{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00186271","sets":["1164:4088:9383:9384"]},"path":["9384"],"owner":"11","recid":"186271","title":["パケットのヘッダ情報に基づく不審な通信挙動の検知"],"pubdate":{"attribute_name":"公開日","attribute_value":"2018-02-26"},"_buckets":{"deposit":"83a7d8b8-67f1-4d3b-8601-34e554c80d2d"},"_deposit":{"id":"186271","pid":{"type":"depid","value":"186271","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"パケットのヘッダ情報に基づく不審な通信挙動の検知","author_link":["417100","417098","417099","417102","417101","417097"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"パケットのヘッダ情報に基づく不審な通信挙動の検知"},{"subitem_title":"Behavior-Based Malware Detection Using Packet Header","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"異常検出とその制御","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2018-02-26","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"大阪府立大学大学院人間社会システム科学研究科"},{"subitem_text_value":"大阪府立大学大学院人間社会システム科学研究科"},{"subitem_text_value":"大阪府立大学大学院人間社会システム科学研究科"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Graduate School of Humanities and Sustainable System Sciences, Osaka Prifecture University","subitem_text_language":"en"},{"subitem_text_value":"Graduate School of Humanities and Sustainable System Sciences, Osaka Prifecture University","subitem_text_language":"en"},{"subitem_text_value":"Graduate School of Humanities and Sustainable System Sciences, Osaka Prifecture University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/186271/files/IPSJ-IOT18040033.pdf","label":"IPSJ-IOT18040033.pdf"},"date":[{"dateType":"Available","dateValue":"2020-02-26"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-IOT18040033.pdf","filesize":[{"value":"398.9 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"43"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"47fd657c-d7b7-45d2-b023-6a03168ce980","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2018 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"鍜治, 一祐"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"青木, 茂樹"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"宮本, 貴朗"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Kazumasa, Kaji","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Shigeki, Aoki","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Takao, Miyamoto","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12326962","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8787","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"近年，サイバー攻撃が著しく増加している．企業や団体ではサイバー攻撃による組織内ネットワークへのマルウェアの侵入を防ぐ対策として，侵入検知システムやファイアウォールを設置している．しかし，最近特に観測される標的型攻撃は，組織内のネットワークに侵入するために，入念な調査を行い侵入可能な方法を探しだし，通常の通信に紛れて侵入する．そのため，マルウェアの侵入を防ぐための対策だけでは十分ではない．そこで，マルウェア感染後の活動を検知する対策の重要性が高まっている．本研究では，パケットのヘッダ情報に基づいて，ホストの通常の通信を学習し，学習した通信とマルウェアが行う通信との差異に注目することで，不審な通信を検知する手法を提案する．MWS データセットを対象に実験を実施し，提案手法の有効性を確認した．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"In recent years, cyber-attacks are increasing. Organizations succeeded in preventing cyber-attacks by taking security measures such as firewalls and intrusion detection systems. However, recently, targeted attacks are increasing among cyber-attacks. The attacks investigate Intranet of the organization. Since the attacks are mixed with ordinary traffic, it is difficult to prevent with conventional security measures. In this paper, we focus on difference in traffic before and after a certain PC is attacked. After an attacker intrudes, malware connections are added to normal connections. Therefore, we detect suspicious traffic behavior. In order to verify the effectiveness of the proposed method, we performed an experiment using normal traffic data and BOS Dataset 2015 in MWS Dataset 2017. As results of experiments, we were able to detect targeted attacks.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"7","bibliographic_titles":[{"bibliographic_title":"研究報告インターネットと運用技術（IOT）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2018-02-26","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"33","bibliographicVolumeNumber":"2018-IOT-40"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"id":186271,"updated":"2025-01-20T02:40:42.165283+00:00","links":{},"created":"2025-01-19T00:53:14.549772+00:00"}