Abstract: An object of the present invention is to provide an emulsion composition having excellent emulsion stability. The object is achieved by an emulsion composition comprising an oily component, gum arabic having a molecular weight of not less than 1 million, and a salt, the salt content being 90 parts by mass or less per 100 parts by mass of the gum arabic.

Abstract: An object of the present invention is to provide an emulsion composition having excellent emulsion stability. The object is achieved by an emulsion composition comprising an oily component, gum arabic having a molecular weight of not less than 1 million, and a salt, the salt content being 90 parts by mass or less per 100 parts by mass of the gum arabic.

Abstract: A quantum cryptographic key output apparatus includes a semiconductor laser device that repeatedly generates pulsed laser light, an encoder that encodes the pulsed laser light based on a quantum cryptographic key, an optical branching unit that branches the pulsed laser light, and an attenuator that attenuates a light intensity of first pulsed laser light so that the number of photons of the first pulsed laser light has any one of a plurality of candidate values that are values equal to or smaller than 1. Further, the output apparatus includes a light intensity determination unit that determines whether or not a light intensity of a second pulsed laser light is in a predetermined range, and an information output unit that outputs specifying information for specifying the first pulsed laser light corresponding to second pulsed laser light of which the light intensity is not in the predetermined range to an input apparatus.

Abstract: An information processing system is configured to execute: storing game media possessed by a player; storing, in a preliminary period, first group information for identifying game media corresponding to a first game condition in a first storage area and second group information for identifying game media corresponding to a second game condition in a second storage area; storing, in a post period, the second group information in the first storage area; enabling, in the preliminary period, the execution of games using the first and second group information; enabling, in the post period, the execution of a game using the second group information stored in the first storage area and disabling the execution of a game using the first group information; and storing, in the first storage area in the post period, the second group information stored in the second storage area in the preliminary period.

Abstract: A log acquirer acquires an analysis communication log and a malicious communication log. A signature generator generates a signature serving as a condition for detecting a terminal infected with malware based on a field and a value included in the malicious communication log. A malware analysis report acquirer acquires information on the malware. A malware information adder adds the information on the malware to the signature. A log analyzer analyzes the analysis communication log using the signature and detects the terminal infected with the malware. A detection result display unit displays the detection result obtained from the analysis communication log by the log analyzer and the information on the malware added to the signature used in the analysis of the analysis communication log in a manner associated with each other.

Abstract: A log acquirer acquires a communication log to be analyzed obtained from communications in a predetermined network. A log analyzer detects a terminal conforming to an analysis rule using a signature generated based on the characteristics of a communication log generated by a terminal infected with malware. A primary scorer and a secondary scorer calculate a score indicating the degree of threat for a detection result including the information on the terminal detected by the log analyzer and an analysis rule to which the terminal conforms using the information on the analysis rule and the information on the detection result. A detection result display unit outputs the detection result and the score calculated by the primary scorer and the secondary scorer.

Abstract: A random number sequence generation apparatus includes: a semiconductor laser device repeatedly generating a pulsed laser beam having a disordered phase; an interferometer including a first transmission line and a second transmission line, a first port connected to an input terminal side and to which the pulsed laser beam is input, a second port connected to an output terminal side and outputs the pulsed laser beam, and a third port connected to the input terminal side; a Faraday mirror connected to the second port and reflecting the pulsed laser beam; a photodiode connected to the third port and outputs an electrical signal in accordance with interference light of the pulsed laser beam that is reflected by the Faraday mirror and passes through one of the transmission lines; and an AD converter configured to generate a random number sequence on the basis of the electrical signal and a threshold.

Abstract: A playback device reads a traffic file which is a dump file of traffic when malicious or benign traffic is generated and generates traffic based on the traffic file on a network having a security instrument that generates an event in accordance with the traffic. In addition, a determination device collects an event generated by the security instrument for the generated traffic and, on the basis of a feature extracted from the collected event, determines whether the event to be determined is for malicious traffic or benign traffic.

Abstract: A traffic feature information extraction method including a regular expression process, a clustering process, and a feature information extraction process. The regular expression process extracts an item set in advance from a traffic log and represents a partial character string included in the item in a regular expression based on a predetermined rule. The clustering process clusters an entry of the traffic log represented in the regular expression. The feature information extraction process extracts, as traffic feature information of each of clusters, an entry having a minimum total sum of distances among entries included in the clustered traffic logs.

Abstract: A playback device reads a traffic file which is a dump file of traffic when malicious or benign traffic is generated and generates traffic based on the traffic file on a network having a security instrument that generates an event in accordance with the traffic. In addition, a determination device collects an event generated by the security instrument for the generated traffic and. on the basis of a feature extracted from the collected event, determines whether the event to be determined is for malicious traffic or benign traffic.

Abstract: An object of the present invention is to provide an emulsion composition having excellent emulsion stability. The object is achieved by an emulsion composition comprising an oily component, gum arabic having a molecular weight of not less than 1 million, and a salt, the salt content being 90 parts by mass or less per 100 parts by mass of the gum arabic.

