{"created":"2025-01-19T00:54:29.206948+00:00","updated":"2025-01-20T02:06:13.662292+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00187841","sets":["6504:9465:9468"]},"path":["9468"],"owner":"6748","recid":"187841","title":["Windows APIコールログからのマルウェアの動作再現について"],"pubdate":{"attribute_name":"公開日","attribute_value":"2018-03-13"},"_buckets":{"deposit":"374a1c61-d6be-43b7-be95-2b4f76a62c62"},"_deposit":{"id":"187841","pid":{"type":"depid","value":"187841","revision_id":0},"owners":[6748],"status":"published","created_by":6748},"item_title":"Windows APIコールログからのマルウェアの動作再現について","author_link":["425627","425628","425625","425624","425626"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"Windows APIコールログからのマルウェアの動作再現について"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"セキュリティ","subitem_subject_scheme":"Other"}]},"item_type_id":"22","publish_date":"2018-03-13","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_22_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"近畿大"},{"subitem_text_value":"近畿大"},{"subitem_text_value":"佐賀大"},{"subitem_text_value":"岐阜大"},{"subitem_text_value":"神戸大"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/187841/files/IPSJ-Z80-6W-01.pdf","label":"IPSJ-Z80-6W-01.pdf"},"date":[{"dateType":"Available","dateValue":"2018-04-25"}],"format":"application/pdf","filename":"IPSJ-Z80-6W-01.pdf","filesize":[{"value":"431.3 kB"}],"mimetype":"application/pdf","accessrole":"open_date","version_id":"5926359a-76c0-4cbc-bc36-8c78bc4704ee","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2018 by the Information Processing Society of Japan"}]},"item_22_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"港, 和人"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"福田, 洋治"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"廣友, 雅徳"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"毛利, 公美"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"白石, 善明"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_22_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN00349328","subitem_source_identifier_type":"NCID"}]},"item_22_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"誘導型攻撃を受け、マルウェアが設置された結果、生じたセキュリティインシデントの初動対応、調査、封じ込め、根絶、復旧が完了し、事態が終息した後、再発防止策を講じるが、これを徹底するのは手間を要する。ノートPC、タブレット等の端末において、影響を排除したかたちでマルウェアの動きを再現できれば、例えば、ある端末環境で当該マルウェアと同じ動きをAMSで検知できるかテストし、AMSの対応状況を確認する用途が考えられる。本研究では、マルウェアの実行解析のログ(時系列のAPIコールのログ)から、その順番でAPIコールを実行、動作を再現するという、マルウェアの動作を再現するツールを試作、動作実験を行い有用性を確認する。","subitem_description_type":"Other"}]},"item_22_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"528","bibliographic_titles":[{"bibliographic_title":"第80回全国大会講演論文集"}],"bibliographicPageStart":"527","bibliographicIssueDates":{"bibliographicIssueDate":"2018-03-13","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"1","bibliographicVolumeNumber":"2018"}]},"relation_version_is_last":true,"weko_creator_id":"6748"},"id":187841,"links":{}}