US 12,001,551 B2
Warning apparatus, control method, and program
Jun Nishioka, Tokyo (JP); Yoshiaki Sakae, Tokyo (JP); Kazuhiko Isoyama, Tokyo (JP); and Etsuko Ichihara, Tokyo (JP)
Assigned to NEC CORPORATION, Tokyo (JP)
Appl. No. 17/439,509
Filed by NEC Corporation, Tokyo (JP)
PCT Filed Mar. 25, 2019, PCT No. PCT/JP2019/012496
§ 371(c)(1), (2) Date Sep. 15, 2021,
PCT Pub. No. WO2020/194449, PCT Pub. Date Oct. 1, 2020.
Prior Publication US 2022/0156371 A1, May 19, 2022
Int. Cl. G06F 21/00 (2013.01); G06F 21/56 (2013.01)
CPC G06F 21/56 (2013.01) [G06F 2221/034 (2013.01)] 21 Claims
OG exemplary drawing
 
1. A warning apparatus comprising:
at least one memory configured to store instructions; and
at least one processor configured to execute the instructions to perform operations comprising;
acquiring first detected event information representing, at a first abstraction level, an event set being a set of events having occurred in a target system, and generating second detected event information representing, at a second abstraction level, the event set represented by the acquired first detected event information;
determining, from among a plurality of pieces of threat information each representing a threat activity, the threat information having a high degree of relevance to at least either of the first detected event information and the second detected event information; and
generating warning information relating to a threat being occurring in the target system, based on the determined threat information and a matching level being an abstraction level associated with the detected event information having a high degree of relevance to the threat information.