Patents by Inventor Takeshi NAKATSURU

Takeshi NAKATSURU has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20230362182
    Abstract: An anomaly detection device is provided with a learning unit that generates a detection model using a communication log during normal operation of a communication apparatus as learning data and an anomaly detection unit that detects anomaly of the communication apparatus using the generated detection model. The anomaly detection device is further provided with a data acquisition unit that acquires a communication log (second communication log) generated during a predetermined period later than a first communication log and a determination unit that instructs relearning using the second communication log when there is difference information between the learning data (first communication log) of the current detection model and the second communication log and when the number of pieces of additional information (information on the additional flow) or the number of pieces of deletion information (information on the delete flow) included in the difference information satisfies predetermined evaluation criteria.
    Type: Application
    Filed: July 14, 2023
    Publication date: November 9, 2023
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Masami IZUMI, Tomoyasu SATO, Takeshi NAKATSURU, Takuya MINAMI, Naoto FUJIKI
  • Patent number: 11809580
    Abstract: An update device includes processing circuitry configured to store package management information that includes associations between files and packages including the files and information indicating existence/non-existence of dependence relationships among the packages, and an access control list that includes associations between the files and access source files permitted to access the files, refer, when a combination of a file and an access source file is specified, to the package management information to identify a package including the file and a package including the access source file, and add, when the identified package including the file and the identified package including the access source file are the same or are mutually in a dependence relationship, the specified combination to the access control list.
    Type: Grant
    Filed: December 20, 2019
    Date of Patent: November 7, 2023
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Kenichiro Muto, Takeshi Nakatsuru, Kazumi Kinoshita, Kimihiro Yamakoshi
  • Patent number: 11805142
    Abstract: A communication system including an operational network including a host and a learning and detection server, and a staging network including a host of the same type as the host, a test execution server, and a learning and detection server. The test execution server performs a communication test by transmitting test communication in a normal state to the host and receiving communication performed by the host. The learning and detection server learns the communication of the host, generates an initial model for detecting an anomalous communication of the host, and transmits the initial model to the learning and detection server. The learning and detection server learns the communication of the host and generates a model for detecting an anomalous communication of the host, while monitoring the communication of the host using the initial model received from the learning and detection server.
    Type: Grant
    Filed: June 26, 2019
    Date of Patent: October 31, 2023
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Takuya Minami, Tomoyasu Sato, Naoto Fujiki, Takeshi Nakatsuru, Masami Izumi
  • Publication number: 20230015273
    Abstract: A verification information modification device includes processing circuitry configured to acquire, from each verification device that uses verification information of software to verify a file forming the software, an error log relating to erroneous detection that has occurred in the verification device, when it is determined that a same error has occurred in a predetermined number or more of verification devices based on the acquired error log, extract an error log of the error from acquired error logs and create information indicating verification information that has caused the erroneous detection and candidates for modification details of the verification information based on the extracted error log, and output the information indicating verification information that has caused the erroneous detection and candidates for modification details of the verification information.
    Type: Application
    Filed: December 17, 2019
    Publication date: January 19, 2023
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Tsuneko KURA, Seishi OUCHI, Yuichi KOMATSU, Takeshi NAKATSURU
  • Publication number: 20220350612
    Abstract: An information processing device includes processing circuitry configured to determine whether or not there is integrity in predetermined data regarding a boot sequence of an Operating System (OS) during execution of shutdown of the OS, arid suspend shutdown of the OS when it is determined that there is no integrity in the predetermined data.
    Type: Application
    Filed: June 24, 2019
    Publication date: November 3, 2022
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Kenichiro MUTO, Kimihiro YAMAKOSHI, Takeshi NAKATSURU
  • Publication number: 20220292225
    Abstract: A storage unit stores a size of a free area of storage of target equipment, and software saved in the storage. The generation unit generates a graph including a number of nodes according to the size of the free area of the storage, and transmits the graph to the target equipment. The calculation unit calculates a hash value corresponding to each software block saved in the storage. The verification unit verifies the presence or absence of tampering of the storage of the target equipment using the hash value corresponding to the block calculated, a response calculated using the graph returned to a challenge that specifies a node of the graph, and a hash value corresponding to the block returned as the response to the challenge that specifies the block.
    Type: Application
    Filed: September 3, 2019
    Publication date: September 15, 2022
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Manami ITO, Kimihiro YAMAKOSHI, Hiroyoshi TAKIGUCHI, Takeshi NAKATSURU
  • Publication number: 20220292224
    Abstract: A verification information creation apparatus acquires an installation directory of software from equipment on which the software is installed, and acquires a file path and a hash value of a file whose hash value is acquirable based on types of files stored in the acquired directory. Then, the verification information creation apparatus creates verification information about the software, where the verification information includes the acquired file path and the hash value of the file.
    Type: Application
    Filed: July 23, 2019
    Publication date: September 15, 2022
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Tsuneko KURA, Seishi OUCHI, Takeshi NAKATSURU, Kazumi KINOSHITA
  • Publication number: 20220269803
    Abstract: A verification information creation apparatus includes an analysis section configured to acquire a file path and a hash value of a file to be checked using the hash value during verification of the file out of files contained in a software package by executing a predetermined command for the software package; and a verification information creation section configured to create verification information for software in the software package, the verification information including the file path and the hash value of the file, the file path and the hash value being acquired by the analysis section.
    Type: Application
    Filed: July 23, 2019
    Publication date: August 25, 2022
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Tsuneko KURA, Seishi OUCHI, Kazumi KINOSHITA, Takeshi NAKATSURU
  • Patent number: 11316770
    Abstract: An anomaly detection device includes a memory, and processing circuitry coupled to the memory and configured to acquire communication feature values of communication devices, calculate, for each transmission source MAC address included in the communication feature values acquired, a total value of the number of transmitted and received packets or a total value of the number of bytes, for each layer-2 switch connected to a corresponding communication device, and determine, for each transmission source MAC address, that a communication device corresponding to the transmission source MAC address is connected to a layer-2 switch whose total value of the number of transmitted and received packets or total value of the number of bytes calculated is the largest.
