{"id":201390,"updated":"2025-01-19T21:03:34.674352+00:00","links":{},"created":"2025-01-19T01:04:39.668378+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00201390","sets":["6164:6165:6462:10022"]},"path":["10022"],"owner":"44499","recid":"201390","title":["乱数性を用いたTLS通信の識別"],"pubdate":{"attribute_name":"公開日","attribute_value":"2019-10-14"},"_buckets":{"deposit":"a305da9b-9c96-4c6f-be3b-beb3f28a794c"},"_deposit":{"id":"201390","pid":{"type":"depid","value":"201390","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"乱数性を用いたTLS通信の識別","author_link":["492292","492294","492291","492293"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"乱数性を用いたTLS通信の識別"},{"subitem_title":"Identifying TLS Communication Using Randomness","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"ネットワークセキュリティ，SSL/TLS，乱数検定，機械学習","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2019-10-14","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"情報セキュリティ大学院大学／NTT コミュニケーションズ株式会社"},{"subitem_text_value":"情報セキュリティ大学院大学"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Institute of Information Security / NTT Communications Corporation","subitem_text_language":"en"},{"subitem_text_value":"Institute of Information Security","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/201390/files/IPSJCSS2019097.pdf","label":"IPSJCSS2019097.pdf"},"date":[{"dateType":"Available","dateValue":"2021-10-14"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJCSS2019097.pdf","filesize":[{"value":"731.6 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"cefda3c1-b3c1-46d8-b96c-d82ba545f217","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2019 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"神田, 敦"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"橋本, 正樹"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Atsushi, Kanda","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Masaki, Hashimoto","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_18_relation_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_relation_type_id":{"subitem_relation_type_select":"NCID","subitem_relation_type_id_text":"ISSN　1882-0840"}}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"現在，HTTPS をはじめとしてインターネット通信の暗号化が急速に普及してきている．しかし，暗号化通信技術の普及によりユーザ通信のセキュリティが向上する反面，通信から得られる情報が減ることによって正常な通信と攻撃者の通信の判別がつかなくなる懸念がある．SSL/TLS  に関しては既存技術としてヘッダやハンドシェイクパラメータなど，表層的な情報を元にサーバ/クライアントを推定する TLS フィンガープリンティングがあるが，パラメータのランダム化やハンドシェイクの改変などにより検知回避をする攻撃が既に観測されている．本研究は偽装耐性のある通信識別技術の確立を目的として，暗号化通信の乱数性に着目し，乱数の持つ統計的特徴を用いて暗号化アルゴリズムや暗号ライブラリを推定する手法を提案する．HTTPS を対象として実施した実験では，TLS 通信の暗号化されたアプリケーションデータのみから鍵長を考慮しない暗号化アルゴリズム推定で 89.6% の精度を実現した．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"The use of encryption in the Internet communication is rapidly spreading. While this trend will improve user's security, it'll make us difficult to distinguish between benign and malicious communication due to lack of information obtained from the communication itself. TLS Fingerprinting is one of the solutions. It uses surface information, like headers and handshake parameters, to identify Server/Client. However, attacks that try to evade such detections by randomizing parameters or modifying handshakes have already been observed. Our goal is to identify encrypted communication in a more robust manner against these kinds of evasions.We focused on the randomness of encrypted communication, and we propose a method that identifies encryption algorithm and/or encryption library by using statistical features of random number. Our experiment shows that by using only the encrypted application data from TLS communication, we can identify encryption algorithm (without considering the key length) with accuracy of 89.6%.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"690","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2019論文集"}],"bibliographicPageStart":"683","bibliographicIssueDates":{"bibliographicIssueDate":"2019-10-14","bibliographicIssueDateType":"Issued"},"bibliographicVolumeNumber":"2019"}]},"relation_version_is_last":true,"weko_creator_id":"44499"}}