{"updated":"2025-01-20T00:38:40.419288+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00191488","sets":["1164:4088:9383:9535"]},"path":["9535"],"owner":"11","recid":"191488","title":["API間の相関性に基づくランサムウェア亜種を区別する提案"],"pubdate":{"attribute_name":"公開日","attribute_value":"2018-09-20"},"_buckets":{"deposit":"34354eea-129e-4943-aa7b-c4dfd0bd7fa4"},"_deposit":{"id":"191488","pid":{"type":"depid","value":"191488","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"API間の相関性に基づくランサムウェア亜種を区別する提案","author_link":["442034","442029","442033","442030","442027","442032","442028","442031"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"API間の相関性に基づくランサムウェア亜種を区別する提案"},{"subitem_title":"Proposal to Distinguish between Ransomware Variants based on Correlation between APIs","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"学生セッション","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2018-09-20","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"東京電機大学"},{"subitem_text_value":"東京電機大学"},{"subitem_text_value":"東京電機大学"},{"subitem_text_value":"東京電機大学"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Tokyo Denki University","subitem_text_language":"en"},{"subitem_text_value":"Tokyo Denki University","subitem_text_language":"en"},{"subitem_text_value":"Tokyo Denki University","subitem_text_language":"en"},{"subitem_text_value":"Tokyo Denki University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/191488/files/IPSJ-IOT18043011.pdf","label":"IPSJ-IOT18043011.pdf"},"date":[{"dateType":"Available","dateValue":"2020-09-20"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-IOT18043011.pdf","filesize":[{"value":"1.0 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"43"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"80389a02-ea1f-4fa0-b04c-8d8d81619c35","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2018 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"周, 家興"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"廣瀬, 幸"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"柿崎, 淑郎"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"猪俣, 敦夫"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Jiaxing, Zhou","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Miyuki, Hirose","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Yoshio, Kakizaki","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Atsuo, Inomata","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12326962","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8787","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"ランサムウェアが実行される時，ファイルを削除したり，暗号化したり，または他の動作を行うために，必ず API を使う．更に，同じファミリーに属するランサムウェア亜種であれば，実行された時ランサムウェアの親プロセスに使用された API の種類が同じである．本稿ではランサムウェアが実行された時の親プロセスにより呼び出された API の頻度に着目し，API 同士間の相関係数を求め，その相関係数を特徴量として機械学習を用いてランサムウェア亜種のファミリーを区別する方法を提案する．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"When Ransomware is run, be sure to use the API to delete files, encrypt them, or perform other actions. Furthermore, if it is a Ransomware subspecies belonging to the same family, the type of API used for the parent process of Ransomware when executed is the same. In this paper, we focus on the frequency of API called by the parent process when Ransomware is executed, find the correlation coefficient between APIs, and we propose a method to distinguish family of Ransomware subspecies using machine learning with its correlation coefficient as feature quantity.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"6","bibliographic_titles":[{"bibliographic_title":"研究報告インターネットと運用技術（IOT）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2018-09-20","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"11","bibliographicVolumeNumber":"2018-IOT-43"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"created":"2025-01-19T00:57:22.321244+00:00","id":191488,"links":{}}