Abstract: A blacklist generating device acquires a malicious communication log and a normal communication log. A malicious communication profile extracting function calculates statistics on communication patterns included in the malicious communication log and outputs a communication pattern satisfying a certain condition to a potential blacklist. A normal communication profile extracting function calculates statistics on communication patterns included in the normal communication log and outputs a communication pattern satisfying a certain condition to a whitelist. A blacklist creating function searches the potential blacklist for a value with the value on the whitelist, excludes a coincident communication pattern from the potential blacklist, and creates a blacklist.

Abstract: A malicious URL candidate extraction device extracts, from an access log including URLs accessed from a managed network, a known malicious URL excluded access log obtained by excluding an access log to known malicious URLs. The malicious URL candidate extraction device creates a minor URL list obtained by preferentially extracting, from URLs indicated in the known malicious URL excluded access log, URLs having a small number of times of access from the managed network. The malicious URL candidate extraction device also creates a popular URL excluded list obtained by preferentially excluding URLs having a large number of times of access from the managed network during a predetermined period of time. The malicious URL candidate extraction device outputs these lists as a malicious URL candidate list.

Abstract: A URL selection method disclosed in the present application includes a first extraction step and a second extraction step. The first extraction step extracts URLs up to an upper limit value of the number of URLs set to each of URL groups in a range where a total number of URLs is within a predetermined number of URLs, in order of priority set to each of the URL groups, from each of the URL groups identified by analyzing a traffic log by techniques in different categories. The second extraction step further extracts URLs within the predetermined number of URLs, based on the priority, when the total number of URLs extracted from each of the URL groups in the first extraction step is less than the predetermined number of URLs.

Abstract: A malicious communication pattern extraction device includes: a statistical value calculation unit that calculates a statistical value for an appearance frequency of each of plural communication patterns, from a traffic log obtained from traffic caused by malware, and a traffic log obtained from traffic in a predetermined communication environment; a malicious list candidate extraction unit that compares between the appearance frequency of the traffic logs for each of the communication patterns, based on the calculated statistical value, and extracts the communication pattern as the malicious communication pattern when a difference between both of the appearance frequencies is equal to or more than a predetermined threshold; and a threshold setting unit that sets a threshold so that an erroneous detection rate probability of erroneously detecting the traffic caused by malware and a detection rate probability of detecting the traffic caused by malware is equal to or more than a certain value.

Abstract: A quantum cryptographic key output apparatus includes a semiconductor laser device that repeatedly generates pulsed laser light, an encoder that encodes the pulsed laser light based on a quantum cryptographic key, an optical branching unit that branches the pulsed laser light, and an attenuator that attenuates a light intensity of first pulsed laser light so that the number of photons of the first pulsed laser light has any one of a plurality of candidate values that are values equal to or smaller than 1. Further, the output apparatus includes a light intensity determination unit that determines whether or not a light intensity of a second pulsed laser light is in a predetermined range, and an information output unit that outputs specifying information for specifying the first pulsed laser light corresponding to second pulsed laser light of which the light intensity is not in the predetermined range to an input apparatus.

Abstract: A log acquirer acquires a communication log to be analyzed obtained from communications in a predetermined network. A log analyzer detects a terminal conforming to an analysis rule using a signature generated based on the characteristics of a communication log generated by a terminal infected with malware. A primary scorer and a secondary scorer calculate a score indicating the degree of threat for a detection result including the information on the terminal detected by the log analyzer and an analysis rule to which the terminal conforms using the information on the analysis rule and the information on the detection result. A detection result display unit outputs the detection result and the score calculated by the primary scorer and the secondary scorer.

Abstract: A log acquirer acquires an analysis communication log and a malicious communication log. A signature generator generates a signature serving as a condition for detecting a terminal infected with malware based on a field and a value included in the malicious communication log. A malware analysis report acquirer acquires information on the malware. A malware information adder adds the information on the malware to the signature. A log analyzer analyzes the analysis communication log using the signature and detects the terminal infected with the malware. A detection result display unit displays the detection result obtained from the analysis communication log by the log analyzer and the information on the malware added to the signature used in the analysis of the analysis communication log in a manner associated with each other.

Abstract: An extraction criterion determination method performed by an extraction criterion determination apparatus includes collecting a log information entry that is in a predetermined period of time and determined to be a specific communication, extracting a communication satisfying a criterion used to extract the specific communication from log information entries from the collected log information entries with reference to a storage unit storing an extraction criterion in which the criterion is defined, determining to adopt the extraction criterion when the ratio of the specific communications to the extracted communications is larger than or equal to a threshold, and performing a control to output the adopted extraction criterion.

Abstract: A random number sequence generation apparatus includes: a semiconductor laser device repeatedly generating a pulsed laser beam having a disordered phase; an interferometer including a first transmission line and a second transmission line, a first port connected to an input terminal side and to which the pulsed laser beam is input, a second port connected to an output terminal side and outputs the pulsed laser beam, and a third port connected to the input terminal side; a Faraday mirror connected to the second port and reflecting the pulsed laser beam; a photodiode connected to the third port and outputs an electrical signal in accordance with interference light of the pulsed laser beam that is reflected by the Faraday mirror and passes through one of the transmission lines; and an AD converter configured to generate a random number sequence on the basis of the electrical signal and a threshold.