Patents by Inventor Kazumasa Omote
Kazumasa Omote has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8307445Abstract: An anti-worm program allows a computer to execute control of communication suspected as worm communication, the program allowing the computer to execute: a communication information acquisition step that acquires communication information which is information concerning communication from a target source; and a communication control step that has a control amount calculation formula for calculating the control amount of the communication from the target source using the communication information and performs control of the communication from the target source based on the communication control amount obtained using the control amount calculation formula.Type: GrantFiled: July 7, 2008Date of Patent: November 6, 2012Assignee: Fujitsu LimitedInventors: Bintatsu Noda, Kazumasa Omote, Yoshiki Higashikado, Masahiro Komura, Masashi Mitomo, Satoru Torii
-
Publication number: 20110162071Abstract: An anti-worm-measure parameter determining apparatus determines parameters for controlling timing for an anti-worm-measure means to start blocking of a communication by a worm in a network, for preventing a spread of the worm. An infectivity calculating unit calculates infectivity of the worm based on number of nodes connected to the network. A number-of-infected-nodes estimating unit calculates an expected value of number of infected nodes at a time when the worm transmits a predetermined number of packets, based on the infectivity calculated by the infectivity calculating unit.Type: ApplicationFiled: March 7, 2011Publication date: June 30, 2011Applicant: FUJITSU LIMITEDInventors: Kazumasa Omote, Takeshi Shimoyama
-
Patent number: 7926110Abstract: An anti-worm-measure parameter determining apparatus determines parameters for controlling timing for an anti-worm-measure means to start blocking of a communication by a worm in a network, for preventing a spread of the worm. An infectivity calculating unit calculates infectivity of the worm based on number of nodes connected to the network. A number-of-infected-nodes estimating unit calculates an expected value of number of infected nodes at a time when the worm transmits a predetermined number of packets, based on the infectivity calculated by the infectivity calculating unit.Type: GrantFiled: July 13, 2006Date of Patent: April 12, 2011Assignee: Fujitsu LimitedInventors: Kazumasa Omote, Takeshi Shimoyama
-
Patent number: 7752668Abstract: In this system, a monitor unit monitors outbound communications through a network interface. A process designation unit designates a process 2X which has generated communications. A process tree obtaining unit obtains and outputs process tree information for designation of an upper process to the process 2X. A discrimination unit refers to an illegal rule file for definition of an illegal process by a combination of a process and an upper process which have generated communications, and determines whether or not a process 2X is illegal according to communications information, process information, and process tree information. A process stop unit stops a process 2X determined to be illegal. A notification unit notifies a user of the stop of the process 2X.Type: GrantFiled: January 25, 2005Date of Patent: July 6, 2010Assignee: Fujitsu LimitedInventors: Kazumasa Omote, Masahiko Takenaka, Satoru Torii
-
Patent number: 7564837Abstract: A recording medium recording a network shutdown control program permitting suitable preventive measures to be taken. A detector monitors each network segment to be managed, and on detecting a communication fulfilling a predetermined condition, the detector generates a detection notification and sends the notification to a quarantine manager. On acquiring the detection notification generated by the detector of the local device or a detection notification generated by a remote network shutdown device, the quarantine manager generates a shutdown operation request in accordance with quarantine policy stored in a quarantine policy storage, and sends the request to a communication shutdown unit. In accordance with the shutdown operation request, the communication shutdown unit sets shutdown data identifying a target of shutdown and controls packets to be input to and output from the network segment so that the packets may be shut off or passed.Type: GrantFiled: March 1, 2006Date of Patent: July 21, 2009Assignee: Fujitsu LimitedInventors: Masahiro Komura, Kazumasa Omote, Yoshiki Higashikado, Masashi Mitomo, Bintatsu Noda, Satoru Torii
-
Publication number: 20090106817Abstract: A security management apparatus is capable of taking various security measures while referencing machine information and hence excellent in flexibility and widely applicable. The apparatus includes a security diagnostic unit for making a security diagnosis on the basis of security information obtained from a security information providing apparatus for providing information concerning security in a network and further on the basis of machine information obtained from at least one network machine connected to a network to judge a type of security-related processing to be executed for the network machine and also judge whether or not the security-related processing needs to be executed. A security execution unit executes predetermined security measure processing for the network machine on the basis of a result of diagnosis made by the security diagnostic unit.Type: ApplicationFiled: December 18, 2008Publication date: April 23, 2009Applicant: FUJITSU LIMITEDInventors: Kazumasa Omote, Satoru Torii
