{"created":"2025-01-19T00:53:54.711281+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00187223","sets":["6164:6165:6462:9463"]},"path":["9463"],"owner":"11","recid":"187223","title":["仮想マシン検知回避機能を持つ動的解析ツールの開発"],"pubdate":{"attribute_name":"公開日","attribute_value":"2017-10-16"},"_buckets":{"deposit":"031dac80-6951-41cb-aa52-e480493d1256"},"_deposit":{"id":"187223","pid":{"type":"depid","value":"187223","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"仮想マシン検知回避機能を持つ動的解析ツールの開発","author_link":["422706","422712","422707","422713","422709","422705","422711","422708","422710","422714"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"仮想マシン検知回避機能を持つ動的解析ツールの開発"},{"subitem_title":"Development of Dynamic Analysis Tool that Avoid of Anti Virtual Machine Function on Malicious Software","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"MWS，マルウェア，アンチVM，仮想マシン，動的解析","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2017-10-16","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"株式会社セキュアブレイン"},{"subitem_text_value":"株式会社セキュアブレイン"},{"subitem_text_value":"国立研究開発法人 情報通信研究機構"},{"subitem_text_value":"国立研究開発法人 情報通信研究機構"},{"subitem_text_value":"国立研究開発法人 情報通信研究機構"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"ScureBrain Corporation","subitem_text_language":"en"},{"subitem_text_value":"ScureBrain Corporation","subitem_text_language":"en"},{"subitem_text_value":"National Institute of Information and Communications Technology","subitem_text_language":"en"},{"subitem_text_value":"National Institute of Information and Communications Technology","subitem_text_language":"en"},{"subitem_text_value":"National Institute of Information and Communications Technology","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/187223/files/IPSJCSS2017048.pdf","label":"IPSJCSS2017048.pdf"},"date":[{"dateType":"Available","dateValue":"2019-10-16"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJCSS2017048.pdf","filesize":[{"value":"676.1 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"27bd12dd-e365-4fc6-9b0c-6ef86acdc848","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2017 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"高田, 一樹"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"岩本, 一樹"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"津田, 侑"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"遠峰, 隆史"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"井上, 大介"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Kazuki, Takada","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Kazuki, Iwamoto","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Yu, Tsuda","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Takashi, Tomine","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Daisuke, Inoue","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_18_relation_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_relation_type_id":{"subitem_relation_type_select":"NCID","subitem_relation_type_id_text":"ISSN　1882-0840"}}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"動的解析は，静的解析に比べて短時間で容易にマルウェアの挙動を把握することが可能であり，広く用いられている．一般的に，動的解析には仮想マシンを用いる．このため，マルウェアの中には仮想マシン環境を検知し動的解析を妨げる機能を有するものが存在している．ゆえにマルウェアの仮想マシン検知機能を無効化して動的解析を行うためのシステムが必要である．我々は，マルウェアの保有する仮想マシン検知機能の解析調査を実施し，対応方法の提案を行った．本稿では，調査結果に基いて開発した仮想マシン検知機能を回避し動的解析を行うツールについて述べる．更に実マルウェアを用いて仮想マシン検知の回避機能の有効性の検証を実施した．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Dynamic analysis is useful to reveal behavior of the malware. Generally on dynamic analysis, a virtual machine(VM) is used.  However, some of malware have antiVM  functions. These malware detect VM and change their behavior to avoid dynamic analysis. Therefore, We need hide characteristics of the VM against antiVM techniques. Thus far we have surveyed antiVM techniques and proposed the methods to neutraize them. In this paper, we present aaVMNetMonitor, which is a dynamic analysis tool. aaVMNetMonitor enables us to neutralize antiVM techniques. Further, we experimented on its effectiveness of the function toneutralize antiVM techniques of the our tool.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2017論文集"}],"bibliographicIssueDates":{"bibliographicIssueDate":"2017-10-16","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"2","bibliographicVolumeNumber":"2017"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"links":{},"id":187223,"updated":"2025-01-20T02:22:59.961036+00:00"}