{"links":{},"id":187225,"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00187225","sets":["6164:6165:6462:9463"]},"path":["9463"],"owner":"11","recid":"187225","title":["物理マシンを採用したマルウェア動的解析環境における仮想マシンと同等の復旧速度の実現"],"pubdate":{"attribute_name":"公開日","attribute_value":"2017-10-16"},"_buckets":{"deposit":"64b8cf06-f7ec-44de-9d97-63817b45897e"},"_deposit":{"id":"187225","pid":{"type":"depid","value":"187225","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"物理マシンを採用したマルウェア動的解析環境における仮想マシンと同等の復旧速度の実現","author_link":["422726","422725","422727","422728"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"物理マシンを採用したマルウェア動的解析環境における仮想マシンと同等の復旧速度の実現"},{"subitem_title":"Sandbox: Proposal of Bootable System Snapshot for Physical Machine.","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"MWS，マルウェア，サンドボックス，VM検知，動的解析環境","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2017-10-16","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"株式会社みずほフィナンシャルグループ"},{"subitem_text_value":"株式会社みずほフィナンシャルグループ"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Mizuho Financial Group, Inc.","subitem_text_language":"en"},{"subitem_text_value":"Mizuho Financial Group, Inc.","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/187225/files/IPSJCSS2017050.pdf","label":"IPSJCSS2017050.pdf"},"date":[{"dateType":"Available","dateValue":"2019-10-16"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJCSS2017050.pdf","filesize":[{"value":"611.3 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"8a99fd12-4314-4b53-acec-7861fd09bc3a","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2017 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"阿曽村, 一郎"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"武田, 康博"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Ichiro, Asomura","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Yasuhiro, Takeda","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_18_relation_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_relation_type_id":{"subitem_relation_type_select":"NCID","subitem_relation_type_id_text":"ISSN　1882-0840"}}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"マルウェアには自身の実行環境を判別する機能により，物理マシンでは動作するが仮想マシンでは動作しないものがあるため，動的解析環境には物理マシンを用いることが望ましい．一方で，動的解析環境には解析後にOSを短時間で解析前の状態に戻す仕組みが求められるため，仮想マシンが採用されていることが多い．物理マシンを用いた動的解析環境を構築するためには，OSを短時間で解析前の状態に戻す仕組みを実現させることが課題となる．我々は仮想マシンで動作しないマルウェアの動的解析を行うために，この課題を解決した物理マシンを用いた動的解析環境を構築した．本稿では，短時間でOSを解析前の状態に戻す仕組みについて述べる．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Since some of malwares detect virtual machine, physical machine is preferable as a dynamic analysis environment. However, virtual machines are popular because malware can be executed and analyzed on them without having to reinstall operating system and application software every time. In order to create dynamic analysis environment using physical machine, there is a big challenge with instant system recovery. In this paper, we propose bootable system snapshot for physical machine which allows instant system recovery.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2017論文集"}],"bibliographicIssueDates":{"bibliographicIssueDate":"2017-10-16","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"2","bibliographicVolumeNumber":"2017"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"created":"2025-01-19T00:53:54.819555+00:00","updated":"2025-01-20T02:23:03.792843+00:00"}