{"created":"2025-01-19T00:55:23.712380+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00189321","sets":["1164:4088:9383:9455"]},"path":["9455"],"owner":"11","recid":"189321","title":["Darknetの解析に基づくSSH攻撃傾向の分析"],"pubdate":{"attribute_name":"公開日","attribute_value":"2018-05-10"},"_buckets":{"deposit":"7af68dff-5dad-48f2-96a2-60aa64fb1e61"},"_deposit":{"id":"189321","pid":{"type":"depid","value":"189321","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"Darknetの解析に基づくSSH攻撃傾向の分析","author_link":["430391","430394","430393","430392","430395","430396"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"Darknetの解析に基づくSSH攻撃傾向の分析"},{"subitem_title":"Analysis of SSH attack tendency based on Darknet analysis","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"攻撃検知","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2018-05-10","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"関西大学総合情報学部"},{"subitem_text_value":"関西大学総合情報学部／現在，NECソリューションイノベータ株式会社"},{"subitem_text_value":"関西大学大学院総合情報学研究科／現在，株式会社インフォセック"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Faculty of Informatics, Kansai University","subitem_text_language":"en"},{"subitem_text_value":"Faculty of Informatics, Kansai University","subitem_text_language":"en"},{"subitem_text_value":"Graduate School of Informatics, Kansai University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/189321/files/IPSJ-IOT18041017.pdf","label":"IPSJ-IOT18041017.pdf"},"date":[{"dateType":"Available","dateValue":"2020-05-10"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-IOT18041017.pdf","filesize":[{"value":"1.1 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"43"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"564b993e-3803-4922-bd6c-7cfc1c8eb8a3","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2018 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"小林, 孝史"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"俣野, 剛志"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"坂東, 翼"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Takashi, Kobayashi","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Tsuyoshi, Matano","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Tsubasa, Bando","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12326962","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8787","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"インターネットからアクセス可能な機器が増加傾向にあり，攻撃 ・ 被害に遭う可能性が高くなっている．管理の行き届いていないサーバや，デフォルトの ID とパスワードで運用している機器等が特に狙われると見られており，その傾向をできるだけ早期に把握し，サーバの運用方法を変えるなどの対策が必要である．当研究室では SSH ハニーポットを運用しており，パスワードの総当り攻撃等を防止する研究に取り組んでいる．より詳細な攻撃傾向を掴むために，Darknet へのアクセスログを解析し，Darknet と SSH ハニーポットへのアクセスの相関関係等を分析した．その結果，Darknet へのアクセス後約 1 日以内に SSH ハニーポットへのアクセスが発生し，そのほとんどが 14 時間以内に集中していることが分かった．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"The number of devices that can be accessed from the Internet is on the rise, and the possibility of being attacked / damaged is increasing. It seems that servers that are not well managed and devices operating with the default ID and password are specifically targeted, and the administrator can grasp the trend as soon as possible and change the operation method of the server Measures are necessary. Our laboratory operates SSH honeypot, and we are working on research to prevent password brute force attack etc. In order to grasp a more detailed attack tendency, we analyzed the access log to Darknet and analyzed the correlation between access to Darknet and SSH honeypot. As a result, access to the SSH honeypot occurred within about 1 day after accessing Darknet, and most of it was found to be concentrated within 14 hours.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"4","bibliographic_titles":[{"bibliographic_title":"研究報告インターネットと運用技術（IOT）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2018-05-10","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"17","bibliographicVolumeNumber":"2018-IOT-41"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"id":189321,"updated":"2025-01-20T01:39:45.185547+00:00","links":{}}