{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00187378","sets":["6164:6165:6462:9463"]},"path":["9463"],"owner":"11","recid":"187378","title":["AVT Lite: 攻撃コードのエミュレーションに基づくWeb攻撃の成否判定手法"],"pubdate":{"attribute_name":"公開日","attribute_value":"2017-10-16"},"_buckets":{"deposit":"0f3f72e9-02de-4773-a566-f5157cef2304"},"_deposit":{"id":"187378","pid":{"type":"depid","value":"187378","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"AVT Lite: 攻撃コードのエミュレーションに基づくWeb攻撃の成否判定手法","author_link":["423779","423781","423780","423784","423782","423785","423778","423783","423786","423777"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"AVT Lite: 攻撃コードのエミュレーションに基づくWeb攻撃の成否判定手法"},{"subitem_title":"AVT Lite: Detection Successful Web Attacks Based-on Attack Code Emulation","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"Webセキュリティ，アラート検証，IOC，エミュレーション","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2017-10-16","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"NTTセキュアプラットフォーム研究所"},{"subitem_text_value":"NTTセキュアプラットフォーム研究所"},{"subitem_text_value":"NTTセキュアプラットフォーム研究所"},{"subitem_text_value":"名古屋大学情報基盤センター"},{"subitem_text_value":"国立情報学研究所アーキテクチャ科学研究系"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"NTT Secure Platform Laboratories","subitem_text_language":"en"},{"subitem_text_value":"NTT Secure Platform Laboratories","subitem_text_language":"en"},{"subitem_text_value":"NTT Secure Platform Laboratories","subitem_text_language":"en"},{"subitem_text_value":"Information Technology Center, Nagoya University","subitem_text_language":"en"},{"subitem_text_value":"Information Systems Architecture Science, National Institute of Informatics","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/187378/files/IPSJCSS2017203.pdf","label":"IPSJCSS2017203.pdf"},"date":[{"dateType":"Available","dateValue":"2019-10-16"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJCSS2017203.pdf","filesize":[{"value":"698.2 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"a56f0d77-a711-47e6-8a98-53ac2af2c25c","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2017 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"鐘, 揚"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"青木, 一史"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"三好, 潤"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"嶋田, 創"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"高倉, 弘喜"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Yang, ZHONG","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Kazufumi, AOKI","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Jun, MIYOSHI","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Hajime, SHIMADA","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Hiroki, TAKAKURA","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_18_relation_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_relation_type_id":{"subitem_relation_type_select":"NCID","subitem_relation_type_id_text":"ISSN　1882-0840"}}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"WAFやIDSなどのセキュリティ製品はWebに対する攻撃検知において重要な役割を担っている．しかし，大量のアラートから重大なインシデントに関わるアラートを人手で探し出すには多くの時間を要する．本研究では，攻撃の成否に応じてアラートの重大度を決定するシステムを提案する．提案システムでは攻撃コードのエミュレーションを行い，攻撃の痕跡を抽出する．攻撃の痕跡がHTTPレスポンスに含まれるか否かで攻撃の成否を判定し，アラートの重大度を決定する．提案システムの精度・性能の面での評価結果，および発見した攻撃事例から，その実用性を示す．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Security appliance such as WAFs and IDSs contribute to detecting threats of web attacks greatly. However, discovering security appliance alerts related to critical incident manually takes much time. In this research, we propose the system that verifies the emergency level of alerts based on success or failure of attacks. Proposed system emulates exploit code to extract indicators of compromise. Verification is made by matching indicators with HTTP response content. We show the effectiveness of proposed system through accuracy/performance evaluation, and case studies.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2017論文集"}],"bibliographicIssueDates":{"bibliographicIssueDate":"2017-10-16","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"2","bibliographicVolumeNumber":"2017"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"id":187378,"updated":"2025-01-20T02:18:54.232068+00:00","links":{},"created":"2025-01-19T00:54:03.335069+00:00"}