07-06 2008-01-10 Nec Corporation Système, dispositif, procédé et programme de gestion des risques de sécurité
JP2016045736A (ja) * 2014-08-22 2016-04-04 株式会社日立製作所 セキュリティ設計支援装置およびセキュリティ設計支援方法

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
NATIONAL CENTER OF INCIDENT READINESS AND STRATEGY FOR CYBERSECURITY, 25 June 2014 (2014-06-25) - 2 September 2016 (2016-09-02), pages 27 - 59 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022162821A1 (fr) * 2021-01-28 2022-08-04 日本電気株式会社 Dispositif d'affichage, système d'affichage, procédé d'affichage et support non transitoire lisible par ordinateur

Also Published As

Publication number Publication date
JP6324646B1 (ja) 2018-05-16
JPWO2017221299A1 (ja) 2018-06-28

Similar Documents

Publication Publication Date Title
KR101928908B1 (ko) 멀웨어 스캐닝을 용이하게 하기 위하여 명성 표시자를 사용하기 위한 시스템 및 그 방법
US9531746B2 (en) Generating accurate preemptive security device policy tuning recommendations
US10089473B2 (en) Software nomenclature system for security vulnerability management
JP6353498B2 (ja) ユーザ機器上でマルウェアを検出するためにアンチウィルス記録セットを生成するシステム及び方法
CN109155774B (zh) 用于检测安全威胁的系统和方法
CN111552973B (zh) 对设备进行风险评估的方法、装置、电子设备及介质
KR20180032566A (ko) 다수 소프트웨어 개체들에 걸쳐서 악성 행동을 트래킹하기 위한 시스템들 및 방법들
KR102116573B1 (ko) 컴퓨터 보안 작동을 최적화하기 위한 동적 명성 표시자
US10936714B1 (en) Systems and methods for preventing code insertion attacks
JP2006053788A (ja) ソフトウェア動作監視装置及びソフトウェア動作監視方法
EP2663944B1 (fr) Détection de programmes malveillants
CN110546936B (zh) 个性化威胁防护
US11522901B2 (en) Computer security vulnerability assessment
US20230068721A1 (en) Method and system for dynamic testing with diagnostic assessment of software security vulnerability
US11874925B2 (en) Data processing method for coping with ransomware, program for executing the method, and computer-readable recording medium storing the program
JP6324646B1 (ja) セキュリティ対策決定装置、セキュリティ対策決定方法およびセキュリティ対策決定プログラム
Lim et al. CVE records of known exploited vulnerabilities
JP6800744B2 (ja) ホワイトリスト作成装置
US20230367884A1 (en) Cyber attack scenario generation method and device
US11539737B2 (en) Adaptive security for resource constraint devices
JP7292505B1 (ja) 攻撃シナリオ生成装置、攻撃シナリオ生成方法、および、攻撃シナリオ生成プログラム
JP7427146B1 (ja) 攻撃分析装置、攻撃分析方法、及び攻撃分析プログラム
WO2024121950A1 (fr) Dispositif de sélection d'emplacement de placement, procédé de sélection d'emplacement de placement et programme de sélection d'emplacement de placement
US8825651B1 (en) Determining a group of related products on a computing device
JPWO2023032203A5 (fr)

Legal Events

Date Code Title Description
ENP Entry into the national phase

Ref document number: 2018506453

Country of ref document: JP

Kind code of ref document: A

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16906218

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16906218

Country of ref document: EP

Kind code of ref document: A1