Classification of log data
US-2019138542-A1 · May 9, 2019 · US
Information processing apparatus, control method, and program
US11449405B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11449405-B2 |
| Application number | US-201817041584-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 28, 2018 |
| Priority date | Mar 28, 2018 |
| Publication date | Sep 20, 2022 |
| Grant date | Sep 20, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
An information processing apparatus generates a graph that represents an action of a program. On the graph, an edge represents action contents of a process in an event. Further, two nodes connected by the edge respectively represent a subject and an object of the event. The information processing apparatus outputs the generated graph. Further, the information processing apparatus also alters the generated graph. When an index value of an event satisfies a first predetermined condition which index value is based on the number of occurrences or the frequency of occurrences of the event, the information processing apparatus alters the graph with respect to an edge representing the event.
First claim
Opening claim text (preview).
The invention claimed is: 1. An information processing apparatus comprising: a generation unit that generates a graph that represents action contents in an event relating to an action of a program as an edge and represents a subject and an object of the event as respective nodes; an output unit that outputs the generated graph; a first alteration unit that alters the graph with respect to an edge representing the event when an index value of the event satisfies a first predetermined condition, which index value is based on a number of occurrences or a frequency of occurrences of the event; and a second alteration unit that executes at least one of a process of altering the graph with respect to the node when an index value of the node satisfies a second predetermined condition, which index value is based on a history of operations applied to the node, and a process of altering the graph with respect to the edge when an index value of the edge satisfies a third predetermined condition, which index value is based on a history of operations applied to the edge, wherein the output unit outputs the graph altered by the first alteration unit or the second alteration unit. 2. The information processing apparatus according to claim 1 , wherein the index value of the event is computed as a value that has a positive correlation with the number of occurrences or the frequency of occurrences of the event and the first predetermined condition is satisfied when the index value of the event is equal to or greater than a predetermined value, or the index value of the event is computed as a value that has a negative correlation with the number of occurrences or the frequency of occurrences of the event and the first predetermined condition is satisfied when the index value of the event is equal to or smaller than a predetermined value. 3. The information processing apparatus according to claim 2 , wherein the generation unit generates the graph with respect to a plurality of target apparatuses, and the frequency of occurrences of the event is a number acquired by dividing a number of the target apparatuses in which the event occurred in a predetermined time window by a total number of the target apparatuses. 4. The information processing apparatus according to claim 1 , wherein the index value of the node is computed as a value that has a positive correlation with a number of times of operations or a frequency of operations applied to the node and the second predetermined condition is satisfied when the index value of the node is equal to or smaller than a predetermined value, or the index value of the node is computed as a value that has a negative correlation with the number of times of operations or the frequency of operations applied to the node and the second predetermined condition is satisfied when the index value of the node is equal to or greater than a predetermined value. 5. The information processing apparatus according to claim 1 , wherein the index value of the edge is computed as a value that has a positive correlation with a number of times of operations or a frequency of operations applied to the edge and the third predetermined condition is satisfied when the index value of the edge is equal to or smaller than a predetermined value, or the index value of the edge is computed as a value that has a negative correlation with the number of times of operations or the frequency of operations applied to the edge and the third predetermined condition is satisfied when the index value of the edge is equal to or greater than a predetermined value. 6. A control method that is executed by a computer, the method comprising: a generation step of generating a graph that represents action contents in an event relating to an action of a program as an edge and represents a subject and an object of the event as respective nodes; an output step of outputting the generated graph; a first alteration step of altering the graph with respect to an edge representing the event when an index value of the event satisfies a first predetermined condition, which index value is based on a number of occurrences or a frequency of occurrences of the event; and a second alteration step of executing at least one of a process of altering the graph with respect to the node when an index value of the node satisfies a second predetermined condition, which index value is based on a history of operations applied to the node, and a process of altering the graph with respect to the edge when an index value of the edge satisfies a third predetermined condition, which index value is based on a history of operations applied to the edge, wherein the graph altered at the first alteration step or the second alteration step is outputted at the output step. 7. A non-transitory computer readable medium storing a program that causes a computer to execute a control method, the method comprising: a generation step of generating a graph that represents action contents in an event relating to an action of a program as an edge and represents a subject and an object of the event as respective nodes; an output step of outputting the generated graph; a first alteration step of altering the graph with respect to an edge representing the event when an index value of the event satisfies a first predetermined condition, which index value is based on a number of occurrences or a frequency of occurrences of the event; and a second alteration step of executing at least one of a process of altering the graph with respect to the node when an index value of the node satisfies a second predetermined condition, which index value is based on a history of operations applied to the node, and a process of altering the graph with respect to the edge when an index value of the edge satisfies a third predetermined condition, which index value is based on a history of operations applied to the edge, wherein the graph altered at the first alteration step or the second alteration step is outputted at the output step.
Assignees
Inventors
Classifications
Drawing of charts or graphs · CPC title
Indexing; Data structures therefor; Storage structures (for retrieval from the web G06F16/951) · CPC title
- G06F21/566Primary
Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities · CPC title
Visualisation of programs or trace data · CPC title
Event-based monitoring · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11449405B2 cover?
- An information processing apparatus generates a graph that represents an action of a program. On the graph, an edge represents action contents of a process in an event. Further, two nodes connected by the edge respectively represent a subject and an object of the event. The information processing apparatus outputs the generated graph. Further, the information processing apparatus also alters th…
- Who is the assignee on this patent?
- Nec Corp
- What technology area does this patent fall under?
- Primary CPC classification G06F21/566. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Sep 20 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).