Patents by Inventor Yukio NAGAFUCHI

Yukio NAGAFUCHI has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10972490
    Abstract: A specifying device receives detection information from a security device that detects hacking into a network or an activity of a terminal related to infection, and specifies a state of the terminal from information of the terminal and content of activity of the terminal included in the detection information. The specifying device specifies, when specifying that the terminal is in the state of being infected with malware, a terminal that may be infected before performing the content of the activity of the terminal included in the detection information based on connection information stored in a configuration information storage device, and specifies a terminal located on a route, along which the infected terminal is likely to be used for hacking or for infection of the terminal in the future, as a candidate for an infected terminal likely to be infected.
    Type: Grant
    Filed: October 5, 2016
    Date of Patent: April 6, 2021
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Yasuhiro Teramoto, Bo Hu, Toshiharu Kishi, Yukio Nagafuchi, Takaaki Koyama, Hideo Kitazume
  • Publication number: 20210014225
    Abstract: A communication control apparatus includes a collection control unit, an analysis unit, and a coordination unit. The collection control unit collects communication performed with a device connected to a subordinate network, and controls communication performed by the device based on a first control condition; The analysis unit analyzes the communication collected by the collection control unit to extract device identification information indicating characteristics of the communication performed by the device. The analysis unit specifies a device name of the device and the first control condition corresponding to a normal communication range extracted from the device identification information, based on the device identification information.
    Type: Application
    Filed: March 1, 2019
    Publication date: January 14, 2021
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Iifan TYOU, Masaki TANIKAWA, Yukio NAGAFUCHI, Shingo KASHIMA, Tetsuhiko MURATA, Kenji OTA, Takuya SAEKI, Tsuyoshi KONDO, Koki NOMURA, Akio MUKAIYAMA, Hiroki NAGAYAMA
  • Publication number: 20200401497
    Abstract: A detecting device includes a memory, and processing circuitry coupled to the memory and configured to collect communication information from a communication device, have a model learn a characteristic of the communication information by the communication device using the communication information collected for each of the communication devices, and input communication information on a detection target to the model, detect whether the communication information on the detection target indicates abnormal communication on the basis of an output result from the model, and have the model relearn at the learning when the number of detected abnormalities about the communication information during a predetermined evaluation period exceeds a first threshold value.
    Type: Application
    Filed: February 25, 2019
    Publication date: December 24, 2020
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Takuya SAEKI, Iifan TYOU, Yukio NAGAFUCHI, Masaki TANIKAWA
  • Publication number: 20200374290
    Abstract: A collection unit (15a) collects information on IoT devices connected to IoT gateways and white lists of the IoT devices, retained by the IoT gateways. An extraction unit (15b) extracts white lists of IoT devices that satisfies a prescribed condition related to the number of the IoT devices of each model or the number of installed locations of the IoT devices of each model from the collected white lists of the IoT devices using the collected information on the IoT devices so as to create a tentative white list. A coupling unit (15c) couples the created tentative white list and the white lists retained by the respective IoT gateways together so as to create a white list applied to the respective IoT gateways.
    Type: Application
    Filed: March 1, 2019
    Publication date: November 26, 2020
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Koki NOMURA, Yukio NAGAFUCHI, Masaki TANIKAWA
  • Patent number: 10616270
    Abstract: An optimization apparatus collects cyber attack information that is information related to a cyber attack, and system information that is information related to an entire system including a device that has received the cyber attack. Based on the collected cyber attack information and system information, the optimization apparatus identifies an attack route of the cyber attack, and extracts, as dealing point candidates, devices that are on the attack route and have an effective dealing function against the cyber attack. Subsequently, the optimization apparatus selects a dealing point from the extracted dealing point candidates by using optimization logic that has been set.
