专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明公开

EP3182669A1 INTEGRATED INDUSTRIAL SYSTEM AND CONTROL METHOD THEREOF 有权
标题翻译：整合工业系统在STEUERUNGSVERFAHRENDAFÜR
公开(公告)号：EP3182669A1
公开(公告)日：2017-06-21
申请号：EP16203442
申请日：2016-12-12
申请人： YOKOGAWA ELECTRIC CORP
发明人： OGAWA TOSHIKI , SUZUKI KAZUYA , YAMASHIRO YASUHIKO , FUJITA SHO , HASEGAWA KENJI , KEMMOTSU TARO , KADOWAKI YUICHIRO
IPC分类号： H04L29/06 , G05B19/418 , H04L29/08
CPC分类号： H04L63/1466 , G05B19/048 , G05B19/418 , G05B2219/23317 , H04L63/02 , H04L63/14 , H04L67/10 , H04L67/12
摘要： An integrated industrial system includes a safety instrumented system which is installed in a first zone, a host system which is connected to the safety instrumented system through a network, the host system being installed in a second zone which is different from the first zone, a detector which is installed in each of the first zone and the second zone, the detector being configured to detect a cyber-attack from outside to a self-zone, and a defender configured to perform a countermeasure of restricting a communication between the first zone and the second zone or of restricting a communication in the first zone or the second zone, based on a detection result of the detector.
摘要翻译：集成工业系统包括安装在第一区域中的安全仪表系统，通过网络连接到安全检测系统的主机系统，主机系统安装在与第一区不同的第二区域中，检测器，其安装在第一区域和第二区域中的每一个区域中，检测器被配置为检测从外部到自身区域的网络攻击，以及防御器，被配置为执行限制第一区域和第二区域之间的通信的对策第二区域或限制第一区域或第二区域中的通信，基于检测器的检测结果。

2. 发明专利

JP2012034273A Unauthorized communication detecting system 有权
标题翻译：未通知的通信检测系统
公开(公告)号：JP2012034273A
公开(公告)日：2012-02-16
申请号：JP2010173576
申请日：2010-08-02
申请人： Yokogawa Electric Corp , 横河電機株式会社
发明人： BABA SHUNSUKE , SUZUKI KAZUYA , WADA HIDEHIKO
IPC分类号： H04L12/66 , G06F13/00 , G06F21/20
CPC分类号： H04L63/1416 , H04L69/40
摘要： PROBLEM TO BE SOLVED: To provide an unauthorized communication detection system capable of detecting an unauthorized traffic and its sign which could be a security threat in a plant network, without depending on log analysis of FW (firewall), and installation and operation of IDS (intrusion detection system).SOLUTION: The unauthorized communication detection system comprises: storage means 51 storing in advance a session white list 51a which is a list of sessions having possibility of occurring in a plant network; a session decision separation part 53 which decides success or failure of session establishment based on said complemented packet, and generates session information indicating an established session; and a first unauthorized communication detection unit 54 which detects the communication according to the session as an unauthorized communication when comparing said session information generated by said session decision separation means with said session white list 51a and conforming to neither of the sessions within said session white list.
摘要翻译：要解决的问题：提供一种未经授权的通信检测系统，可以检测未经授权的流量及其符号，这可能是工厂网络中的安全威胁，而不依赖于FW（防火墙）的日志分析，以及安装和操作的IDS（入侵检测系统）。解决方案：未经授权的通信检测系统包括：存储装置51，预先存储作为在工厂网络中发生的可能性的会话列表的会话白名单51a; 会话判定分离部分53，其基于所述补充的分组来决定会话建立的成功或失败，并且生成指示建立的会话的会话信息; 以及第一未授权通信检测单元54，当将由所述会话决定分离装置生成的所述会话信息与所述会话白名单51a进行比较时，将根据会话的通信视为未授权通信，并且与所述会话白名单中的两个会话不符。版权所有（C）2012，JPO＆INPIT

