{"updated":"2025-01-22T21:25:02.458078+00:00","links":{},"id":21259,"created":"2025-01-18T22:53:15.236681+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00021259","sets":["1164:1384:1400:1403"]},"path":["1403"],"owner":"1","recid":"21259","title":["インストラクションの発行パターンに着目したソフトウェア監視に向けた一検討"],"pubdate":{"attribute_name":"公開日","attribute_value":"2005-05-31"},"_buckets":{"deposit":"983fe23e-2a51-44a9-8aec-dd1b3b117e29"},"_deposit":{"id":"21259","pid":{"type":"depid","value":"21259","revision_id":0},"owners":[1],"status":"published","created_by":1},"item_title":"インストラクションの発行パターンに着目したソフトウェア監視に向けた一検討","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"インストラクションの発行パターンに着目したソフトウェア監視に向けた一検討"},{"subitem_title":"A Study of Instrusion Detection Method Focusing on Issuing Pattern of Instructions","subitem_title_language":"en"}]},"item_type_id":"4","publish_date":"2005-05-31","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"NTTドコモマルチメディア研究所"},{"subitem_text_value":"NTTドコモマルチメディア研究所"},{"subitem_text_value":"NTTドコモマルチメディア研究所"},{}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Multimedia Labs, NTT DoCoMo, Inc.","subitem_text_language":"en"},{"subitem_text_value":"Multimedia Labs, NTT DoCoMo, Inc.","subitem_text_language":"en"},{"subitem_text_value":"Multimedia Labs, NTT DoCoMo, Inc.","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/21259/files/IPSJ-SE05148004.pdf"},"date":[{"dateType":"Available","dateValue":"2007-05-31"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-SE05148004.pdf","filesize":[{"value":"305.7 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"12"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"63aed63b-73d7-4def-81b0-510ca050ce2a","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2005 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"金野, 晃"},{"creatorName":"中山, 雄大"},{"creatorName":"竹下, 敦"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Akira, Kinno,","creatorNameLang":"en"},{"creatorName":"Takehiro, Nakayama","creatorNameLang":"en"},{"creatorName":"Atsushi, Takeshita","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN10112981","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"ソフトウェア動作の異常を監視する技術において，攻撃見逃し率（異常動作を正常動作と判断する確率），および誤検出率（正常動作を異常動作と判断する確率）の低い監視手法について検討する．提案手法は，ソフトウェア動作の最小単位であるインストラクションを監視のレベルとし，ソフトウェアの過去の動作の学習によってソフトウェアの正常な動作をモデル化する．提案手法の有効性確認のために，脆弱性の存在が明らかにされているソフトウェアの挙動データを取得し，攻撃検知と未学習動作の正常異常判断の予備実験を行った．予備実験の結果，提案手法が未学習に伴う誤検出率を低減し，既存技術では検知できない偽装攻撃を検知できることを確認した．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"This paper proposes a new software intrusion detection method, which achieves low false negative and positive rates. Our method monitors issuing pattern of instructions, which is the smallest unit of software behavior, and makes probability models of software behavior by learning. To confirm the validity of our method, we conducted some pilot studies. For the studies, we got behavior data of software, which are published their vulnerabilities and attack codes. The results of the studies show our method reduces false positives caused by un-learned behaviors, and it has abilities to detect the mimicry attacks, while existing methods cannot detect them.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"29","bibliographic_titles":[{"bibliographic_title":"情報処理学会研究報告ソフトウェア工学（SE） "}],"bibliographicPageStart":"23","bibliographicIssueDates":{"bibliographicIssueDate":"2005-05-31","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"55(2005-SE-148)","bibliographicVolumeNumber":"2005"}]},"relation_version_is_last":true,"weko_creator_id":"1"}}