Abstract: An information processing apparatus includes a structuring control means and a concretization control means. The structuring control means acquires request information described in a natural language, generates at least one or more requirement information candidates based on the acquired request information, and structures the generated at least one or more requirement information candidates. The concretization control means concretizes the at least one or more structured requirement information candidates.

Abstract: An attack route extraction system includes a functional part which extracts one or more attack steps that can be performed by a system to be diagnosed according to configuration information of the system to be diagnosed; a cost setting part which sets a cost to the attack step based on at least one piece of information of threat information, attack content information, countermeasure possibility information based on countermeasure information corresponding to an attack method; and an attack route extraction part which determines a priority of each attack route acquired by concatenating the one or more attack steps from an intrusion point to an attack target of the system to be diagnosed based on the cost of the attack step set by the cost setting part and extracts the one or more attack route in a descending order of the priority.

Abstract: An attack graph processing device includes a node extraction unit which extracts a node relating to a rule classified into a predetermined group from an attack graph that is configured from one or more nodes indicating the state of a system to be diagnosed, or the state of the primary agent of an attack on the system to be diagnosed, and one or more edges indicating the relationship among a plurality of nodes, the attack graph being generated using rules indicating a condition in which the attack can be executed, and a graph configuration unit which simplifies the attack graph on the basis of the extracted node.

Abstract: To implement a security assessment system capable of assessing an attack path including an air gap path, there is provided an information processing apparatus including a system configuration detector that detects at least two hosts included in a system and a communication link between the at least two hosts, an air gap path detector that detects, among the at least two hosts, a pair of hosts between which there is no communication link but data movement can occur, and a security assessment unit that performs security assessment using a detection result by the system configuration detector and a detection result by the air gap path detector.

Abstract: An information collection system includes: a side-channel information processing unit that derives load information to estimate an impact on the availability of a target machine for active scanning by using side-channel data; an allow list generation unit that generates an allow list including a scan timing and a scan range in which the availability is not affected, the allow list generation unit generating the allow list based on the load information; and an allow list storage unit that stores the allow list. An active scan of the target machine is executed by referencing the allow list stored in the allow list storage unit to collect asset information of the target machine.

Abstract: A security countermeasure planning system includes a functional part which calculates one or more risk values of one or more resources included in a system to be diagnosed, a risk change estimation part which estimates one or more future risk estimation values of the one or more risk values of the one or more resources which the functional part calculates, and a countermeasure determination part which selects a countermeasure plan based on the one or more future risk estimation values estimated by the risk change estimation part.

Abstract: An information processing apparatus includes an access attribute estimating unit that estimates access attributes representing attributes for an access request for an information asset, transmitted to the information asset from a terminal device, a likelihood calculation unit that calculates a likelihood for each access attribute, an access risk calculation unit that calculates an access risk for the access request, using the likelihoods, and a determination unit that determines whether to permit the access request for the information asset, based on the access risk.

Abstract: An analysis apparatus includes an analysis target selection unit configured to select entities to be analyzed, an attack graph generation unit configured to generate an attack graph for a set of the selected entities, and a countermeasure implementation assumption unit configured to assume that a countermeasure for invalidating an attack condition is implemented in the generated attack graph. The attack graph generation unit generates the attack graph on a precondition that the countermeasure for invalidating the attack condition assumed by the countermeasure implementation assumption unit has been implemented. The analysis target selection unit selects at least one of all the entities to be analyzed and adds the selected entity in the analysis targets in each of the plurality of cycles.

Abstract: An access policy display device includes an image generation unit which sets an image region for each combination of an attribute value of one attribute and an attribute value of another attribute in two attributes selected from two or more attributes constituting a condition of an access policy, calculates the degree of access permission or access denial in a plurality of the combinations, and generates an image in which a plurality of the image regions is displayed that allows for distinguishing the degree, and a display which displays the image.

Abstract: A policy consistency verification apparatus includes a policy conversion part configured to generate an If-Then rule approximating a policy function used as an input, wherein the policy function is generated from policy definition defining attribute value of access and a rule regarding accessibility to obtain an output of accessibility from inputs of the attribute value; and an error sample generation part configured to verify consistency between the If-Then rule and the policy definition to generate inconsistent attribute value as an error sample.

Abstract: A display apparatus (10) includes an acquiring unit (11) configured to acquire configuration information of an information system that includes a plurality of nodes; a determining unit (12) configured to determine a display method of displaying an object of security information display concerning a node in the acquired configuration information, based on a security characteristic of an attackable element used to attack the object of security information display and a security characteristic of a preventive measure element preventing an attack on the object of security information display; and a display unit (13) configured to, when displaying a system configuration of the information system, display the object of security information display in accordance with the determined display method.

