Information processing device, risk visualization method, and program

JP7878471B2Active Publication Date: 2026-06-23NEC CORP

Patent Information

Authority / Receiving Office
JP · JP
Patent Type
Patents
Current Assignee / Owner
NEC CORP
Filing Date
2023-02-09
Publication Date
2026-06-23

AI Technical Summary

Benefits of technology

【0012】 本開示に係る情報処理装置、リスク可視化方法、及びコンピュータ可読媒体は、複数のシステムを管理するシステム管理者が複数のシステムにおけるリスクを容易に把握することを可能にすることができる。

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure 0007878471000001
    Figure 0007878471000001
  • Figure 0007878471000002
    Figure 0007878471000002
  • Figure 0007878471000003
    Figure 0007878471000003
Patent Text Reader

Abstract

The present invention enables a system administrator managing a plurality of systems to easily grasp risks across the plurality of systems. An analysis result acquisition unit (11) acquires a plurality of risk analysis results, each of which is a result of risk analysis conducted for each of the plurality of systems. An aggregation unit (12) aggregates the plurality of risk analysis results by a predetermined evaluation indicator. A visualization unit (13) presents information on the risk analysis results aggregated by the aggregation unit (12) to a user.
Need to check novelty before this filing date? Find Prior Art

Claims

1. An analysis result acquisition unit that acquires multiple risk analysis results, which are the results of risk analyses performed on each of multiple systems, A consolidation unit that aggregates the results of multiple risk analyses using predetermined evaluation indicators, The system includes a visualization unit that presents the aggregated risk analysis results to the user. The aforementioned risk analysis results include the risk value if the attack is carried out and the vulnerabilities used in the attack. The aforementioned risk analysis results include risk analysis results that evaluate the risk when an attack is carried out against the system along the attack route, The predetermined evaluation indicator is the number of attack routes, The aggregation unit counts the number of attack routes associated with each predetermined number of vulnerabilities and each predetermined number of systems. The visualization unit is an information processing device that displays the number of attack routes counted for each predetermined number of vulnerabilities and for each predetermined number of systems.

2. The predetermined evaluation index is the number of systems, The aggregation unit counts the number of systems that can be used in attacks for each predetermined number of vulnerabilities. The information processing apparatus according to claim 1, wherein the visualization unit displays the number of systems counted for each predetermined number of vulnerabilities.

3. The aforementioned risk analysis results include a risk analysis result that evaluates the risk when the assets of the system under analysis are attacked using one or more anticipated attack patterns. The predetermined evaluation indicator is the number of assets included in the system. The aggregation unit counts the number of assets in the system that are used in attacks for each predetermined number of vulnerabilities and for each predetermined number of systems. The information processing apparatus according to claim 1, wherein the visualization unit displays the number of assets counted for each predetermined number of vulnerabilities and for each predetermined number of systems.

4. An analysis result acquisition unit that acquires a plurality of risk analysis results which are the results of risk analysis performed on each of a plurality of systems, A consolidation unit that aggregates the results of multiple risk analyses using predetermined evaluation indicators, The system includes a visualization unit that presents the aggregated risk analysis results to the user. The aforementioned risk analysis results include the risk value if the attack is carried out and the vulnerabilities used in the attack. The aforementioned risk analysis results include risk analysis results that evaluate the risk when an attack is carried out against the system along the attack route, The predetermined evaluation indicator is the number of attack routes, The aggregation unit counts the number of attack routes for each risk value of the attack route and for each predetermined number of systems. The visualization unit is an information processing device that displays the number of attack routes counted for each risk value of the attack route and for each predetermined number of systems.

5. The aggregation unit further aggregates the multiple risk analysis results for each countermeasure against attacks on the system, The information processing device according to any one of claims 1 to 4, wherein the visualization unit further displays information on the risk analysis results aggregated for each countermeasure.

6. The aggregation unit counts the number of systems in which the countermeasure can be implemented and the number of locations where the countermeasure is implemented. The information processing device according to claim 5, wherein the visualization unit displays, for each countermeasure, the number of systems in which the countermeasure can be implemented and the number of locations where the countermeasure is implemented.

7. A computer, The results of risk analyses conducted on each of multiple systems include the risk value if an attack is carried out and the vulnerabilities used in the attack, and multiple risk analysis results are obtained, including risk analysis results that evaluate the risk if an attack is carried out on the said system along the attack route. By counting the number of attack routes associated with each predetermined number of vulnerabilities and each predetermined number of systems, the multiple risk analysis results obtained are aggregated by the number of attack routes. A risk visualization method that presents the aggregated risk analysis results to a user by displaying the number of attack routes counted for each predetermined number of vulnerabilities and for each predetermined number of systems.

8. A computer, The results of risk analyses conducted on each of multiple systems include the risk value if an attack is carried out and the vulnerabilities used in the attack, and multiple risk analysis results are obtained, including risk analysis results that evaluate the risk if an attack is carried out on the said system along the attack route. By counting the number of attack routes for each risk value of the attack route and for each predetermined number of systems, the multiple risk analysis results obtained are aggregated by the number of attack routes. A risk visualization method that presents the aggregated risk analysis results to the user by displaying the number of attack routes counted for each risk value of the attack route and for each predetermined number of systems.

9. The results of risk analyses conducted on each of multiple systems include the risk value if an attack is carried out and the vulnerabilities used in the attack, and multiple risk analysis results are obtained, including risk analysis results that evaluate the risk if an attack is carried out on the said system along the attack route. By counting the number of attack routes associated with each predetermined number of vulnerabilities and each predetermined number of systems, the multiple risk analysis results obtained are aggregated by the number of attack routes. A program for causing a computer to perform a process that includes presenting the aggregated risk analysis results to a user by displaying the number of attack routes counted for each predetermined number of vulnerabilities and for each predetermined number of systems.

10. Obtaining a plurality of risk analysis results, each of which is the result of a risk analysis performed on a plurality of systems, including the risk value if an attack is carried out and the vulnerabilities used in the attack, and which includes a risk analysis result that evaluates the risk if an attack is carried out on the system along the attack route. By counting the number of attack routes for each risk value of the attack route and for each predetermined number of systems, the multiple risk analysis results obtained are aggregated by the number of attack routes. A program for causing a computer to perform a process that includes presenting the aggregated risk analysis results to a user by displaying the number of attack routes counted for each risk value of the attack route and for each predetermined number of systems.