{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00186269","sets":["1164:4088:9383:9384"]},"path":["9384"],"owner":"11","recid":"186269","title":["ダークネット宛通信分析によるネットワーク管理者支援"],"pubdate":{"attribute_name":"公開日","attribute_value":"2018-02-26"},"_buckets":{"deposit":"306859d3-e25a-471b-b499-4436aa9a999e"},"_deposit":{"id":"186269","pid":{"type":"depid","value":"186269","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"ダークネット宛通信分析によるネットワーク管理者支援","author_link":["417090","417089","417088"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"ダークネット宛通信分析によるネットワーク管理者支援"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"インシデントレスポンスとダークネット","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2018-02-26","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"筑波大学システム情報工学研究科コンピュータサイエンス専攻"},{"subitem_text_value":"筑波大学学術情報メディアセンター／筑波大学システム情報工学系"},{"subitem_text_value":"筑波大学システム情報工学系"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Department of Computer Science, Graduate School of Systems and Information Engineering","subitem_text_language":"en"},{"subitem_text_value":"Academic Computing and Communications Center, University of Tsukuba / Faculty of Engineering, Information and Systems, University of Tsukuba","subitem_text_language":"en"},{"subitem_text_value":"Faculty of Engineering, Information and Systems, University of Tsukuba","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/186269/files/IPSJ-IOT18040031.pdf","label":"IPSJ-IOT18040031.pdf"},"date":[{"dateType":"Available","dateValue":"2020-02-26"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-IOT18040031.pdf","filesize":[{"value":"1.5 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"43"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"996e7aa0-8bb2-4155-8934-a6fd34feae1d","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2018 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"山門, 彩"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"佐藤, 聡"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"新城, 靖"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12326962","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8787","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"組織内発ダークネット宛通信の要因は様々であるが，それが問題になる場合がある．そのような通信を選別し，問題を解決するには機器の利用者とアプリケーションの特定が必要であり，それは管理者にとって手間がかかる．本研究ではその作業の自動化を提案し，管理者を支援することを目的とする．まず，組織内ネットワークからダークネット宛通信のログ (ヘッダのみ) を異なり数分析で分析し，閾値を超える通信数を行っている機器を，不適切通信を行っている調査対象候補機器としてネットワーク管理者に通知する．さらに，調査対象候補機器の利用者にペイロード取得および分析の同意を得たのち，アプリケーションプロトコルから受け取る最初のメッセージを収集および分析することで不適切通信の原因を自動的に特定する．筑波大学学内ネットワークにおいて実際にシステムを運用した結果，管理者の仕事のうち利用者の特定，ペイロード解析許可の取得，ペイロード調査によるアプリケーション特定に対する支援につながることがわかった．","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"6","bibliographic_titles":[{"bibliographic_title":"研究報告インターネットと運用技術（IOT）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2018-02-26","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"31","bibliographicVolumeNumber":"2018-IOT-40"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"id":186269,"updated":"2025-01-20T02:40:39.136121+00:00","links":{},"created":"2025-01-19T00:53:14.439465+00:00"}