{"links":{},"id":2009655,"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:02009655","sets":["1164:4088:1771221559804:1777431367596"]},"path":["1777431367596"],"owner":"80578","recid":"2009655","title":["ゼロトラスト指向ユーザ行動監視（UEBA）に基づく企業内部不正検知システムの提案"],"pubdate":{"attribute_name":"PubDate","attribute_value":"2026-05-21"},"_buckets":{"deposit":"a27d8df6-e82e-4926-bda6-079ac3fa353e"},"_deposit":{"id":"2009655","pid":{"type":"depid","value":"2009655","revision_id":0},"owners":[80578],"status":"published","created_by":80578},"item_title":"ゼロトラスト指向ユーザ行動監視（UEBA）に基づく企業内部不正検知システムの提案","author_link":[],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"ゼロトラスト指向ユーザ行動監視（UEBA）に基づく企業内部不正検知システムの提案","subitem_title_language":"ja"},{"subitem_title":"A Proposal for an Enterprise Insider Threat Detection System Based on Zero-Trust-Oriented User Behavior Monitoring (UEBA)","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"CSEC","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2026-05-21","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"信州大学大学院総合理工学研究科"},{"subitem_text_value":"信州大学大学院総合理工学研究科"},{"subitem_text_value":"国立情報学研究所トラスト・デジタルID基盤研究開発センター"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Interdisciplinary Graduate School of Science and Engineering, Shinshu University","subitem_text_language":"en"},{"subitem_text_value":"Interdisciplinary Graduate School of Science and Engineering, Shinshu University","subitem_text_language":"en"},{"subitem_text_value":"Center for Trust & Digital Identity Infrastructure R&D, National Institute of Informatics","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/2009655/files/IPSJ-IOT26073010.pdf","label":"IPSJ-IOT26073010.pdf"},"date":[{"dateType":"Available","dateValue":"2028-05-21"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-IOT26073010.pdf","filesize":[{"value":"2.1 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"43"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"c9443952-622b-4f50-b106-437240f95641","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2026 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"西村,卓真"}]},{"creatorNames":[{"creatorName":"岡崎,裕之"}]},{"creatorNames":[{"creatorName":"鈴木,彦文"}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12326962","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8787","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"本研究では，組織内における内部不正の兆候を操作ログから早期に検知することを目的として，CERT Insider Threat Datasetを対象に，ユーザ行動分析に基づく異常検知手法を検討する．近年，内部不正対策の重要性が高まる中，先行研究では検知モデルの提案に加え，実環境への導入に関する課題や運用方法についても議論されている．そこで本研究では，不正行為を複数のシナリオに分類し，各シナリオの文脈に応じた特徴量を選定した上で，不審ユーザの識別を行う．具体的には，ログオン履歴，HTTP通信，デバイス利用履歴などの操作ログから，時間帯異常，外部送信傾向，媒体利用頻度，閲覧行動の偏り等を表す特徴量を抽出し，XGBoostを用いて検知を行う．また，本研究では分類性能のみならず，誤検知が管理者の調査負担に与える影響や，不審ユーザを優先的に抽出できるかといった実運用の観点からも評価を行う．これにより，広範な不正兆候を文脈込みで検知するとともに，実環境への適用を見据えたUEBAシステムの有効性と設計指針を明らかにする．","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"8","bibliographic_titles":[{"bibliographic_title":"研究報告インターネットと運用技術（IOT）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2026-05-21","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"10","bibliographicVolumeNumber":"2026-IOT-73"}]},"relation_version_is_last":true,"weko_creator_id":"80578"},"created":"2026-05-14T07:16:45.348877+00:00","updated":"2026-05-14T07:16:51.088592+00:00"}