3. 发明专利

JP2007221311A Packet analyzing system 有权
标题翻译：分组分析系统
公开(公告)号：JP2007221311A
公开(公告)日：2007-08-30
申请号：JP2006037685
申请日：2006-02-15
申请人： Yokogawa Electric Corp , 横河電機株式会社
发明人： BABA SHUNSUKE , SUZUKI KAZUYA
IPC分类号： H04L12/70
摘要： PROBLEM TO BE SOLVED: To realize a packet analyzing system capable of automatically separating patterns for the propagations of a plurality of packets while being capable of viewing the behaviors of the packets. SOLUTION: The packet analyzing system captures and analyzes the packets propagated in a network. In the packet analyzing system, terminal node sensors is installed at a plurality of places stores the packets propagated for a fixed time after the reception of the packets from a certain IP address, and sorts the patterns for the propagations of a plurality of the packets from the IP address. In the packet analyzing system, a server is further fitted to acquire the patterns for the propagations of a plurality of the packets sorted from a plurality of the terminal node type sensors through the network and managing the whole system. COPYRIGHT: (C)2007,JPO&INPIT
摘要翻译：要解决的问题：实现能够自动分离多个分组的传播的模式的分组分析系统，同时能够观看分组的行为。解决方案：数据包分析系统捕获并分析在网络中传播的数据包。在分组分析系统中，终端节点传感器安装在多个位置，存储在从特定IP地址接收到分组之后固定时间传播的分组，并且对来自多个分组的传播的模式进行排序 IP地址。在分组分析系统中，进一步安装服务器以通过网络获取从多个终端节点类型传感器分类的多个分组的传播的模式，并管理整个系统。版权所有（C）2007，JPO＆INPIT

4. 发明专利

JP2006121143A Packet analysis system 有权
标题翻译：分组分析系统
公开(公告)号：JP2006121143A
公开(公告)日：2006-05-11
申请号：JP2004303857
申请日：2004-10-19
申请人： Yokogawa Electric Corp , 横河電機株式会社
发明人： BABA SHUNSUKE , SUZUKI KAZUYA , TANAKA TAKASHI
IPC分类号： H04L29/14 , G06F13/00 , H04L12/70
CPC分类号： H04L43/12 , H04L43/18
摘要： PROBLEM TO BE SOLVED: To provide a packet analysis system capable of separating access variations the separation of which has been difficult. SOLUTION: The packet analysis system for capturing and analyzing packets propagated through a network includes: a terminal node type sensor installed at a plurality of places, for acquiring propagated packets, and classifying the packets while relating the packets with each other; and a server for acquiring classified information by the plurality of terminal node type sensors via the network and creating an overall report of the system. COPYRIGHT: (C)2006,JPO&NCIPI
摘要翻译：要解决的问题：提供能够分离其分离困难的访问变化的分组分析系统。解决方案：用于捕获和分析通过网络传播的分组的分组分析系统包括：安装在多个地方的终端节点类型传感器，用于获取传播的分组，并且在分组相互关联的同时对分组进行分类; 以及用于经由所述网络从所述多个终端节点类型传感器获取分类信息并创建所述系统的总体报告的服务器。版权所有（C）2006，JPO＆NCIPI

5. 发明专利

JP2005159795A Passing packet display system 有权
标题翻译：通过分组显示系统
公开(公告)号：JP2005159795A
公开(公告)日：2005-06-16
申请号：JP2003396673
申请日：2003-11-27
申请人： Yokogawa Electric Corp , 横河電機株式会社
发明人： SUZUKI KAZUYA , HOSHINO HIROSHI , TANAKA TAKASHI
IPC分类号： H04L12/70 , H04L12/56
摘要： PROBLEM TO BE SOLVED: To provide a passing packet display system for easily grasping a passing point through which a packet mainly passes. SOLUTION: The passing packet display system for searching a plurality of packet log recorders that are installed at the passing points and record packets propagated through a network to display the passing points and passing packets, is provided with: an information collection means 17 for acquiring recorded packet information from a plurality of the packet log recorders via the network; a display means 19; and an arithmetic control means 18 that controls the information collection means to acquire the packet information, searches the acquired packet information, arranges the information for each passing point, integrates a correct solution probability of all the packets passing through the passing points, and displays it on a display screen of the display means. COPYRIGHT: (C)2005,JPO&NCIPI
摘要翻译：要解决的问题：提供一种通过分组显示系统，用于容易地掌握分组主要通过的通过点。解决方案：用于搜索安装在通过点处的多个分组日志记录器并记录通过网络传播的分组以显示通过点和传递分组的通过分组显示系统具有：信息收集装置17 用于经由网络从多个分组日志记录器获取记录的分组信息; 显示装置19; 以及算术控制装置18，其控制信息收集装置获取分组信息，搜索所获取的分组信息，排列每个经过点的信息，将通过所述经过点的所有分组的正确解概率积分并显示在显示装置的显示画面上。版权所有（C）2005，JPO＆NCIPI

