{"created":"2025-01-19T01:04:45.273480+00:00","updated":"2025-01-19T21:00:32.528364+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00201491","sets":["6164:6165:6462:10022"]},"path":["10022"],"owner":"44499","recid":"201491","title":["クラウドサービス悪用攻撃の大規模実態調査"],"pubdate":{"attribute_name":"公開日","attribute_value":"2019-10-14"},"_buckets":{"deposit":"3c5cb770-692a-4262-927c-682970df1024"},"_deposit":{"id":"201491","pid":{"type":"depid","value":"201491","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"クラウドサービス悪用攻撃の大規模実態調査","author_link":["492992","492989","492995","492993","492990","492994","492996","492991"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"クラウドサービス悪用攻撃の大規模実態調査"},{"subitem_title":"A Large-Scale Analysis of Cloud Service Abuse Attack","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"クラウドサービス,悪性IPアドレス,ブラックリスト","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2019-10-14","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"早稲田大学"},{"subitem_text_value":"NTTセキュアプラットフォーム研究所"},{"subitem_text_value":"NTTセキュアプラットフォーム研究所"},{"subitem_text_value":"早稲田大学"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Waseda University","subitem_text_language":"en"},{"subitem_text_value":"NTT Secure Platform Laboratories","subitem_text_language":"en"},{"subitem_text_value":"NTT Secure Platform Laboratories","subitem_text_language":"en"},{"subitem_text_value":"Waseda University","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/201491/files/IPSJCSS2019198.pdf","label":"IPSJCSS2019198.pdf"},"date":[{"dateType":"Available","dateValue":"2021-10-14"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJCSS2019198.pdf","filesize":[{"value":"427.5 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"0f6fdd34-1187-4257-853e-42b8f818e39e","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2019 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"福士, 直翼"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"千葉, 大紀"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"秋山, 満昭"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"内田, 真人"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Naoki, Fukushi","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Daiki, Chiba","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Mitsuaki, Akiyama","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Masato, Uchida","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_18_relation_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_relation_type_id":{"subitem_relation_type_select":"NCID","subitem_relation_type_id_text":"ISSN 1882-0840"}}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"クラウドサービスはサイバー攻撃のためのインフラとして悪用される場合がある.クラウドサービス上に配置されたサーバにはクラウド事業者の所有するIPアドレスが割り当てられ,利用停止とともにそのIPアドレスが解放され別のサーバに割り当てられる.そのためクラウドサービスを悪用するサイバー攻撃が行われた場合,クラウド事業者には所有するIPアドレスがブラックリストに掲載されてレピュテーションが低下するリスク,ユーザには過去に悪用されてブラックリストに掲載されたIPアドレスが自身に割り当てられるリスクが生じる.本研究ではクラウドサービスを悪用する攻撃の観測にはブラックリストの活用が有効であることに着眼した大規模調査を行う.45種類のブラックリストを利用して代表的な2つのクラウドサービスを対象にした調査を43日間行った結果,一日あたり約1万件のクラウド事業者のIPアドレスがブラックリストに掲載されることが明らかとなった.またクラウドサービス悪用攻撃の種別や利用されるIPアドレスのリージョンの傾向,クラウドサービス悪用攻撃へのクラウド事業者の対処に関する,これまでに知られていなかった実態も明らかとなった.","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Cloud services are abused as infrastructure for cyber-attacks. In a cloud service, an assigned IP address for a server is owned by the cloud service provider. When the server is shut down, the assigned IP address is released and then assigned to another server in the same cloud service. Thus, cyber-attacks abusing cloud services pose risks of degrading its reputation for the services and being falsely blacklisted for end-users. In this paper, we conduct a large-scale measurement study of cloud service abuse attacks using blacklisted IP addresses. Our analysis regarding two cloud services for 43 days using 45 types of blacklists revealed that about 10k IP addresses continue to be blacklisted daily. Moreover, our study showed some attack trends using cloud services such as attack types, regions, and anti-abuse actions.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"1413","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2019論文集"}],"bibliographicPageStart":"1406","bibliographicIssueDates":{"bibliographicIssueDate":"2019-10-14","bibliographicIssueDateType":"Issued"},"bibliographicVolumeNumber":"2019"}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"id":201491,"links":{}}