{"updated":"2025-01-21T09:24:20.852227+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00106629","sets":["6164:6165:6462:7729"]},"path":["7729"],"owner":"11","recid":"106629","title":["サンドボックスを利用した未知マルウェア検出精度向上に関する一検討"],"pubdate":{"attribute_name":"公開日","attribute_value":"2014-10-15"},"_buckets":{"deposit":"e784c46e-36a9-4ae6-b0a6-3bd6237d387a"},"_deposit":{"id":"106629","pid":{"type":"depid","value":"106629","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"サンドボックスを利用した未知マルウェア検出精度向上に関する一検討","author_link":["13145","13143","13141","13142","13144","13140"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"サンドボックスを利用した未知マルウェア検出精度向上に関する一検討"},{"subitem_title":"A Study for Improvement of Unknown Malware's Detection Accuracy on Sandbox Analysis","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"MWS Datasets 2014，FFRI Dataset，サンドボックス，未知マルウェア，過検知","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2014-10-15","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"NTTコムセキュリティ株式会社"},{"subitem_text_value":"NTTコミュニケーションズ株式会社"},{"subitem_text_value":"NTTコムセキュリティ株式会社"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"NTT Com Security (Japan) KK","subitem_text_language":"en"},{"subitem_text_value":"NTT Communications Corporation","subitem_text_language":"en"},{"subitem_text_value":"NTT Com Security (Japan) KK","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/106629/files/IPSJCSS2014106.pdf"},"date":[{"dateType":"Available","dateValue":"2016-10-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJCSS2014106.pdf","filesize":[{"value":"976.6 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"2263e1d1-676e-4bbe-8856-6761f42e725e","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2014 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"市田, 達也"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"須藤, 年章"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"髙森, 覚"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Tatsuya, Ichida","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Toshiaki, Sudoh","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Satoru, Takamori","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"マルウェア解析技術の一つにサンドボックスと呼ばれる仮想環境での動的解析技術がある．本技術は，多機能化や難読化されコード解析が難しくなっている近年のマルウェアの挙動を解析するにあたり有益であるが，一方で悪性判定の閾値によってはマルウェアには値しない正常なファイルを過検知する事象も確認されている．本研究では産業面でネットワークトラヒック内のファイルに対し本技術によるマルウェア検出を行う上で，過検知の削減という観点からマルウェア検出精度向上のための特徴量を抽出し，その評価および課題を考察する．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Dynamic Analysis on virtual machine called \"Sandbox Analysis\", is known as one of the malware analysis methods. This is useful against recent packed and obfuscated malware which is difficult to analyze by reading program codes statically. On the other hand, it raises False Positive rerated to the threshold value to decide as malicious. In this study, we explore and evaluate the features for the improvement of unknown malware's detection accuracy based on reducing \"False Positive\".","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"820","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2014論文集"}],"bibliographicPageStart":"813","bibliographicIssueDates":{"bibliographicIssueDate":"2014-10-15","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"2","bibliographicVolumeNumber":"2014"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"created":"2025-01-18T23:50:00.022824+00:00","id":106629,"links":{}}