Determining apparatus, determining method, and determining program
US-2020201987-A1 · Jun 25, 2020 · US
Estimation system, estimation method, and estimation program
US12081564B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12081564-B2 |
| Application number | US-202017793657-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 26, 2020 |
| Priority date | Jan 20, 2020 |
| Publication date | Sep 3, 2024 |
| Grant date | Sep 3, 2024 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
An estimation unit retrieves a subtree that matches a query to be estimated, from subtrees included in a syntax tree created from a query inserted into a Web request. In addition, the estimation unit presents information for specifying the type of damage of an attack and an attack target, the information being associated in advance with the subtree obtained by the retrieval of the retrieval unit.
First claim
Opening claim text (preview).
The invention claimed is: 1. An estimation system comprising: retrieval circuitry configured to retrieve a subtree that matches a query to be estimated, from subtrees included in a syntax tree created from the query which is inserted into a Web request; presentation circuitry configured to present information for specifying a type of damage of an attack and an attack target, the information being associated in advance with the subtree obtained by the retrieval circuitry in the retrieval; extraction circuitry configured to extract the query inserted into the Web request that is detected to be the attack; creating circuitry configured to create the syntax tree from the query extracted by the extraction circuitry in accordance with a rule defined in advance; impartation circuitry configured to impart a label to the subtree that is a part of the syntax tree based on a result obtained in a case where the query corresponding to the subtree has been executed; and identification circuitry configured to identify the type of damage of the attack according to the Web request based on the label imparted by the impartation circuitry, wherein: the retrieval circuitry retrieves the subtree that matches the query to be estimated, from subtrees included in the syntax tree created by the creating circuitry, and the presentation circuitry presents information for specifying the type of damage of the attack and the attack target, based on the subtree obtained by the retrieval circuitry in the retrieval and the label imparted to the subtree. 2. The estimation system according to claim 1 , wherein: the presentation circuitry presents a table name as information for specifying the attack target. 3. An estimation method at an estimation system, the estimation method comprising: retrieving a subtree that matches a query to be estimated, from subtrees included in a syntax tree created from the query which is inserted into a Web request; presenting information for specifying a type of damage of an attack and an attack target, the information being associated in advance with the subtree obtained in the retrieving; extracting the query inserted into the Web request that is detected to be the attack; creating the syntax tree from the query extracted by the extracting in accordance with a rule defined in advance; imparting a label to the subtree that is a part of the syntax tree based on a result obtained in a case where the query corresponding to the subtree has been executed; and identifying the type of damage of the attack according to the Web request based on the label imparted by the imparting, wherein: the retrieving retrieves the subtree that matches the query to be estimated, from subtrees included in the syntax tree created by the creating, and the presenting presents information for specifying the type of damage of the attack and the attack target, based on the subtree obtained by the retrieving in the retrieval and the label imparted to the subtree. 4. A non-transitory computer readable medium including an estimation program which when executed causes a computer to: retrieve a subtree that matches a query to be estimated, from subtrees included in a syntax tree created from the query which is inserted into a Web request; present information for specifying a type of damage of an attack and an attack target, the information being associated in advance with the subtree obtained in the retrieving; extract the query inserted into the Web request that is detected to be the attack; create the syntax tree from the query extracted by the extracting in accordance with a rule defined in advance; impart a label to the subtree that is a part of the syntax tree based on a result obtained in a case where the query corresponding to the subtree has been executed; and identify the type of damage of the attack according to the Web request based on the label imparted by the imparting, wherein: the retrieving retrieves the subtree that matches the query to be estimated, from subtrees included in the syntax tree created by the creating, and the presenting presents information for specifying the type of damage of the attack and the attack target, based on the subtree obtained by the retrieving in the retrieval and the label imparted to the subtree. 5. The estimation method according to claim 3 , wherein: the presenting presents a table name as information for specifying the attack target. 6. The non-transitory computer readable medium estimation system according to claim 4 , wherein: the presenting presents a table name as information for specifying the attack target.
Assignees
Inventors
Classifications
Presentation of query results · CPC title
Trees · CPC title
Retrieval from the web · CPC title
Detecting local intrusion or implementing counter-measures · CPC title
- H04L63/1416Primary
Event detection, e.g. attack signature detection · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12081564B2 cover?
- An estimation unit retrieves a subtree that matches a query to be estimated, from subtrees included in a syntax tree created from a query inserted into a Web request. In addition, the estimation unit presents information for specifying the type of damage of an attack and an attack target, the information being associated in advance with the subtree obtained by the retrieval of the retrieval unit.
- Who is the assignee on this patent?
- Nippon Telegraph & Telephone
- What technology area does this patent fall under?
- Primary CPC classification H04L63/1416. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Sep 03 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).