{"updated":"2025-01-20T06:07:53.023394+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00175779","sets":["6164:6165:6462:8948"]},"path":["8948"],"owner":"11","recid":"175779","title":["動的解析ログを活用した静的解析補助手法の提案"],"pubdate":{"attribute_name":"公開日","attribute_value":"2016-10-04"},"_buckets":{"deposit":"bbe9de67-1d18-485c-940f-bc561d0b8f2e"},"_deposit":{"id":"175779","pid":{"type":"depid","value":"175779","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"動的解析ログを活用した静的解析補助手法の提案","author_link":["367768","367770","367765","367774","367773","367767","367771","367766","367772","367769"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"動的解析ログを活用した静的解析補助手法の提案"},{"subitem_title":"Proposal of Static Analysis Assistance Method Utilizing the Dynamic Analysis Log","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"MWS，マルウェア，動的解析，静的解析，APIトレース","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2016-10-04","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"立命館大学"},{"subitem_text_value":"立命館大学"},{"subitem_text_value":"立命館大学"},{"subitem_text_value":"名古屋工業大学"},{"subitem_text_value":"立命館大学"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Ritsumeikan University","subitem_text_language":"en"},{"subitem_text_value":"Ritsumeikan University","subitem_text_language":"en"},{"subitem_text_value":"Ritsumeikan University","subitem_text_language":"en"},{"subitem_text_value":"Nagoya Institute of Technology","subitem_text_language":"en"},{"subitem_text_value":"Ritsumeikan University","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/175779/files/IPSJCSS2016079.pdf","label":"IPSJCSS2016079.pdf"},"date":[{"dateType":"Available","dateValue":"2018-10-04"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJCSS2016079.pdf","filesize":[{"value":"1.4 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"a72816cb-dae4-4359-80c4-b80b2e4ea52b","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2016 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"中島, 将太"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"明田, 修平"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"瀧本, 栄二"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"齋藤, 彰一"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"毛利, 公一"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Shota, Nakajima","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Shuhei, Aketa","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Eiji, Takimoto","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Shoichi, Saito","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Koichi, Mouri","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_18_relation_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_relation_type_id":{"subitem_relation_type_select":"NCID","subitem_relation_type_id_text":"ISSN　1882-0840"}}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"マルウェア対策では，マルウェア解析が重要である．一般的にマルウェア解析は，動的解析，静的解析の手順で行う．しかし，現状では動的解析の結果が，静的解析作業と十分に連携できているとは言えない．特に，動的解析時に記録した API 呼び出し情報と逆アセンブルコードを対応付けていないため，静的解析時に実行時の API 呼び出し情報を活用できていない．また，静的解析を行うためには，実行時にのみ展開されるコードを取得する必要がある．そこで，動的解析時の API 呼び出し情報と，メモリ上のマルウェアのコードを取得し，静的解析を積極的に補助する手法を提案する．本論文では，Alkanet と IDA を連携させた静的解析補助手法について述べる．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Malware analysis is important for anti-malware. General malware analysis is carried out in the order ofdynamic analysis and static analysis. However, in the present circumstances, the results of dynamic analysis has notcooperate static analysis. We propose static analysis assistance method utilizing the dynamic analysis log. In the proposedmethod provide assistance information of static analysis. It includes the API call information and the code ofthe malware on the memory acquired by dynamic analysis. In this paper, we describe static analysis assistance methodthat cooperates the system call tracer \"Alkanet\" and disassembler \"IDA\".","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"533","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2016論文集"}],"bibliographicPageStart":"526","bibliographicIssueDates":{"bibliographicIssueDate":"2016-10-04","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"2","bibliographicVolumeNumber":"2016"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"created":"2025-01-19T00:45:30.875517+00:00","id":175779,"links":{}}