{"updated":"2025-01-19T18:04:49.614610+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00210349","sets":["581:10433:10436"]},"path":["10436"],"owner":"44499","recid":"210349","title":["アプリケーション識別機能付きファイアウォールのログを対象とした機械学習による自己らしい通信の識別手法"],"pubdate":{"attribute_name":"公開日","attribute_value":"2021-03-15"},"_buckets":{"deposit":"caf323c6-da86-4b9e-bcc1-4adf0058e027"},"_deposit":{"id":"210349","pid":{"type":"depid","value":"210349","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"アプリケーション識別機能付きファイアウォールのログを対象とした機械学習による自己らしい通信の識別手法","author_link":["532327","532329","532332","532326","532330","532333","532331","532328","532325","532324"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"アプリケーション識別機能付きファイアウォールのログを対象とした機械学習による自己らしい通信の識別手法"},{"subitem_title":"Your Own Traffic Discrimination Method by Machine Learning Using Log of Firewall with Application Identification Function","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"[特集：快適な運用管理を支えるインターネットと運用技術] ログ解析，機械学習，識別","subitem_subject_scheme":"Other"}]},"item_type_id":"2","publish_date":"2021-03-15","item_2_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"筑波大学システム情報工学研究科／現在，ソフトバンク株式会社"},{"subitem_text_value":"筑波大学学術情報メディアセンター／筑波大学システム情報系"},{"subitem_text_value":"筑波大学システム情報系"},{"subitem_text_value":"筑波大学学術情報メディアセンター／筑波大学システム情報系"},{"subitem_text_value":"筑波大学システム情報工学研究科／株式会社チノウ"}]},"item_2_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Graduate School of Systems and Information Engineering, University of Tsukuba / Presently with SoftBank Corp.","subitem_text_language":"en"},{"subitem_text_value":"Academic Computing and Communications Center, University of Tsukuba / Faculty of Engineering, Information and Systems, University of Tsukuba","subitem_text_language":"en"},{"subitem_text_value":"Faculty of Engineering, Information and Systems, University of Tsukuba","subitem_text_language":"en"},{"subitem_text_value":"Academic Computing and Communications Center, University of Tsukuba / Faculty of Engineering, Information and Systems, University of Tsukuba","subitem_text_language":"en"},{"subitem_text_value":"Graduate School of Systems and Information Engineering, University of Tsukuba / Chinoh, Inc","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/210349/files/IPSJ-JNL6203006.pdf","label":"IPSJ-JNL6203006.pdf"},"date":[{"dateType":"Available","dateValue":"2023-03-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-JNL6203006.pdf","filesize":[{"value":"2.9 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"8"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"b66e01f2-631c-4341-b026-ed13296107db","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2021 by the Information Processing Society of Japan"}]},"item_2_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"市之瀬, 樹生"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"佐藤, 聡"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"新城, 靖"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"三宮, 秀次"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"星野, 厚"}],"nameIdentifiers":[{}]}]},"item_2_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Tatsuki, Ichinose","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Akira, Sato","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Yasushi, Shinjo","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Shuji, Sannomiya","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Atsushi, Hoshino","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_2_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN00116647","subitem_source_identifier_type":"NCID"}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_6501","resourcetype":"journal article"}]},"item_2_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"1882-7764","subitem_source_identifier_type":"ISSN"}]},"item_2_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"コンピュータやネットワークの脅威の一部では，ふだんと異なる，自己らしくない通信が発生する．ある一連の通信が自己による通信に似ているかを識別する手法は，役立つと考えられる．本研究は，アプリケーション識別機能を有するファイアウォールのログを用いて，識別対象者の通信の振舞いを学習し，ある通信が自己らしい通信であるか否かを識別する手法を提案する．提案手法では，学習フェーズにて，入力をファイアウォールログから生成した通信アプリケーション列とし，出力を識別対象者らしさを表す数値とする識別器を作成する．認識フェーズでは，学習フェーズで作成した識別対象者専用の識別器に対して，識別したい通信のファイアウォールログに学習フェーズと同じ手法を適用して生成した通信アプリケーション列を入力して識別を行う．提案手法に基づいた実験では，AUCの平均値は0.76037となり，識別能力があるという結果となった．また，1カ月の通信ログを対象にした個人ごとの識別器の生成時間は約1時間であった．これらより提案手法が有効であることを示した．","subitem_description_type":"Other"}]},"item_2_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Some of the threats of computers and networks cause unusual traffic unlike your own. We believe that a discrimination method to determine whether a certain series of traffic is similar to your own traffic or not is useful. In this paper, we propose such discrimination method by learning one's behavior of the traffic based on the log of the firewall with application identification function. For the learning phase of the proposed method, we create a classifier that receives a communication application sequence generated from the firewall log and outputs a numerical value that represents how much the sequence is like target user's. In the recognition phase, we discriminate the communication application sequence generated by applying the same method as in the learning phase to the firewall log using the classifier. In the experiments of the proposed method, the average value of AUC was 0.76037, which means that the proposed method is considered to achieve an acceptable discrimination ability. Moreover, it took about one hour to generate the classifier by using firewall logs for one month for each individual who is targeted. These results show that the proposed method is effective.","subitem_description_type":"Other"}]},"item_2_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"847","bibliographic_titles":[{"bibliographic_title":"情報処理学会論文誌"}],"bibliographicPageStart":"838","bibliographicIssueDates":{"bibliographicIssueDate":"2021-03-15","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"3","bibliographicVolumeNumber":"62"}]},"relation_version_is_last":true,"item_2_identifier_registration":{"attribute_name":"ID登録","attribute_value_mlt":[{"subitem_identifier_reg_text":"10.20729/00210247","subitem_identifier_reg_type":"JaLC"}]},"weko_creator_id":"44499"},"created":"2025-01-19T01:11:34.682308+00:00","id":210349,"links":{}}