Abstract: A non-transitory computer-readable storage medium storing a program that cause a processor included in an information processing apparatus to execute a process, the process includes collecting a plurality of types of cyberattack information; evaluating a number of types of cyberattacks in which feature information of the cyberattack appears based on the collected cyberattack information; and when receiving specification of the feature information of a cyberattack, responding evaluation results of the number of types of cyberattacks in which the specified feature information of the cyberattack appears.

Abstract: A cyber attack information processing apparatus includes a memory and a processor configured to, when a first system obtains first information regarding a cyber attack from a first terminal, store the first information in a state that the first information is accessible to a second terminal that is capable of accessing the first system, convert the first information having a first data structure into second information having a second data structure usable by a second system wherein the second information is to be provided for the second system, when the second system obtains third information regarding another cyber attack, convert the third information having the second data structure into fourth information having the first data structure, and provide the second terminal with the fourth information.

Abstract: A non-transitory computer-readable storage medium storing a program that causes an information processing apparatus to execute a process, the process includes executing a first program and a second program using a system including a kernel of an OS, acquiring first information regarding a first API call and second information regarding a second API call, executing a similarity judgment process in which a similarity between the first program and the second program is judged, wherein the first information is information indicating at least one of a type of the first API call, the number of executions of the first API call, and a call order of the first API call, the second information includes at least one of a type of the second API call, the second information includes the number of executions of the second API call, and a call order of the second API cal.

Abstract: A cyber attack information processing apparatus includes one or more memories, and one or more processors coupled to the one or more memories and the one or more processors configured to, when acquiring information regarding a first cyber attack, store the information in the one or more memories in association with reliability based on an acquisition source of the information, and when detecting that posted information related to the information is uploaded from a terminal, perform update of the reliability associated with the information in accordance with first reliability of the posted information.

Abstract: A malware inspection support system includes one or more memories, and one or more processors coupled to the one or more memories and the one or more processors configured to, when a first terminal belonging to a first system is infected with malware, in response to receiving, from the first terminal, a first packet destined for a second terminal, perform determination of whether the first packet satisfies a specific condition, when it is determined that the first packet satisfies the specific condition, change a destination address of the first packet to an address of a third terminal belonging to a second system, and transmit the changed first packet to the third terminal.

Abstract: A non-transitory computer-readable storage medium storing a program that cause a processor included in an information processing apparatus to execute a process, the process includes collecting a plurality of types of cyberattack information; evaluating a number of types of cyberattacks in which feature information of the cyberattack appears based on the collected cyberattack information; and when receiving specification of the feature information of a cyberattack, responding evaluation results of the number of types of cyberattacks in which the specified feature information of the cyberattack appears.

Abstract: A non-transitory computer-readable recording medium storing a control program causing a computer to execute processing, the processing includes: displaying a first node of a first type and a second node of a second type; receiving registration of a third node representing an access destination in association with the first node; receiving registration of a fourth node representing mask processing on information in association with the second node; receiving registration of a fifth node representing an information category in association with the second node; allowing transmission of information about a cyber attack event to the third node; and providing the information about the cyber attack event after executing the mask processing associated with the fourth node on information belonging to the information category associated with the fifth node, when the information about the cyber attack event is transmitted to the third node.

Abstract: A non-transitory recording medium recording a cyber-attack analysis supporting program that causes a computer to execute a process, the process includes: accepting registration of information of one or more items regarding a cyber-attack event in response to detection of malware in an information processing system of a monitoring target; and displaying the information registered regarding the cyber-attack event in a state in which each of the one or more items is coupled as a subordinate node to a representative node of the cyber-attack event.

Abstract: A non-transitory computer readable recording medium storing a computer executable program that, when executed, causes a computer to perform a cyber attack analysis support process, the cyber attack analysis support process includes: when information of a first cyber attack event including information of malware is registered as a result of a detection of the malware within an information processing system to be monitored, searching for a second cyber attack event having a similarity relationship with the first cyber attack event by referring to a storage storing information on past cyber attack events; and displaying information of the searched second cyber attack event and the registered information of the first cyber attack event on a display circuit.

Abstract: A cyber attack information processing apparatus includes one or more memories, and one or more processors coupled to the one or more memories and the one or more processors configured to, when acquiring information regarding a first cyber attack, store the information in the one or more memories in association with reliability based on an acquisition source of the information, and when detecting that posted information related to the information is uploaded from a terminal, perform update of the reliability associated with the information in accordance with first reliability of the posted information.

