{"updated":"2025-01-20T06:08:30.645840+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00175799","sets":["6164:6165:6462:8948"]},"path":["8948"],"owner":"11","recid":"175799","title":["BinGrep: 制御フローグラフの比較を用いた関数の検索によるマルウェア解析の効率化の提案"],"pubdate":{"attribute_name":"公開日","attribute_value":"2016-10-04"},"_buckets":{"deposit":"f3871d48-cf9d-4fb9-920d-69a6128029be"},"_deposit":{"id":"175799","pid":{"type":"depid","value":"175799","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"BinGrep: 制御フローグラフの比較を用いた関数の検索によるマルウェア解析の効率化の提案","author_link":["367887","367888","367890","367889"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"BinGrep: 制御フローグラフの比較を用いた関数の検索によるマルウェア解析の効率化の提案"},{"subitem_title":"BinGrep: Proposing the Efficient Static Analysis Method by Searching for the Function Comparing Control Flow Graphs","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"マルウェア，フォレンジック，静的解析","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2016-10-04","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"情報セキュリティ大学院大学／NTT セキュリティ・ジャパン株式会社"},{"subitem_text_value":"情報セキュリティ大学院大学"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Institute of Information Security / NTT Security (Japan) KK","subitem_text_language":"en"},{"subitem_text_value":"Institute of Information Security","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/175799/files/IPSJCSS2016099.pdf","label":"IPSJCSS2016099.pdf"},"date":[{"dateType":"Available","dateValue":"2018-10-04"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJCSS2016099.pdf","filesize":[{"value":"1.3 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"6ce5c9ae-a03a-4107-bd48-497b4814b402","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2016 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"羽田, 大樹"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"後藤, 厚宏"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Hiroki, Hada","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Atsuhiro, Goto","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_18_relation_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_relation_type_id":{"subitem_relation_type_select":"NCID","subitem_relation_type_id_text":"ISSN　1882-0840"}}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"近年，日本においても広範囲な APT 攻撃による大規模な被害を経験した．高度かつ執拗な攻撃によるインシデント対応では，ネットワークや端末のログから迅速に被害範囲を特定することが求められる．本研究では，インシデント対応におけるマルウェア静的解析を効率化するため，過去に調査したことのあるマルウェアとその関数アドレスを入力として，制御フローグラフの編集距離を利用することで，解析するマルウェアにおいて相当する関数を検索して可能性の高い関数を出力するアルゴリズムを提案する．実際に APT 攻撃で使用された RAT マルウェアの Emdivi と PlugX について評価を行い，提案アルゴリズムがマルウェアに対しても有効であることを示す．","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"683","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2016論文集"}],"bibliographicPageStart":"676","bibliographicIssueDates":{"bibliographicIssueDate":"2016-10-04","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"2","bibliographicVolumeNumber":"2016"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"created":"2025-01-19T00:45:31.971422+00:00","id":175799,"links":{}}