{"id":2006861,"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:02006861","sets":["934:1022:1765269203258:1765269314977"]},"path":["1765269314977"],"owner":"80578","recid":"2006861","title":["偏向型テンソルストリームのための多方向特徴自動抽出とリアルタイムサイバー攻撃検出への応用"],"pubdate":{"attribute_name":"PubDate","attribute_value":"2026-01-26"},"_buckets":{"deposit":"53f2766a-1202-4d8a-a0c1-0234078b86cf"},"_deposit":{"id":"2006861","pid":{"type":"depid","value":"2006861","revision_id":0},"owners":[80578],"status":"published","created_by":80578},"item_title":"偏向型テンソルストリームのための多方向特徴自動抽出とリアルタイムサイバー攻撃検出への応用","author_link":[],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"偏向型テンソルストリームのための多方向特徴自動抽出とリアルタイムサイバー攻撃検出への応用","subitem_title_language":"ja"},{"subitem_title":"Multi-aspect Mining for Skewed Tensor Streams with Application to Real-time Cyberattack Detection","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"[研究論文（推薦論文）] 複合イベントデータ，データストリーム，テンソル解析，異常検知，サイバーセキュリティ","subitem_subject_scheme":"Other"}]},"item_type_id":"3","publish_date":"2026-01-26","item_3_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"大阪大学産業科学研究所／トヨタ自動車株式会社"},{"subitem_text_value":"大阪大学産業科学研究所"},{"subitem_text_value":"大阪大学産業科学研究所／大阪大学大学院情報科学研究科"},{"subitem_text_value":"大阪大学産業科学研究所"},{"subitem_text_value":"大阪大学産業科学研究所"}]},"item_3_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"SANKEN, Osaka University / Toyota Motor Corporaion","subitem_text_language":"en"},{"subitem_text_value":"SANKEN, Osaka University","subitem_text_language":"en"},{"subitem_text_value":"SANKEN, Osaka University / IST, Osaka University","subitem_text_language":"en"},{"subitem_text_value":"SANKEN, Osaka University","subitem_text_language":"en"},{"subitem_text_value":"SANKEN, Osaka University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/2006861/files/IPSJ-TOD1901003.pdf","label":"IPSJ-TOD1901003.pdf"},"date":[{"dateType":"Available","dateValue":"2028-01-26"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-TOD1901003.pdf","filesize":[{"value":"1.0 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"13"},{"tax":["include_tax"],"price":"0","billingrole":"39"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"6af09ddc-7e8f-44dd-bc9d-b4ff9344b2d1","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2026 by the Information Processing Society of Japan"}]},"item_3_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"中村,航大"}]},{"creatorNames":[{"creatorName":"川畑,光希"}]},{"creatorNames":[{"creatorName":"田中,駿吾"}]},{"creatorNames":[{"creatorName":"松原,靖子"}]},{"creatorNames":[{"creatorName":"櫻井,保志"}]}]},"item_3_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Kota Nakamura","creatorNameLang":"en"}]},{"creatorNames":[{"creatorName":"Koki Kawabata","creatorNameLang":"en"}]},{"creatorNames":[{"creatorName":"Shungo Tanaka","creatorNameLang":"en"}]},{"creatorNames":[{"creatorName":"Yasuko Matsubara","creatorNameLang":"en"}]},{"creatorNames":[{"creatorName":"Yasushi Sakurai","creatorNameLang":"en"}]}]},"item_3_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA11464847","subitem_source_identifier_type":"NCID"}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_6501","resourcetype":"journal article"}]},"item_3_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"1882-7799","subitem_source_identifier_type":"ISSN"}]},"item_3_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"侵入検知システムは，複数の属性情報（たとえば，通信開始時刻，ポート番号，通信持続時間，パケット長）によって構成される大規模イベント集合を継続的に監視する．そのようなデータは，ポート番号などのカテゴリ属性と通信持続時間などの量的属性の両方を含む．さらに，量的属性のデータ分布は歪みを持つ場合が多く，解析が困難となる．本論文では，上述の特性を持つデータを偏向型テンソルストリームとして新たに定式化し，多方向における特徴を自動で抽出するCyberCScopeを提案する．提案手法は，(a)複数の属性情報を横断的に解析し，カテゴリ属性と偏向型の量的属性を明示的に区別しながら潜在的なパターンを抽出する．これにより，(b)多様なサイバー攻撃とそれらの特徴的な振舞いを明らかにすることが可能である．また，(c)計算時間はデータ長と各属性の次元数に依存せず，高速に処理を行う．大規模実データを用いた実験では，CyberCScopeが偏向型テンソルストリームをリアルタイムに処理し，多様なサイバー攻撃を検出するとともに，それらの攻撃の特徴を自動的に発見することを確認した．また，提案手法が，最新の既存手法と比較して高精度であることを明らかにした．","subitem_description_type":"Other"}]},"item_3_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Cybersecurity systems are continuously producing a huge number of time-stamped events in the form of high-order tensors, such as {count; time, port, flow duration, packet size, ...}, and so how can we detect anomalies/intrusions in real time? How can we identify multiple types of intrusions and capture their characteristic behaviors? Tensor data consists of categorical and continuous attributes, and the data distributions of the continuous attributes are typically skewed, making it difficult to analyze. In this paper, we propose a novel streaming method, namely CyberCScope. The method has the following properties: (a) Flexible: it effectively decomposes incoming tensors into major trends while explicitly distinguishing between categorical and skewed continuous attributes; (b) Practical: based on this decomposition, it streamingly finds distinct time-evolving patterns, enabling the detection of multiple types of anomalies; (c) Scalable: its computational time is constant and independent of the input data length and the dimensionality in each attribute. Extensive experiments on large-scale real datasets demonstrate that CyberCScope detects various intrusions with higher accuracy than state-of-the-art baselines while providing meaningful summaries for the intrusions that occur in practice.","subitem_description_type":"Other"}]},"item_3_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"20","bibliographic_titles":[{"bibliographic_title":"情報処理学会論文誌データベース（TOD）"}],"bibliographicPageStart":"11","bibliographicIssueDates":{"bibliographicIssueDate":"2026-01-26","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"1","bibliographicVolumeNumber":"19"}]},"relation_version_is_last":true,"weko_creator_id":"80578"},"updated":"2026-01-26T01:07:58.193533+00:00","created":"2026-01-21T05:56:57.537984+00:00","links":{}}