{"updated":"2025-01-19T16:50:59.618189+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00214245","sets":["1164:3865:10488:10731"]},"path":["10731"],"owner":"44499","recid":"214245","title":["IoTマルウェアの画像分類手法への難読化による攻撃の試み"],"pubdate":{"attribute_name":"公開日","attribute_value":"2021-11-30"},"_buckets":{"deposit":"017fbbe8-8b86-4166-94b7-8de0590de79d"},"_deposit":{"id":"214245","pid":{"type":"depid","value":"214245","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"IoTマルウェアの画像分類手法への難読化による攻撃の試み","author_link":["549229","549226","549232","549227","549225","549228","549230","549231"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"IoTマルウェアの画像分類手法への難読化による攻撃の試み"},{"subitem_title":"An Attack using Obfuscator to IoT Malware Image Classification","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"WiPショットガンセッション","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2021-11-30","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"公立はこだて未来大学"},{"subitem_text_value":"公立はこだて未来大学"},{"subitem_text_value":"公立はこだて未来大学"},{"subitem_text_value":"京都橘大学"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Future University Hakodate","subitem_text_language":"en"},{"subitem_text_value":"Future University Hakodate","subitem_text_language":"en"},{"subitem_text_value":"Future University Hakodate","subitem_text_language":"en"},{"subitem_text_value":"Kyoto Tachibana University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/214245/files/IPSJ-MBL21101022.pdf","label":"IPSJ-MBL21101022.pdf"},"date":[{"dateType":"Available","dateValue":"2023-11-30"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-MBL21101022.pdf","filesize":[{"value":"1.7 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"35"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"d2681752-eeaf-4310-8f8c-72f1435aa4c5","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2021 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"佐藤, 隼斗"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"稲村, 浩"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"石田, 繁巳"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"中村, 嘉隆"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Hayato, Sato","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Hiroshi, Inamura","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Shigemi, Ishida","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Yoshitaka, Nakamura","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA11851388","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8817","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"公開されたソースコードを使用した亜種生成により IoT マルウェアが急増している．これに伴い，増加したマルウェアを正しく把握するために，高速・正確に分類可能なマルウェアの画像化による分類手法が注目されている．画像化による分類手法はマルウェアのバイナリ変更の影響を受けるため，プログラムの動作が変わらないバイナリ変更は画像化による分類手法への攻撃手法と考えることができる．本稿では，難読化処理による攻撃の有効性と対処の可能性を示す．難読化なしの収集したマルウェアを用いて学習した画像分類器を作成し，攻撃手法として難読化を施したマルウェアを分類させたところ，攻撃対象のマルウェアファミリである Mirai，Lightaidra，Bashlite が全て誤分類された．この手法に対処するため難読化を施したサンプルを用いたマルウェアの画像分類器を作成し，約 60% 以上で分類可能であることを確認した．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"The threat of IoT malware is rapidly increasing due to the generation of variants using the malware source codes publicly available. Consequently, image-based malware classification, which utilizes an image reconstructed from malware binary to classify malware, has been attracting a lot of interest. The image-based classification enables us to quickly and accurately analyze the rapid increase of IoT malware. Since the image-based classification is affected by the binary change of malware, we consider the binary changes without the change of operation of the program as an attack on the image-based classification. In this paper, we show the effectiveness of the attack by obfuscations and the possibility of countermeasures. As an attack attempt, the obfuscated malware families mirai, light aidra and bashlite were all misclassified by an image classifier that was learned using the collected malware without obfuscations. In order to cope with this attack method, we created an image classifier for malware using obfuscated samples and confirmed that it can be classified by at least about 60%.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"6","bibliographic_titles":[{"bibliographic_title":"研究報告モバイルコンピューティングと新社会システム（MBL）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2021-11-30","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"22","bibliographicVolumeNumber":"2021-MBL-101"}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"created":"2025-01-19T01:15:04.262458+00:00","id":214245,"links":{}}