Abstract: A cyber attack information processing apparatus includes a memory and a processor configured to, when a first system obtains first information regarding a cyber attack from a first terminal, store the first information in a state that the first information is accessible to a second terminal that is capable of accessing the first system, convert the first information having a first data structure into second information having a second data structure usable by a second system wherein the second information is to be provided for the second system, when the second system obtains third information regarding another cyber attack, convert the third information having the second data structure into fourth information having the first data structure, and provide the second terminal with the fourth information.

Abstract: A non-transitory computer-readable storage medium storing a program that causes an information processing apparatus to execute a process, the process includes executing a first program and a second program using a system including a kernel of an OS, acquiring first information regarding a first API call and second information regarding a second API call, executing a similarity judgment process in which a similarity between the first program and the second program is judged, wherein the first information is information indicating at least one of a type of the first API call, the number of executions of the first API call, and a call order of the first API call, the second information includes at least one of a type of the second API call, the second information includes the number of executions of the second API call, and a call order of the second API cal.

Abstract: According to an aspect of an embodiment, a method of establishing a chain of trust into a virtual machine on a hardware system is described. The method may include measuring an immutable portion of a virtual machine image configured to instantiate as the virtual machine to generate a trust anchor measurement. The method may also include storing the trust anchor measurement in a sealed memory.

Abstract: A non-transitory computer readable recording medium storing a computer executable program that, when executed, causes a computer to perform a cyber attack analysis support process, the cyber attack analysis support process includes: when information of a first cyber attack event including information of malware is registered as a result of a detection of the malware within an information processing system to be monitored, searching for a second cyber attack event having a similarity relationship with the first cyber attack event by referring to a storage storing information on past cyber attack events; and displaying information of the searched second cyber attack event and the registered information of the first cyber attack event on a display circuit.

Abstract: A non-transitory recording medium recording a cyber-attack analysis supporting program that causes a computer to execute a process, the process includes: accepting registration of information of one or more items regarding a cyber-attack event in response to detection of malware in an information processing system of a monitoring target; and displaying the information registered regarding the cyber-attack event in a state in which each of the one or more items is coupled as a subordinate node to a representative node of the cyber-attack event.

Abstract: A non-transitory computer-readable recording medium storing a control program causing a computer to execute processing, the processing includes: displaying a first node of a first type and a second node of a second type; receiving registration of a third node representing an access destination in association with the first node; receiving registration of a fourth node representing mask processing on information in association with the second node; receiving registration of a fifth node representing an information category in association with the second node; allowing transmission of information about a cyber attack event to the third node; and providing the information about the cyber attack event after executing the mask processing associated with the fourth node on information belonging to the information category associated with the fifth node, when the information about the cyber attack event is transmitted to the third node.

Abstract: In accordance with particular embodiments, a method for managing power consumption includes receiving from a plurality of electricity relays an indication of a current state associated with each of the plurality of electricity relays. The method also includes receiving a power rate associated with a cost of power. The method further includes determining a threshold state based on the power rate and the current state associated with each of the plurality of electricity relays. The method additionally includes transmitting one or more control requests to one or more of the plurality of electricity relays. A first control request transmitted to a first electricity relay is based on the threshold state and a first current state associated with the first electricity relay.

Abstract: A networked device performs integrity authentication by determining, using a processor, a measured integrity value of the device. The measured integrity value is compared by the processor to an embedded integrity value of the device. Application of a policy to the device is facilitated by the processor based on the comparison.

Abstract: A system and method are disclosed for providing and maintaining a high level of security during migration of data from one platform to another. The disclosed system combines user and equipment authentication with equipment environment authorization guaranteed by a security module such as supported by a trusted platform module (TPM) in parallel, for secure information transfer to support migration between platforms.

Abstract: In accordance with a particular embodiment, a method for managing power consumption includes receiving power rate information and receiving power usage information. The method also includes receiving a plurality of personal preference profiles. Each personal preference profile of the plurality of personal preference profiles is associated with a different user of a plurality of users and includes at least one preferred state associated with a respective user. The method further includes detecting a presence of at least one user within a room. The method additionally includes adjusting at least one state associated with the room based on the at least one preferred state associated with the at least one user within the room, the power rate information, and the power usage information.