Japanese

Read about R&D activities at NTT Laboratories by clicking on the following links to this year's R&D Annual Report.


IoT and Security for the Next-Generation Business

Security

recommend-mark : recommended exhibits

Managed Security & IoT Security

  • C-18
  • Mandatory Access Control over IoT Communications
  • pdf
  • A simple implementation of whitelisting access control by encrypting communications in IoT infrastructures
  • We present a security framework on which any unauthorized communications to IoT devices or endpoints in infrastructures are enforced shutdown. Our customers can enforce access control over communications to/from their IoT systems by using our hosted policy administration points. The administration is simple and easy by attribute based access control policies.
  • C-19
  • Never let your “IoT” be “Internet of Threats”
  • pdf
  • IoT traffic device-base access-control and IoT device anomaly detection
  • Large-scale cyber attacks involving massive and diversified IoT devices have become a serious threat to society. To address this problem, we propose an access control technique to manage access destinations for each IoT device to prevent malware infection and minimize damage in case of infection, as well as IoT traffic anomaly detection technology using machine learning.
  • C-20
  • Identifying critical cyber attacks from a massive number of alerts
  • pdf
  • Advanced alert verification technology for web application security
  • Attackers scan a large number of web sites continuously to find vulnerabilities, and such scans trigger a massive number of security alerts. System administrators spend a lot of time verifying whether an attack is critical to a system or not. Our alert verification technology automatically verifies whether an attack is successful or not and improves operational efficiency dramatically.
  • C-21
  • Detecting and containing invisible internal influence of exploitation and compromise
  • pdf
  • Automatic prevention against network intrusion and lateral movement with low OPEX
  • Advanced persistent targeted attacks are becoming highly sophisticated and difficult to prevent. Attackers use malware infected devices as stepping stones to intrude others. NTT Laboratories are developing defense-in-depth technology by collaborating our security orchestration technology and Fujitsu's intrusion detection and high-speed forensic technology.
  • C-22
  • First-class innovative software to assist operation and orchestration of public clouds
  • pdf
  • NTT DOCOMO's extensive public cloud technologies combined with real experience
  • DOCOMO Cloud Package provides documents, templates, security diagnoses, and consultation details with concrete system requirements that meet the security standards of DOCOMO in one package. A web-based software Cost Visualizer can analyze the cost of public clouds used by companies . These two tools address the uneasiness companies have regarding the development and operations of systems using the public cloud.
  • C-23
  • Cyber defense combining research and field expertise
  • pdf
  • LRR: Platform for collaborative cyber defense
  • Applying the state-of-the-art and learning in the real field have both been invaluable for practical cyber defense, but they still remain challenging. NTT R&D is developing LRR, a platform for accelerating the collaboration between R&D and operation. This demo showcases URL Inspector, a capability provided by LRR for detection and analysis of Website-based threats.
  • recommend-markC-a
  • Prevent spoofing between IoT devices even when offline
  • pdf
  • Authentication and authorization that gives certification not only for entities but also for authority of entities
  • When IoT devices work in cooperation with each other, a system operator must shut out any malicious devices. We developed a framework that gives a certificate for IoT devices to work cooperatively. We constructed a cargo delivery demo system that can supply and invalidate certificates easily and safely. It prevents spoofing and unpermitted actions of IoT devices.
  • C-b
  • Monitoring persons of interest from multiple video streams
  • pdf
  • Real-time people-tracking system by video analysis using deep learning
  • NTT has been developing a system for monitoring re-identified persons from multiple surveillance video streams in real time by fully utilizing cutting-edge deep learning techniques implemented in our scalable system. The system enables us to find suspicious persons, people who need help, lost children, VIPs (very important persons), and others, by analyzing multiple surveillance video streams in real time, remarkably reducing the cost of human operations and increasing safety.

Security & Privacy for Business

  • C-24
  • Extended FIDO based authentication and practical ID proofing for accelerating user-friendly IoT
  • pdf
  • Network assisted authentication method in an IoT enabled world
  • The Internet of Things (IoT) enables physical devices to provide rich and convenient services by cooperating with clouds storing users' personal data. We demonstrate a new FIDO based authentication technology for cooperation between devices and clouds. This technology simultaneously accomplishes high security, user-friendliness, and high-level ID-proofing in an IoT enabled world.
  • C-25
  • Providing safe use of devices in various scenarios
  • pdf
  • Continuous authentication technology by monitoring user behavior
  • Not all user impersonations can be detected based on user behavior in cyberspace. We investigated continuous authentication technology that detects user behavior in real space. This technology collects sensor data from a smartphone or wearable device, checks whether the legitimate user is continuously using services, and then detects imposters.
  • C-26
  • Modules for development of highly-confidential blockchain applications
  • pdf
  • Blockchain application technologies
  • A blockchain is a decentralized digital ledger that records transactions. The ledger is shared to blockchain users and a data element in the ledger is public to them. In order to enable appropriate management of information recorded in the ledger, NTT has developed a rights management module and a cryptographic module.
  • C-27
  • Collaborative research for designing and analyzing lightweight ciphers towards secure IoT communication
  • pdf
  • Lightweight cipher technology for secure data communication in resource-constrained environments
  • Academic researchers are intensively studying lightweight symmetric-key ciphers, which are expected to play a major part in the IoT era. NTT has jointly developed with Ruhr-Universitšt Bochum and Kobe University a new cryptanalytic technique called nonlinear invariant attack that helps improve the design and security of lightweight symmetric-key ciphers. NTT will continue to pursue technology to develop secure lightweight cipher algorithms.
  • C-28
  • Performing a statistical analysis of multiple companies' sensitive data
  • pdf
  • Secure computation system “San-Shi”
  • The secure computation system “San-Shi” achieves a secure environment that collects sensitive and highly confidential data and provides statistical analysis functions and its results to external users and analysts without revealing the data to anyone. NTT develops technologies enabling the combinational use of sensitive data from multiple companies that cannot be shared normally, and contributes to the creation of a new service market.
  • recommend-markC-29
  • Support and practice for processing “The de-identified information” according to the amended law
  • pdf
  • Sophisticated “anonymization” for safe use of personal data
  • The amendment of the Act on the Protection of Personal Information will come into full effect on May 2017, and thus, “the de-identified information” that can be used without users' consents has attracted much attention. NTT provides technologies for anonymization processing not only preventing the identification of a specific individual but also utilizing personal data safely, with a big advantage of technical know-how, experiences using real data and consulting achievements.
  • C-30
  • End-to-end encryption messaging secure against malicious access to servers
  • pdf
  • Multi-cast key distribution and encryption technologies for secure multi-user communication
  • Chat applications are becoming widespread in business. For existing applications, there is the risk of data leakage due to unauthorized access into the server since the server manages and stores chat data. In the business chat application developed by NTT Laboratories, it is possible to efficiently and securely send/receive/search encrypted group chat messages and dynamically change chat members.
  • C-31
  • Quick and decisive emergency management through efficient risk communication
  • pdf
  • “KADAN®” (Joint emergency management support software)
  • A comprehensive risk management system for the management layer and adminisphere is provided for implementing quick and decisive responses in the event of large-scale incidents such as cyberterrorism that can greatly affect critical infrastructures. We consult staff on the development of a management process and support them in training.