    Type: Grant
    Filed: November 5, 2015
    Date of Patent: April 7, 2020
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Bo Hu, Toshiharu Kishi, Hideo Kitazume, Takaaki Koyama, Yukio Nagafuchi, Yasuhiro Teramoto
  • Publication number: 20190081970
    Abstract: A specifying device receives detection information from a security device that detects hacking into a network or an activity of a terminal related to infection, and specifies a state of the terminal from information of the terminal and content of activity of the terminal included in the detection information. The specifying device specifies, when specifying that the terminal is in the state of being infected with malware, a terminal that may be infected before performing the content of the activity of the terminal included in the detection information based on connection information stored in a configuration information storage device, and specifies a terminal located on a route, along which the infected terminal is likely to be used for hacking or for infection of the terminal in the future, as a candidate for an infected terminal likely to be infected.
    Type: Application
    Filed: October 5, 2016
    Publication date: March 14, 2019
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Yasuhiro TERAMOTO, Bo HU, Toshiharu KISHI, Yukio NAGAFUCHI, Takaaki KOYAMA, Hideo KITAZUME
  • Patent number: 10181031
    Abstract: A cloud controller performs, when an attack on a VM in any of data centers in a system is detected, setting of NAT of a private IP address of a VM(A), for a boundary router of each data center other than a data center that the VM(A) belongs to, the VM(A) being a victim. Next, the cloud controller performs setting for a redirecting device in the same data center as the VM(A), such that the redirecting device redirects access from a user terminal to a host under a boundary router of any of the respective data centers other than the data center. Thereafter, the cloud controller changes a private IP address of the VM(A) in a NAT setting of a boundary router of the data center to a private IP address of the redirecting device.
    Type: Grant
    Filed: August 26, 2015
    Date of Patent: January 15, 2019
    Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Yukio Nagafuchi, Yasuhiro Teramoto, Toshiharu Kishi, Takaaki Koyama, Hideo Kitazume
  • Publication number: 20180041535
    Abstract: A security measure invalidation prevention device includes an acquisition unit that acquires invalidated security point information about an invalidated security point among security points each having a measure function performing a security measure on a node connected to a network. The invalidated security point has a measure function to be invalidated. The device also includes a determination unit that determines whether a security event to be addressed with the measure function of the invalidated security point is present on the basis of the invalidated security point information acquired by the acquisition unit. The device further includes an extraction unit that extracts a security point to which the measure function of the invalidated security point can be shifted when the determination unit determines that the security event is present.
    Type: Application
    Filed: February 29, 2016
    Publication date: February 8, 2018
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Toshiharu KISHI, Yasuhiro TERAMOTO, Bo HU, Yukio NAGAFUCHI, Takaaki KOYAMA, Hideo KITAZUME
  • Publication number: 20170339183
    Abstract: An optimization apparatus collects cyber attack information that is information related to a cyber attack, and system information that is information related to an entire system including a device that has received the cyber attack. Based on the collected cyber attack information and system information, the optimization apparatus identifies an attack route of the cyber attack, and extracts, as dealing point candidates, devices that are on the attack route and have an effective dealing function against the cyber attack. Subsequently, the optimization apparatus selects a dealing point from the extracted dealing point candidates by using optimization logic that has been set.
    Type: Application
    Filed: November 5, 2015
    Publication date: November 23, 2017
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Bo HU, Toshiharu KISHI, Hideo KITAZUME, Takaaki KOYAMA, Yukio NAGAFUCHI, Yasuhiro TERAMOTO
  • Publication number: 20170228539
    Abstract: A cloud controller performs, when an attack on a VM in any of data centers in a system is detected, setting of NAT of a private IP address of a VM(A), for a boundary router of each data center other than a data center that the VM(A) belongs to, the VM(A) being a victim. Next, the cloud controller performs setting for a redirecting device in the same data center as the VM(A), such that the redirecting device redirects access from a user terminal to a host under a boundary router of any of the respective data centers other than the data center. Thereafter, the cloud controller changes a private IP address of the VM(A) in a NAT setting of a boundary router of the data center to a private IP address of the redirecting device.
    Type: Application
    Filed: August 26, 2015
    Publication date: August 10, 2017
    Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION
    Inventors: Yukio NAGAFUCHI, Yasuhiro TERAMOTO, Toshiharu KISHI, Takaaki KOYAMA, Hideo KITAZUME