{"created":"2025-02-19T10:30:25.056936+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:02000688","sets":["1164:4088:11911:1739958296301"]},"path":["1739958296301"],"owner":"80578","recid":"2000688","title":["情報資産の機微性を考慮したハイブリッド型Deception機構"],"pubdate":{"attribute_name":"PubDate","attribute_value":"2025-02-24"},"_buckets":{"deposit":"59718886-087f-4085-ab0f-cd8f8ad63769"},"_deposit":{"id":"2000688","pid":{"type":"depid","value":"2000688","revision_id":0},"owners":[80578],"status":"published","created_by":80578},"item_title":"情報資産の機微性を考慮したハイブリッド型Deception機構","author_link":[],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"情報資産の機微性を考慮したハイブリッド型Deception機構","subitem_title_language":"ja"},{"subitem_title":"A hybrid deception mechanism considering on the sensitivity of information assets","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"IA","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2025-02-24","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"慶應義塾大学環境情報学部"},{"subitem_text_value":"北海道大学情報基盤センター／慶應義塾大学グローバルリサーチインスティチュート"},{"subitem_text_value":"慶應義塾大学SFC研究所"},{"subitem_text_value":"慶應義塾大学グローバルリサーチインスティチュート"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Faculty of Environment and Information Studies, Keio University","subitem_text_language":"en"},{"subitem_text_value":"Information Initiative Center, Hokkaido University / Grobal Research Institute, Keio University","subitem_text_language":"en"},{"subitem_text_value":"Keio Research Institute at SFC, Keio University","subitem_text_language":"en"},{"subitem_text_value":"Grobal Research Institute, Keio University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/2000688/files/IPSJ-IOT25068002.pdf","label":"IPSJ-IOT25068002.pdf"},"date":[{"dateType":"Available","dateValue":"2999-12-31"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-IOT25068002.pdf","filesize":[{"value":"2.5 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"0","billingrole":"43"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"dddf8664-7fae-43e1-84f4-45baf3f709b1","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2025 by the Institute of Electronics, Information and Communication Engineers This SIG report is only available to those in membership of the SIG."}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"笠原,一真"}]},{"creatorNames":[{"creatorName":"近藤,賢郎"}]},{"creatorNames":[{"creatorName":"甲斐,賢"}]},{"creatorNames":[{"creatorName":"手塚,悟"}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Kazuma Kasahara","creatorNameLang":"en"}]},{"creatorNames":[{"creatorName":"Takao Kondo","creatorNameLang":"en"}]},{"creatorNames":[{"creatorName":"Satoshi Kai","creatorNameLang":"en"}]},{"creatorNames":[{"creatorName":"Satoru Tezuka","creatorNameLang":"en"}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12326962","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8787","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"自組織に関連性の高い脅威行為者の活動の傾向を把握・分析する手段として，Deception環境の活用がある．Deception環境の課題として，セキュリティの専門家を伴わない顧客組織がオンプレミス型Deception環境を構築・運用することは困難さが挙げられる．そのため，顧客組織はDeception環境の構築・運用を，クラウド型Deception環境によりDeception as a Service(DecaaS)を提供する事業者(サービサ)に委託する．しかし，顧客組織の情報資産の中にはDecaaSの実現ためにサービサに提供するのに適さない機微性を持った情報資産がある．代表的なクラウド型Deception環境であるSTARDUSTは顧客組織側のネットワーク上に存在する機微性を持った情報資産に内在するリスクを反映したDeception環境を構築することが困難な傾向にある．そこで，本研究では顧客組織のネットワーク内の機微性を持った情報資産の特徴をオンプレミスなリバースプロキシ上でLLMを用いて学習してフェイクアンサを回答するデコイを作成し，サービサ側のクラウド型Deception環境にL2VPNを用いて参加させるハイブリッド型Deception機構を提案する．ハイブリッド型Deception環境の構築に向け，情報資産をデコイ化するリバースプロキシの実装と，フェイクアンサ生成用LLMのファインチューニングを行った．評価の結果，機微性を含む情報資産もデコイ化リバースプロキシでデコイ化可能であることを実証し，ハイブリッド型Deception環境の実現可能性を示した．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"The Deception environment is a means of understanding and analyzing the trends in threat actors' activities that are highly relevant to one's own organization. One of the challenges of the Deception environment is that it is difficult for customer organizations without security experts to build and operate an on-premise Deception environment. Therefore, customer organizations outsource the building and operation of the Deception environment to a service provider (Servicer) that offers Deception as a Service (DecaaS) through a cloud-based Deception environment. However, some of the customer organization's information assets have a sensitivity that makes them unsuitable for providing to the service provider. STARDUST, a typical cloud-based deception environment, tends to have difficulty in building a deception environment that reflects the risks inherent in information assets with a sensitivity that exists in the customer organization. This paper proposes a hybrid deception mechanism that creates decoys that respond with fake answers by learning the characteristics of sensitive information assets in the customer organization using LLM on an on-premise reverse proxy. The proposed mechanism also participates in the cloud-based deception environment on the service provider side using L2VPN. We implemented a reverse proxy that turns information assets into decoys, and fine-tuned the LLM for generating fake answers. As a result of the evaluation, we demonstrated that even information assets that contain sensitive information can be turned into decoys using the reverse proxy.","subitem_description_type":"Other","subitem_description_language":"en"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"8","bibliographic_titles":[{"bibliographic_title":"研究報告インターネットと運用技術（IOT）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2025-02-24","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"2","bibliographicVolumeNumber":"2025-IOT-68"}]},"relation_version_is_last":true,"weko_creator_id":"80578"},"id":2000688,"updated":"2025-07-07T04:05:29.428651+00:00","links":{}}