{"created":"2025-01-19T01:18:19.284927+00:00","updated":"2025-01-19T15:20:32.117794+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00217895","sets":["1164:4088:10830:10908"]},"path":["10908"],"owner":"44499","recid":"217895","title":["機械学習を用いたセキュリティ対策セットのレコメンド技術"],"pubdate":{"attribute_name":"公開日","attribute_value":"2022-05-12"},"_buckets":{"deposit":"316a1d48-e390-4879-a6b4-4a46bcbba6cc"},"_deposit":{"id":"217895","pid":{"type":"depid","value":"217895","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"機械学習を用いたセキュリティ対策セットのレコメンド技術","author_link":["565417","565419","565415","565416","565418","565421","565420","565422"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"機械学習を用いたセキュリティ対策セットのレコメンド技術"},{"subitem_title":"Recommendation technology for cyber security measures sets utilizing machine learning","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"IOT/CSEC","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2022-05-12","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"(株)東芝研究開発センター"},{"subitem_text_value":"(株)東芝研究開発センター"},{"subitem_text_value":"(株)東芝研究開発センター"},{"subitem_text_value":"(株)東芝研究開発センター"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Corporate Research & Development Center, Toshiba Corporation","subitem_text_language":"en"},{"subitem_text_value":"Corporate Research & Development Center, Toshiba Corporation","subitem_text_language":"en"},{"subitem_text_value":"Corporate Research & Development Center, Toshiba Corporation","subitem_text_language":"en"},{"subitem_text_value":"Corporate Research & Development Center, Toshiba Corporation","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/217895/files/IPSJ-IOT22057013.pdf","label":"IPSJ-IOT22057013.pdf"},"date":[{"dateType":"Available","dateValue":"2024-05-12"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-IOT22057013.pdf","filesize":[{"value":"809.7 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"43"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"0f34d7ca-7261-4c6a-9996-d7ff450e541e","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2022 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"申, 河英"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"金井, 遵"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"上原, 龍也"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"小池, 竜一"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Hayeong, Shin","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Jun, Kanai","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Tatsuya, Uehara","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Ryuiti, Koike","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12326962","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8787","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"近年のインフラシステムはサービス化により，インターネットに接続されていなかった従来のシステムに比べ，サイバー脅威にさらされる危険性が増加している．それにより，インフラシステムに対するセキュリティ対策が重要な課題となっている．一方，一般的にシステムに対する脅威は一つではなく，情報セキュリティの側面からも一つの脅威に対しても多層防御が求められる．しかしながら，複数のセキュリティ対策を効率的に導入するセキュリティ設計は，専門家の知見が必要不可欠な属人性が高いプロセスである．そのため，人的コストの上昇や開発期間の長期化の原因となっている．そこで，セキュリティ設計プロセスでの属人性を排除し，セキュリティ専門家でなくてもセキュリティ設計を可能にすることで，加速化されているインフラシステムのサービス化，開発過程での人的コストの軽減や開発期間の短縮が期待できる．本稿では，セキュリティ設計において人的コストの軽減や開発期間の短縮を実現するためのセキュリティ設計の自動化を目的とするセキュリティ対策レコメンド技術を提案する．レコメンド技術はシステム環境に適するセキュリティ対策の組み合わせを自動的にレコメンドすることで，セキュリティに関する深い知識がなくてもセキュリティ設計を可能とする．また，高精度のレコメンドを行うため，過去のセキュリティ設計データを学習した機械学習モデルを用いて，脅威に対して対策が採択される確率を予測する．予測したデータとユーザの要求度に基づいてセキュリティ対策組み合わせを評価する方法を提案し，提案手法を用いたレコメンド結果について精度評価を行う．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"In recent years, infrastructure systems have increased the risk of cyber threats compared to traditional systems that have been closed due to the use of services, so security measures against infrastructure systems have become an important issue. On the other hand, there are multiple threats in the system, and multiple layers of defense are required for each threat. However, security design, which efficiently introduces multiple security measures, is a highly personalized process that requires expert knowledge, so it is responsible for rising human costs and prolonged development periods. Therefore, by eliminating the personal knowledge of the security design process and enabling security design without a security expert, it is expected that accelerated infrastructure systems will be serviced, human costs will be reduced in the development process, and development time will be shortened. This paper proposes a security recommendation method that automatically recommends a combination of security measures suitable for the system environment to reduce human cost and reduce development time in security design. In order to make high-precision recommendations, the probability of adopting countermeasures against threats is predicted using machine learning models that have learned past security design data, and the accuracy is evaluated.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"7","bibliographic_titles":[{"bibliographic_title":"研究報告インターネットと運用技術（IOT）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2022-05-12","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"13","bibliographicVolumeNumber":"2022-IOT-57"}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"id":217895,"links":{}}