Abstract: A security assessment system is configured to provide a duplicated environment which duplicates an assessment target system comprising a plurality of physical components. The security assessment system includes a duplicated environment design circuitry and a duplicated environment construction circuitry. The duplicated environment design circuitry is configured to select a duplication level based on constraints specified by a user in order to design the duplicated environment to produce a designed result indicative of a duplicated environment design. The duplication level is indicative of any one of a simulation sub-module, an emulation sub-module, and a physical sub-module which are for reproducing the physical components of the assessment target system. The duplicated environment construction circuitry is configured to construct the duplicated environment based on the designed result. The duplicated environment includes components which are duplicated by one of the duplication level.

Abstract: A risk analysis is conducted without increasing the computational cost. A grouping means groups a plurality of hosts included in a system to be analyzed into a plurality of groups. A virtual analysis element generation means generates at least one virtual analysis element for each of the plurality of groups. An analysis means analyzes whether an attack against the virtual analysis element being an end point of an attack is possible by using the virtual analysis element. An analysis target element determination means determines, as a target of a risk analysis, a host corresponding to the virtual analysis element included in a path where the attack occurs among hosts included in the system to be analyzed. An analysis means analyzes whether an attack against the host being the end point of the attack is possible for the host determined as a target of the risk analysis.

Abstract: A security assessment system is configured to provide a duplicated environment which duplicates an assessment target system comprising a plurality of physical components. The security assessment system includes a duplicated environment design circuitry and a duplicated environment construction circuitry. The duplicated environment design circuitry is configured to select a duplication level based on constraints specified by a user and effects associated with the physical components in order to design the duplicated environment to produce a designed result indicative of a duplicated environment design. The duplication level is indicative of any one of a simulation sub-module, an emulation sub-module, and a physical sub-module which are for reproducing the physical components of the assessment target system. The duplicated environment construction circuitry is configured to construct the duplicated environment based on the designed result.

Abstract: This security evaluation system includes a first graph generation part that generates a first evaluation graph representing a connection relationship between resources as a target for security evaluation; a second graph generation part that generates a second evaluation graph representing a personal relationship between areas where the resources are located; and display part that displays the first evaluation graph and the second evaluation graph in association with each other.

Abstract: The knowledge generation apparatus (2000) obtains a plural pieces of attack result information (100), which includes a configuration of an attack performed on the computer environment, a configuration of the computer environment attacked, and a result of the attack. By comparing the obtained attack result information (100), the knowledge generation apparatus (2000) detects environment conditions, which is regarding the configuration of the computer environment that are necessary for the success of the attack. The knowledge generation apparatus (2000) performs selection on the detected environment conditions based on a selection rule (200), and generates the knowledge information (300) that includes the selected environment conditions. The selection rule represents a rule for determining whether to include the environment condition in the knowledge information (300), with respect to a feature of a set of attacks that are affected by the environment condition.

Abstract: An analysis system includes: an unconfirmed fact generation unit which generates facts that indicate unknown information of a system to be diagnosed or a device among facts that indicate a state related to security in the system to be diagnosed or the device included in the system to be diagnosed, as unconfirmed facts.

Abstract: An attack information processing apparatus (10) includes an extraction unit (11) configured to extract first and second attack knowledge pieces indicating conditions of a cyber attack from first and second attack information pieces including descriptions of the cyber attack, a determination unit (12) configured to determine similarity between the first and second attack information pieces, and a complementing unit (13) configured to complement the first attack knowledge piece with the second attack knowledge piece based on the determined similarity.

Abstract: To implement a security assessment system capable of assessing an attack path including an air gap path, there is provided an information processing apparatus including a system configuration detector that detects at least two hosts included in a system and a communication link between the at least two hosts, an air gap path detector that detects, among the at least two hosts, a pair of hosts between which there is no communication link but data movement can occur, a calculator that calculates a score concerning a possibility that the pair of hosts detected by the air gap path detector is used for an attack, and a security assessment unit that performs security assessment using the hosts, the communication link between the hosts, information of the pair of hosts, and the score.

Abstract: An apparatus (1 or 3) determines a device-to-device (D2D) radio resource to be allocated to one or more D2D transmissions from at least one remote terminal (1) to a first relay terminal (2) while considering a quality metric of an uplink from the first relay (2) terminal to a base station (3). In this way, for example, it is possible to contribute to avoiding inconsistency of performance between sidelink transmission from the remote terminal to the relay terminal and uplink transmission from the relay terminal to the base station.