{"updated":"2025-01-20T06:07:57.006080+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00175780","sets":["6164:6165:6462:8948"]},"path":["8948"],"owner":"11","recid":"175780","title":["マルウェアによる対仮想化処理の傾向についての分析"],"pubdate":{"attribute_name":"公開日","attribute_value":"2016-10-04"},"_buckets":{"deposit":"4f9af70a-5688-4449-ae12-a7038eca4450"},"_deposit":{"id":"175780","pid":{"type":"depid","value":"175780","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"マルウェアによる対仮想化処理の傾向についての分析","author_link":["367776","367775"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"マルウェアによる対仮想化処理の傾向についての分析"},{"subitem_title":"Analysis of Trends in Anti-Virtualization Operations by Malware","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"マルウェア，仮想化，仮想マシンモニタ，ハイパバイザ，ログ解析","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2016-10-04","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"筑波大学"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"University of Tsukuba","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/175780/files/IPSJCSS2016080.pdf","label":"IPSJCSS2016080.pdf"},"date":[{"dateType":"Available","dateValue":"2018-10-04"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJCSS2016080.pdf","filesize":[{"value":"249.9 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"4b3c8461-560a-4602-bdd0-51acbe172bbb","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2016 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"大山, 恵弘"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Yoshihiro, Oyama","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_18_relation_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_relation_type_id":{"subitem_relation_type_select":"NCID","subitem_relation_type_id_text":"ISSN　1882-0840"}}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"マルウェアの中には，自身が仮想マシンモニタなどの仮想化機構によって作られた環境で動作しているかどうかを推定し，もしそうであれば実行を終了して解析を妨害するものがある．そのような処理 （対仮想化処理） を実行するマルウェアの存在は広く知られている．しかし，現在の世界のマルウェアのうち，どの程度の割合のマルウェアがどのような対仮想化処理を行い，それが解析の妨害にどの程度効果的であるかについては，知見が不足している．本研究では，マルウェアの動的解析結果のデータセットである FFRI Dataset を分析し，2016 年に収集されたマルウェアによる対仮想化処理の傾向を明らかにする．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Some malware presumes whether it is running in an execution environment created by a virtualization mechanism such as a virtual machine monitor, and if it determines that it is, it terminates the execution to prevent analysis. The existence of malware that executes such operations (anti-virtualization operations) is widely known. However, insufficient knowledge has been collected about (1) how much ratio of current malware in the world executes anti-virtualization operations, (2) what types of anti-virtualization operations it executes, and (3) how effective they are to prevent analysis. We analyze the FFRI Dataset, a dataset of dynamic malware analysis results, and clarify the trends in anti-virtualization operations executed by malware samples collected in 2016.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"541","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2016論文集"}],"bibliographicPageStart":"534","bibliographicIssueDates":{"bibliographicIssueDate":"2016-10-04","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"2","bibliographicVolumeNumber":"2016"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"created":"2025-01-19T00:45:30.930301+00:00","id":175780,"links":{}}