{"updated":"2025-01-19T19:15:52.956685+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00206900","sets":["581:10023:10032"]},"path":["10032"],"owner":"44499","recid":"206900","title":["KVM上のゲストOSにおける権限の変更に着目した権限昇格攻撃防止手法"],"pubdate":{"attribute_name":"公開日","attribute_value":"2020-09-15"},"_buckets":{"deposit":"bfc4a2c1-472f-4aa2-95a0-d6b4e2b7eab0"},"_deposit":{"id":"206900","pid":{"type":"depid","value":"206900","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"KVM上のゲストOSにおける権限の変更に着目した権限昇格攻撃防止手法","author_link":["515302","515300","515301","515299"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"KVM上のゲストOSにおける権限の変更に着目した権限昇格攻撃防止手法"},{"subitem_title":"Privilege Escalation Attack Prevention Method Focusing on Privilege Changes in Guest OS on KVM","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"[特集：実社会を支える暗号・セキュリティ・プライバシ技術（推薦論文, 特選論文）] 権限昇格攻撃，仮想化，仮想マシンモニタ，KVM，セキュリティ","subitem_subject_scheme":"Other"}]},"item_type_id":"2","publish_date":"2020-09-15","item_2_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"岡山大学大学院自然科学研究科"},{"subitem_text_value":"岡山大学大学院自然科学研究科"}]},"item_2_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Graduate School of Natural Science and Technology, Okayama University","subitem_text_language":"en"},{"subitem_text_value":"Graduate School of Natural Science and Technology, Okayama University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/206900/files/IPSJ-JNL6109020.pdf","label":"IPSJ-JNL6109020.pdf"},"date":[{"dateType":"Available","dateValue":"2022-09-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-JNL6109020.pdf","filesize":[{"value":"546.3 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"8"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"fd6e7f0d-26c6-43cd-9c36-4cd78afc572a","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2020 by the Information Processing Society of Japan"}]},"item_2_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"福本, 淳文"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"山内, 利宏"}],"nameIdentifiers":[{}]}]},"item_2_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Akifumi, Fukumoto","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Toshihiro, Yamauchi","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_2_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN00116647","subitem_source_identifier_type":"NCID"}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_6501","resourcetype":"journal article"}]},"item_2_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"1882-7764","subitem_source_identifier_type":"ISSN"}]},"item_2_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"権限昇格攻撃はシステムの改ざんや情報漏えいにつながる可能性がある．これに対処するために，我々はシステムコールによる権限の変更に着目した権限昇格攻撃防止手法（以降，先行研究の手法）を提案した．しかし，先行研究の手法はOS内で実現されており，導入するために，カーネルソースコードを変更する必要がある．また，先行研究の手法では，変更の検証のために保存したカーネル空間内の権限情報を，攻撃者に改ざんされる可能性がある．本論文では，これらの課題に対処するために，仮想マシンモニタであるKVMを用いて権限昇格攻撃を防止する手法を提案する．提案手法は，ゲストOS上のシステムコール発行をフックし，システムコール処理による権限の変更を検証する．提案手法の実現により，手法の導入にともなうカーネルソースコードの変更が不要となる．また，権限情報をホストOSのメモリ領域に保存することで，権限情報の改ざんが困難となる．本論文では，先行研究の手法の課題を示し，提案手法や評価の結果について述べる．","subitem_description_type":"Other"}]},"item_2_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Privilege escalation attacks can lead to system tampering and information leakage. To address such attacks, we previously proposed a privilege escalation attack prevention method that focus on the modification of privileges by system calls. However, the said method needs to be implemented in the operating system (OS), and its application thus requires alteration of the kernel source code. Additionally, privilege data stored in the kernel space may be forged by attackers. To address these issues, we propose a new method in this paper for preventing privilege escalation attacks by employing KVM, (a virtual machine monitor). The new method hooks the system call invoked in the guest OS and verifies the modification of privileges through system call processing. Application of the new method does not require alteration of the kernel source code. Furthermore, forging of privilege data is deterred by storing privilege data in the memory of the host OS. In this paper, drawbacks of the previously proposed method are discussed, and the new proposed method and its evaluation results are described.","subitem_description_type":"Other"}]},"item_2_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"1518","bibliographic_titles":[{"bibliographic_title":"情報処理学会論文誌"}],"bibliographicPageStart":"1507","bibliographicIssueDates":{"bibliographicIssueDate":"2020-09-15","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"9","bibliographicVolumeNumber":"61"}]},"relation_version_is_last":true,"item_2_identifier_registration":{"attribute_name":"ID登録","attribute_value_mlt":[{"subitem_identifier_reg_text":"10.20729/00206800","subitem_identifier_reg_type":"JaLC"}]},"weko_creator_id":"44499"},"created":"2025-01-19T01:08:48.376435+00:00","id":206900,"links":{}}