{"created":"2025-01-19T00:47:13.617445+00:00","updated":"2025-01-20T05:22:00.902390+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00177799","sets":["1164:4088:9073:9074"]},"path":["9074"],"owner":"11","recid":"177799","title":["ドメイン生成型ボットネットの分析と検出"],"pubdate":{"attribute_name":"公開日","attribute_value":"2017-02-24"},"_buckets":{"deposit":"38c0120c-1931-4f5f-b27b-766acf487455"},"_deposit":{"id":"177799","pid":{"type":"depid","value":"177799","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"ドメイン生成型ボットネットの分析と検出","author_link":["378476","378477","378480","378473","378474","378478","378479","378475"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"ドメイン生成型ボットネットの分析と検出"},{"subitem_title":"Domain-Flux Botnet Analysis and Detection","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"Security","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2017-02-24","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"九州工業大学"},{"subitem_text_value":"九州工業大学"},{"subitem_text_value":"九州工業大学"},{"subitem_text_value":"九州工業大学"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Kyushu Institute of Technology","subitem_text_language":"en"},{"subitem_text_value":"Kyushu Institute of Technology","subitem_text_language":"en"},{"subitem_text_value":"Kyushu Institute of Technology","subitem_text_language":"en"},{"subitem_text_value":"Kyushu Institute of Technology","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/177799/files/IPSJ-IOT17036010.pdf","label":"IPSJ-IOT17036010.pdf"},"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-IOT17036010.pdf","filesize":[{"value":"315.8 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"0","billingrole":"43"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_login","version_id":"d4cd676e-1cf7-4118-8a89-ae65f1dc90d8","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2017 by the Institute of Electronics, Information and Communication Engineers This SIG report is only available to those in membership of the SIG."}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"佐藤, 彰洋"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"中村, 豊"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"野林, 大起"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"池永, 全志"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Akihiro, Sato","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Yutaka, Nakamura","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Daiki, Nobayashi","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Takeshi, Ikenga","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12326962","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8787","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"インターネットにおける重大な脅威としてポットネットが挙げられる．多くのボットネットにはドメイン生成機能，すわなち C&C のドメインを頻繁に変更することでコールバックを隠蔽するための仕組みが実装されている．本稿では， ドメイン生成型ポットネットの検出のため，DNS に対する膨大な数の名前解決要求から機械的に生成されたドメインを判別する手法を提案する．その理由は， (1) ポットネットにおいて定期的なコールバックが発生すること，(2) コールバック先はドメイン生成機能により決定されることに起因する．本手法により，ネットワークに内在するポットへの迅速な対応が可能になるため，ネットワークの運用において安全性の向上が期待できる．\n","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Botnets have been one of the most serious threats to Internet security. Modem botnets employ a domain-flux technique, which provides the additional levels of resilience against takedown attempts. In this paper, we propose a methodology to identify the automatically generated domain names from a large number of DNS requests. The reason rests on two perspectives : (1) bots are in contact periodically with their C&C; (2) the bot and C&C automatically generate the domain names for the contact. Thus, our proposal contributes to improvement in the detection accuracy of domain-flux botnets.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"4","bibliographic_titles":[{"bibliographic_title":"研究報告インターネットと運用技術（IOT）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2017-02-24","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"10","bibliographicVolumeNumber":"2017-IOT-36"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"id":177799,"links":{}}