-
Patent number: 7490149Abstract: A security management apparatus is capable of taking various security measures while referencing machine information and hence excellent in flexibility and widely applicable. The apparatus includes a security diagnostic unit for making a security diagnosis on the basis of security information obtained from a security information providing apparatus for providing information concerning security in a network and further on the basis of machine information obtained from at least one network machine connected to a network to judge a type of security-related processing to be executed for the network machine and also judge whether or not the security-related processing needs to be executed. A security execution unit executes predetermined security measure processing for the network machine on the basis of a result of diagnosis made by the security diagnostic unit.Type: GrantFiled: December 9, 2003Date of Patent: February 10, 2009Assignee: Fujitsu LimitedInventors: Kazumasa Omote, Satoru Torii
-
Publication number: 20080271148Abstract: An anti-worm program allows a computer to execute control of communication suspected as worm communication, the program allowing the computer to execute: a communication information acquisition step that acquires communication information which is information concerning communication from a target source; and a communication control step that has a control amount calculation formula for calculating the control amount of the communication from the target source using the communication information and performs control of the communication from the target source based on the communication control amount obtained using the control amount calculation formula.Type: ApplicationFiled: July 7, 2008Publication date: October 30, 2008Applicant: FUJITSU LIMITEDInventors: Bintatsu NODA, Kazumasa Omote, Yoshiki Higashikado, Masahiro Komura, Masashi Mitomo, Satoru Torii
-
Publication number: 20070220606Abstract: An anti-worm-measure parameter determining apparatus determines parameters for controlling timing for an anti-worm-measure means to start blocking of a communication by a worm in a network, for preventing a spread of the worm. An infectivity calculating unit calculates infectivity of the worm based on number of nodes connected to the network. A number-of-infected-nodes estimating unit calculates an expected value of number of infected nodes at a time when the worm transmits a predetermined number of packets, based on the infectivity calculated by the infectivity calculating unit.Type: ApplicationFiled: July 13, 2006Publication date: September 20, 2007Inventors: Kazumasa Omote, Takeshi Shimoyama
-
Publication number: 20070101404Abstract: In a network relay device, unauthorized access from an internal computer to an external network is detected, an unauthorized destination service port used for the unauthorized access is specified, and a substitute port is allocated. A service relay unit and the internal computer are instructed to use the substitute port instead of the unauthorized destination service port, and an unauthorized access notification is sent. Mutual conversion of the unauthorized destination service port and a substitute service port is carried out, to relay a packet between an internal network and the external network.Type: ApplicationFiled: March 7, 2006Publication date: May 3, 2007Applicant: FUJITSU LIMITEDInventors: Yoshiki Higashikado, Masashi Mitomo, Masahiro Komura, Bintatsu Noda, Kazumasa Omote, Satoru Torii
-
Publication number: 20070011745Abstract: A computer-readable recording medium recording a worm detection parameter setting program for setting an appropriate worm detection parameter for target environments. When a log reader loads a communication log created within a prescribed time period, a log classifier classifies the entries of the communication log into categories based on communication contents. A frequency distribution creator analyzes the entries of a category, counts the number of appearance of each worm detection parameter value for each object of a preset network unit, and creates frequency distribution information. A threshold derivation unit analyzes the frequency distribution information and derives a threshold value that is used for determining whether a worm is propagating. An output unit outputs to an output device the threshold value for the worm detection parameter for the category, together with the frequency distribution information created by the frequency distribution creator, thereby providing a user with the information.Type: ApplicationFiled: March 16, 2006Publication date: January 11, 2007Applicant: FUJITSU LIMITEDInventors: Masashi Mitomo, Yoshiki Higashikado, Masahiro Komura, Bintatsu Noda, Kazumasa Omote, Satoru Torii
-
