{"updated":"2025-01-21T11:01:34.310513+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00101873","sets":["1164:4088:7458:7613"]},"path":["7613"],"owner":"11","recid":"101873","title":["SSHパスワードクラッキング攻撃検知システムの改善とその運用結果"],"pubdate":{"attribute_name":"公開日","attribute_value":"2014-06-21"},"_buckets":{"deposit":"db5e7afa-5f9b-4466-92f6-2cdb6a9296be"},"_deposit":{"id":"101873","pid":{"type":"depid","value":"101873","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"SSHパスワードクラッキング攻撃検知システムの改善とその運用結果","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"SSHパスワードクラッキング攻撃検知システムの改善とその運用結果"},{"subitem_title":"Improvement of the SSH password cracking attacks detection system and its operational results","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"認証・サービス構築","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2014-06-21","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"大分大学大学院工学研究科知能情報システム工学専攻"},{"subitem_text_value":"大分大学工学部知能情報システム工学科／現在，株式会社スリーエイ・システム"},{"subitem_text_value":"大分大学工学部知能情報システム工学科"},{"subitem_text_value":"大分大学工学部知能情報システム工学科"},{"subitem_text_value":"大分大学学術情報拠点情報基盤センター"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Course of Computer Science and Intelligent Systems, Graduate School of Engineering, Oita University","subitem_text_language":"en"},{"subitem_text_value":"Department of Computer Science and Intelligent Systems, Faculty of Engineering, Oita University /  ","subitem_text_language":"en"},{"subitem_text_value":"Department of Computer Science and Intelligent Systems, Faculty of Engineering, Oita University","subitem_text_language":"en"},{"subitem_text_value":"Department of Computer Science and Intelligent Systems, Faculty of Engineering, Oita University","subitem_text_language":"en"},{"subitem_text_value":"Center for Academic Information and Library Services, Oita University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/101873/files/IPSJ-IOT14026004.pdf"},"date":[{"dateType":"Available","dateValue":"2016-06-21"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-IOT14026004.pdf","filesize":[{"value":"1.4 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"43"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"5cb3acf6-a5f0-49e7-b310-4bd24b8cd606","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2014 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"小刀稱, 知哉"},{"creatorName":"中本, 菜桜美"},{"creatorName":"清水, 光司"},{"creatorName":"池部, 実"},{"creatorName":"吉田, 和幸"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Tomoya, Kotone","creatorNameLang":"en"},{"creatorName":"Naomi, Nakamoto","creatorNameLang":"en"},{"creatorName":"Kouji, Shimizu","creatorNameLang":"en"},{"creatorName":"Minoru, Ikebe","creatorNameLang":"en"},{"creatorName":"Kazuyuki, Yoshida","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12326962","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"インターネットを利用した不正アクセスが多く存在する．その中でも，SSH サーバに対する不正アクセス行為の発生件数は依然として多い．そこで，我々は SSH へのパスワードクラッキング攻撃を検知することを目的とした 「SSH パスワードクラッキング攻撃検知システム (SCRAD)」 を開発・運用してきた．本システムでは SSH サーバと送信元間の 1 コネクションあたりのパケット送受信回数からパスワードクラッキング攻撃を検知している．運用結果を分析したところ，同じクライアント・サーバ間の通信において，しきい値を超過する場合と超過しない場合の通信が繰り返し観測された．また，パケット送受信回数がしきい値をわずかに超える通信において，検知漏れが生じていた．上記の通信には，正規ユーザも含まれている．本論文では，検知漏れ改善のために，しきい値をわずかに超過した通信を分析した．分析結果をもとに，パケットの計数方法を見直した．さらに，従来のしきい値を変更し，新しい攻撃者検知基準の妥当性を調査した．新しい検知基準を用いてシステムを運用したところ，今まで検知漏れしていた通信を検知することができた．しかし，パケット送受信回数が，新しいしきい値を下回る正規ユーザを誤検知した．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"There are many malicious attacks in the Internet. In patricular, we found many illegal access penetrates into SSH servers. Incidents of illegal access are increasing every year. We have been developing a SSH Password Cracking Attack Detection system called SCRAD. We were confirmed many password cracking attacks to the SSH servers by our system. But, we found some false negative. Because the packet count per connection was more than current threshold slightly. So, we investigated the packet data. And we improved new threshold and examined validity of new threshold. As a result, new threshold was able to detect attacker that was not able to detect in previous system. However, we found some false positive.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"7","bibliographic_titles":[{"bibliographic_title":"研究報告インターネットと運用技術（IOT）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2014-06-21","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"4","bibliographicVolumeNumber":"2014-IOT-26"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"created":"2025-01-18T23:47:20.357596+00:00","id":101873,"links":{}}