6. 发明专利

JP2012169731A Unauthorized packet extraction device 有权
标题翻译：未经授权的包装提取装置
公开(公告)号：JP2012169731A
公开(公告)日：2012-09-06
申请号：JP2011026987
申请日：2011-02-10
申请人： Yokogawa Electric Corp , 横河電機株式会社
发明人： BABA SHUNSUKE , SUZUKI KAZUYA , WADA HIDEHIKO
IPC分类号： H04L12/66
摘要： PROBLEM TO BE SOLVED: To efficiently extract an authorized packet.SOLUTION: A packet capture unit 100 obtains a packet communicated in a lower network, and classifies the captured packet into one of multiple types based on relation with the communication direction with a firewall. A packet inspection unit 102 inspects and determines whether there exists in a packet information memory 106 a response packet corresponding to a packet heading for an upper network from the lower network classified by the packet capture unit 100. The packet inspection unit 102 stores determination results of whether the response packet exists or not together with the packet in the packet information memory 106. When determination information for the packet stored in the packet information memory 106 is non-correspondence, a memory management unit 104 determines "unexpected communication" and outputs it to a log memory 108.
摘要翻译：要解决的问题：有效提取授权数据包。解决方案：分组捕获单元100获取在较低网络中传送的分组，并且基于与防火墙的通信方向的关系将捕获的分组分类为多种类型之一。分组检查单元102检查并确定分组信息存储器106中是否存在与由分组捕获单元100分类的较低网络的针对上层网络的分组相对应的响应分组。分组检测单元102存储响应包是否与分组信息存储器106中的分组一起存在。当存储在分组信息存储器106中的分组的确定信息是不对应的时，存储器管理单元104确定“意外通信”并将其输出到日志存储器108.版权所有（C）2012，JPO＆INPIT

7. 发明专利

JP2010213143A Traffic recorder 审中-公开
标题翻译：交通记录仪
公开(公告)号：JP2010213143A
公开(公告)日：2010-09-24
申请号：JP2009059035
申请日：2009-03-12
申请人： Yokogawa Electric Corp , 横河電機株式会社
发明人： BABA SHUNSUKE , WADA HIDEHIKO , SUZUKI HIROE , SUZUKI KAZUYA
IPC分类号： H04L12/70
摘要： PROBLEM TO BE SOLVED: To provide a traffic recorder for inexpensively recording traffic data before and after a characteristic event. SOLUTION: The traffic recorder includes a data reception part for receiving traffic data, a damp file recording part being a nonvolatile recording region, and a cache part for dividing the received traffic data on a predetermined time basis to temporarily keeping, as cache data, the divided traffic data, and is used for recording the traffic data. The traffic recorder further includes a cache management part configured to identify cache data with traffic data from reception of a detection notice to a predetermined time ago recorded therein from among cache data in the cache part when receiving the detection notice for notifying that a predetermined event has occurred in the traffic data, and record the identified cache data in the damp file recording part by being related to the detection notice. COPYRIGHT: (C)2010,JPO&INPIT
摘要翻译：要解决的问题：提供一种用于在特征事件之前和之后廉价地记录交通数据的交通记录器。交通记录器包括用于接收交通数据的数据接收部分，作为非易失性记录区域的湿文件记录部分，以及用于在预定时间基础上分割所接收的业务数据的高速缓存部分，以暂时保存作为高速缓存数据，划分的业务数据，并用于记录业务数据。交通记录器还包括高速缓存管理部件，其被配置为当接收到用于通知预定事件具有的检测通知时，从高速缓存部分的高速缓存数据中识别具有从接收到检测通知到其预定时间的通信数据的高速缓存数据发生在交通数据中，并通过与检测通知有关的方式将识别的缓存数据记录在湿文件记录部分中。版权所有（C）2010，JPO＆INPIT

8. 发明专利

JP2007142664A Firewall device 有权
标题翻译：防火墙设备
公开(公告)号：JP2007142664A
公开(公告)日：2007-06-07
申请号：JP2005331943
申请日：2005-11-16
申请人： Yokogawa Electric Corp , 横河電機株式会社
发明人： BABA SHUNSUKE , SUZUKI KAZUYA
IPC分类号： H04L12/66 , G06F13/00
摘要： PROBLEM TO BE SOLVED: To easily set a device for reduced wasteful traffic.
SOLUTION: A firewall device comprises a first communication means for communicating with a network; a second communication means for communicating with equipment to be attacked, a memory means; and a calculation control means which acquires an originator IP address of the packet that has been received by the first communication means and determined to be of unnatural access, to shut off the transfer of the packet from that IP address to the equipment for a specified period, while the packets are classified and information is recorded in the memory means.
COPYRIGHT: (C)2007,JPO&INPIT
摘要翻译：要解决的问题：轻松设置减少浪费流量的设备。防火墙设备包括用于与网络通信的第一通信装置; 用于与要被攻击的设备进行通信的第二通信装置，存储装置; 以及计算控制装置，其获取由第一通信装置接收并被确定为不自然访问的分组的发起方IP地址，以将分组从该IP地址传送到设备达指定时段而分组被分类并且信息被记录在存储装置中。版权所有（C）2007，JPO＆INPIT

9. 发明专利

JP2011030096A Packet route tracing system 有权
标题翻译：分组路由跟踪系统
公开(公告)号：JP2011030096A
公开(公告)日：2011-02-10
申请号：JP2009175667
申请日：2009-07-28
申请人： Yokogawa Electric Corp , 横河電機株式会社
发明人： BABA SHUNSUKE , SUZUKI KAZUYA , SUZUKI HIROE , WADA HIDEHIKO
IPC分类号： H04L12/70 , H04L9/36
摘要： PROBLEM TO BE SOLVED: To provide a packet route tracing system for detecting an illegal packet in an early stage, and for understanding an organization to which the transmission source of an illegal packet is belonging. SOLUTION: This packet route tracing system for specifying the transmission source of a packet based on digest information including the reception time of a packet flowing through a network and a foot mark value as a hash value calculated by inserting a fixed value into a part which changes via a router in an IP header includes: an illegal packet detection sensor 21Z for collecting a packet flowing through the network, and for transmitting data including the detected digest information of the illegal packet; a trace back cooperation device 22 for, when receiving the data including the digest information of the illegal packet, transmitting retrieval request data including the digest information; and trace back devices 23A to 23C for specifying the transmission source of the illegal packet based on the digest information included in retrieval request data received from the trace back cooperation device. COPYRIGHT: (C)2011,JPO&INPIT
摘要翻译：要解决的问题：提供用于在早期阶段检测非法分组的分组路由跟踪系统，并且用于理解非法分组的传输源所属的组织。解决方案：该分组路由跟踪系统，用于基于包括流经网络的分组的接收时间的摘要信息和作为散列值的脚标值来指定分组的传输源，所述散列值通过将固定值插入到通过IP报头中的路由器改变的部分包括：用于收集流经网络的分组并且用于发送包括检测到的非法分组的摘要信息的数据的非法分组检测传感器21Z; 追踪协作装置22，当接收到包含非法包的摘要信息的数据时，发送包括摘要信息的检索请求数据; 以及追踪装置23A〜23C，用于基于从回溯协作装置接收到的检索请求数据中包含的摘要信息指定非法包的发送源。版权所有（C）2011，JPO＆INPIT

10. 发明专利

JP2006157355A Packet analyzing device and packet analysis system using the same 有权
标题翻译：分组分析装置和使用该分析装置的分组分析系统
公开(公告)号：JP2006157355A
公开(公告)日：2006-06-15
申请号：JP2004343608
申请日：2004-11-29
申请人： Yokogawa Electric Corp , 横河電機株式会社
发明人： BABA SHUNSUKE , SUZUKI KAZUYA , TANAKA TAKASHI
IPC分类号： H04L12/70
摘要： PROBLEM TO BE SOLVED: To obtain a packet analysis system capable of efficiently detecting an incident such as the occurrence of a new type of a worm. SOLUTION: A packet analyzing device for analyzing a packet that propagates in a network displays the retrieval result of log information acquired through the network, also displays a retrieval condition candidate list, automatically sets a retrieval condition on the basis of the retrieval condition candidate list and performs retrieval again. COPYRIGHT: (C)2006,JPO&NCIPI

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式