Publication number: 20070002838Abstract: A recording medium recording a network shutdown control program permitting suitable preventive measures to be taken. A detector monitors each network segment to be managed, and on detecting a communication fulfilling a predetermined condition, the detector generates a detection notification and sends the notification to a quarantine manager. On acquiring the detection notification generated by the detector of the local device or a detection notification generated by a remote network shutdown device, the quarantine manager generates a shutdown operation request in accordance with quarantine policy stored in a quarantine policy storage, and sends the request to a communication shutdown unit. In accordance with the shutdown operation request, the communication shutdown unit sets shutdown data identifying a target of shutdown and controls packets to be input to and output from the network segment so that the packets may be shut off or passed.Type: ApplicationFiled: March 1, 2006Publication date: January 4, 2007Applicant: FUJITSU LIMITEDInventors: Masahiro Komura, Kazumasa Omote, Yoshiki Higashikado, Masashi Mitomo, Bintatsu Noda, Satoru Torii
-
Publication number: 20060291469Abstract: A computer-readable recording medium recording a worm detection program which is preferably usable for a large-scale network and is capable of detecting worm communication with little information. A worm detection device which runs this program has a switching hub function, and comprises five physical ports that are network interfaces, a communication acquisition section, and a worm detector, for example. The communication acquisition section acquires ICMP type3 (destination unreachable message) packets going out of the physical ports. The worm detector determines whether the packet communication is worm communication, based on information on the ICMP type3 packets obtained for each source MAC address by the communication acquisition section and worm criteria set for determining whether communication is worm communication.Type: ApplicationFiled: February 7, 2006Publication date: December 28, 2006Applicant: FUJITSU LIMITEDInventors: Kazumasa Omote, Yoshiki Higashikado, Masahiro Komura, Bintatsu Noda, Masashi Mitomo, Satoru Torii
-
Publication number: 20060291490Abstract: A computer-readable recording medium having recorded a worm determination program capable of reliably determining a worm-infected communication. A worm determination apparatus for executing the program includes a plurality of physical ports functioning as network connection ports, a communication-information-acquisition unit, and a worm determination unit. The communication-information-acquisition unit acquires information about a packet type, classified according to a transmission-source address. The worm determination unit determines whether a communication is performed by a worm, based on the information about the packet type, classified according to the transmission-source address, acquired by the communication-information-acquisition unit and a determination criterion used for determining whether a communication is performed by a worm.Type: ApplicationFiled: February 3, 2006Publication date: December 28, 2006Applicant: FUJITSU LIMITEDInventors: Kazumasa Omote, Yoshiki Higashikado, Masahiro Komura, Bintatsu Noda, Masashi Mitomo, Satoru Torii
-
Publication number: 20060085857Abstract: In this system, a monitor unit monitors outbound communications through a network interface. A process designation unit designates a process 2X which has generated communications. A process tree obtaining unit obtains and outputs process tree information for designation of an upper process to the process 2X. A discrimination unit refers to an illegal rule file for definition of an illegal process by a combination of a process and an upper process which have generated communications, and determines whether or not a process 2X is illegal according to communications information, process information, and process tree information. A process stop unit stops a process 2X determined to be illegal. A notification unit notifies a user of the stop of the process 2X.Type: ApplicationFiled: January 25, 2005Publication date: April 20, 2006Applicant: Fujitsu LimitedInventors: Kazumasa Omote, Masahiko Takenaka, Satoru Torii
-
Publication number: 20050091533Abstract: A communication-information acquisition section 240a acquires information related to a traffic and communication address of a communication packet based on setting information related to acquisition of information that is stored in setting-data. Worm detection section makes a judgment of whether a communication is executed by a worm based on information acquired by the communication-information acquisition section and information related to judgment criteria that is stored in the setting-data and which regulates whether the communication is executed by a worm.Type: ApplicationFiled: March 30, 2004Publication date: April 28, 2005Inventors: Kazumasa Omote, Satoru Torii
-
Publication number: 20040168085Abstract: A security management apparatus is capable of taking various security measures while referencing machine information and hence excellent in flexibility and widely applicable. The apparatus includes a security diagnostic unit for making a security diagnosis on the basis of security information obtained from a security information providing apparatus for providing information concerning security in a network and further on the basis of machine information obtained from at least one network machine connected to a network to judge a type of security-related processing to be executed for the network machine and also judge whether or not the security-related processing needs to be executed. A security execution unit executes predetermined security measure processing for the network machine on the basis of a result of diagnosis made by the security diagnostic unit.Type: ApplicationFiled: December 9, 2003Publication date: August 26, 2004Applicant: FUJITSU LIMITEDInventors: Kazumasa Omote, Satoru Torii