Fujitsu develops AI Technology to determine the necessity of cyberattack responses


To secure the necessary training data needed to develop highly accurate AI technology, Fujitsu Laboratories Ltd. has now developed an AI Technology that identifies and extracts attack logs, which show the behavior of a cyberattack, from huge amounts of operations logs. It also developed a technology that expands on the small number of training data extracted in a manner that does not spoil attack characteristics. This generates a sufficient amount of training data.

By using these technologies, countermeasures can quickly be put in place for cyberattacks that have been determined to require action, contributing to business continuity and the prevention of loss. Details of these technologies are being announced at the 36th Symposium on Cryptography and Information Security (SCIS 2019), being held from Tuesday, January 22, to Friday, January 25, in Otsu city, Shiga prefecture, Japan.


With these AI technologies, determinations of the necessity of action, which until now have taken an expert several hours to several days, can be automatically made with high accuracy from tens of seconds to several minutes.

Furthermore, by combining these technologies with Fujitsu Laboratories’ high-speed forensic technology, which rapidly analyzes the whole picture of the status of damage from a targeted attack, the response sequence, from attack analysis to instructions for action, can be automated, enabling immediate responses to cyberattacks and minimizing damage.

Future Plans

Fujitsu aims to make use of these technologies within its Managed Security Services, as a response platform for cyberattacks.

(1) Targeted attack A cyberattack targeting a specific organization or individual, to relentlessly steal information or destroy systems.
(2) Malware Malicious software.
(3) Statistics from Japan’s Ministry of Economy, Trade and Industry Study of Recent Trends and Future Estimates Concerning IT Human Resources, published in 2016 by the Ministry of Economy, Trade and Industry (in Japanese).
(4) STARDUST, the Cyber-attack Enticement Platform a platform, which was developed by the National Institute of Information and Communications Technology (NICT), for the observation of cyberattacks. By enticing attackers to an environment that elaborately simulates organizations such as government and corporations, and observing over the long term the activities of attackers without them noticing, the platform aims to reveal the detailed behavior of attackers once they have penetrated an organization, to gather the information needed to establish cyberattack countermeasures and responses.

For more information, visit: