{"updated":"2025-01-20T01:39:48.120067+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00189323","sets":["1164:4088:9383:9455"]},"path":["9455"],"owner":"11","recid":"189323","title":["MITB攻撃によるコンテンツ改ざん検知手法の検討"],"pubdate":{"attribute_name":"公開日","attribute_value":"2018-05-10"},"_buckets":{"deposit":"79a70ec9-136f-45f4-b084-7e72d5cd74fc"},"_deposit":{"id":"189323","pid":{"type":"depid","value":"189323","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"MITB攻撃によるコンテンツ改ざん検知手法の検討","author_link":["430409","430408","430404","430403","430405","430410","430407","430406"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"MITB攻撃によるコンテンツ改ざん検知手法の検討"},{"subitem_title":"Investigation of Detecting Web Content Tempering caused by MITB Attack","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"攻撃検知","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2018-05-10","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"横浜国立大学大学院環境情報学府／株式会社セキュアブレイン"},{"subitem_text_value":"株式会社セキュアブレイン"},{"subitem_text_value":"横浜国立大学大学院環境情報研究院／横浜国立大学大学院先端科学高等研究院"},{"subitem_text_value":"横浜国立大学大学院環境情報研究院／横浜国立大学大学院先端科学高等研究院"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Graduate School of Environment and Information Sciences, Yokohama National University / SecureBrain Corporation","subitem_text_language":"en"},{"subitem_text_value":"SecureBrain Corporation","subitem_text_language":"en"},{"subitem_text_value":"Graduate School of Environment and Information Sciences, Yokohama National University / Institute of Advanced Sciences, Yokohama National University","subitem_text_language":"en"},{"subitem_text_value":"Graduate School of Environment and Information Sciences, Yokohama National University / Institute of Advanced Sciences, Yokohama National University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/189323/files/IPSJ-IOT18041019.pdf","label":"IPSJ-IOT18041019.pdf"},"date":[{"dateType":"Available","dateValue":"2020-05-10"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-IOT18041019.pdf","filesize":[{"value":"535.1 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"43"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"a9300cbe-9ee3-4d9c-abeb-41791ed61dcc","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2018 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"高田, 一樹"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"邦本, 理夫"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"吉岡, 克成"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"松本, 勉"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Kazuki, Takada","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Michio, Kunimoto","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Katsunari, Yoshioka","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Tsutomu, Matsumoto","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12326962","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8787","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"近年，インターネットバンキング等の金融機関サービス利用者を狙ったサイバー攻撃による不正送金被害が社会問題となっている．インターネットバンキングに関わる不正送金の多くは，金融系マルウェアによる Man In The Browser 攻撃 （MITB 攻撃） によるものである．MITB 攻撃は，コンテンツを改ざんし，認証情報の盗取や自動送金等を引き起こす．インターネットバンキングにおける MITB 攻撃への対策は，金融機関の配布する専用対策ソフトの利用やワンタイムパスワードによる決済認証の強化等が一般的である．特に専用対策ソフトは金融系マルウェアに特化した検知機能を有しているもの等があり，有効性が高いと考えられる．しかし，専用対策ソフトを使用するか否かは利用者の判断に委ねられるため全ての利用者には導入されない可能性がある．そのため，専用対策ソフトを使用しない利用者も含む全ての利用者に適用可能な，MITB 攻撃対策が必要と考える．我々は，専用ソフト等を使用しない MITB 攻撃によるコンテンツ改ざんを容易に検知する手法の検討を行った．本稿では，MITB 攻撃によるコンテンツ改ざんが外部サーバと連携して行われると言う点に着目し，改ざんされたコンテンツが外部サーバと行う通信をWebブラウザ上で捕捉することで，改ざん検知を行う手法について提案する．また，検知ロジックの実現性の検証実験を行った．","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"6","bibliographic_titles":[{"bibliographic_title":"研究報告インターネットと運用技術（IOT）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2018-05-10","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"19","bibliographicVolumeNumber":"2018-IOT-41"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"created":"2025-01-19T00:55:23.825099+00:00","id":189323,"links":{}}