    Type: Grant
    Filed: May 28, 2019
    Date of Patent: April 26, 2022
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Naoto Fujiki, Tomoyasu Sato, Takeshi Nakatsuru, Takuya Minami, Masami Izumi
  • Publication number: 20220092195
    Abstract: An update device includes processing circuitry configured to store package management information that includes associations between files and packages including the files and information indicating existence/non-existence of dependence relationships among the packages, and an access control list that includes associations between the files and access source files permitted to access the files, refer, when a combination of a file and an access source file is specified, to the package management information to identify a package including the file and a package including the access source file, and add, when the identified package including the file and the identified package including the access source file are the same or are mutually in a dependence relationship, the specified combination to the access control list.
    Type: Application
    Filed: December 20, 2019
    Publication date: March 24, 2022
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Kenichiro MUTO, Takeshi NAKATSURU, Kazumi KINOSHITA, Kimihiro YAMAKOSHI
  • Publication number: 20220027256
    Abstract: An application operation control device includes processing circuitry configured to store associated file information that indicates, in association with each other, an application and an associated file that is a file whose integrity is to be verified when integrity of the application is determined, and associated application information that indicates, in association with each other, the application and an associated application that is an application that is potentially affected when the integrity of the application is damaged, determine integrity of the associated file of the application, and in a case where, among a plurality of the associated files of the application, integrity of any of the plurality of the associated files is determined to be damaged, extract, as a target application for operation control, an application associated with an associated file the integrity of which is determined to be damaged from the associated file information.
    Type: Application
    Filed: November 13, 2019
    Publication date: January 27, 2022
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Kazumi KINOSHITA, Takeshi NAKATSURU
  • Publication number: 20220027218
    Abstract: An information creating device includes processing circuitry configured to identify, for a plurality of applications, one or more files that are accessed due to activation or operation of an application of the plurality of applications during the activation or the operation of the application, identify, for the plurality of applications, one or more other applications that transmit and receive data to and from the application, and store, in a memory, associated file information that indicates, for the plurality of applications, the one or more files accessed during the activation or the operation of the application as associated files of the application, and associated application information that indicates, for the plurality of applications, the one or more other applications that transmit and receive data to and from the application as associated application of the application.
    Type: Application
    Filed: November 13, 2019
    Publication date: January 27, 2022
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Kazumi KINOSHITA, Takeshi NAKATSURU
  • Publication number: 20210273963
    Abstract: A generation device includes a memory, and processing circuitry coupled to the memory and configured to sense anomaly of a network based on information having a plurality of items related to communication in the network, identify a cause of anomaly corresponding to each piece of the information when anomaly is sensed, and generate, based on values of the items in the information and the cause of anomaly identified, a cause-of-anomaly pattern for each predetermined set of pieces of the information.
    Type: Application
    Filed: July 2, 2019
    Publication date: September 2, 2021
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Takeshi NAKATSURU, Tomoyasu SATO, Takuya MINAMI, Naoto FUJIKI, Masami IZUMI
  • Publication number: 20210273964
    Abstract: An anomaly detection device is provided with a learning unit that generates a detection model using a communication log during normal operation of a communication apparatus as learning data and an anomaly detection unit that detects anomaly of the communication apparatus using the generated detection model. The anomaly detection device is further provided with a data acquisition unit that acquires a communication log (second communication log) generated during a predetermined period later than a first communication log and a determination unit that instructs relearning using the second communication log when there is difference information between the learning data (first communication log) of the current detection model and the second communication log and when the number of pieces of additional information (information on the additional flow) or the number of pieces of deletion information (information on the delete flow) included in the difference information satisfies predetermined evaluation criteria.
    Type: Application
    Filed: June 24, 2019
    Publication date: September 2, 2021
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Masami IZUMI, Tomoyasu SATO, Takeshi NAKATSURU, Takuya MINAMI, Naoto FUJIKI
  • Publication number: 20210218659
    Abstract: An anomaly detection device includes a memory, and processing circuitry coupled to the memory and configured to acquire communication feature values of communication devices, calculate, for each transmission source MAC address included in the communication feature values acquired, a total value of the number of transmitted and received packets or a total value of the number of bytes, for each layer-2 switch connected to a corresponding communication device, and determine, for each transmission source MAC address, that a communication device corresponding to the transmission source MAC address is connected to a layer-2 switch whose total value of the number of transmitted and received packets or total value of the number of bytes calculated is the largest.
    Type: Application
    Filed: May 28, 2019
    Publication date: July 15, 2021
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Naoto FUJIKI, Tomoyasu SATO, Takeshi NAKATSURU, Takuya MINAMI, Masami IZUMI
  • Publication number: 20210160270
    Abstract: A communication system including an operational network including a host and a learning and detection server, and a staging network including a host of the same type as the host, a test execution server, and a learning and detection server. The test execution server performs a communication test by transmitting test communication in a normal state to the host and receiving communication performed by the host. The learning and detection server learns the communication of the host, generates an initial model for detecting an anomalous communication of the host, and transmits the initial model to the learning and detection server. The learning and detection server learns the communication of the host and generates a model for detecting an anomalous communication of the host, while monitoring the communication of the host using the initial model received from the learning and detection server.
    Type: Application
    Filed: June 26, 2019
    Publication date: May 27, 2021
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Takuya MINAMI, Tomoyasu SATO, Naoto FUJIKI, Takeshi NAKATSURU, Masami IZUMI