WEKO3
アイテム
Connection Type Identification and Uplink Speed Estimation of Malware Infected Hosts
https://ipsj.ixsq.nii.ac.jp/records/222837
https://ipsj.ixsq.nii.ac.jp/records/222837f5512f66-7cfc-497b-92b2-38496fd4f1f8
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
IPSJ-JNL6312013.pdf (1.5 MB)
|
Copyright (c) 2022 by the Information Processing Society of Japan
|
|
| オープンアクセス | ||
| Item type | Journal(1) | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 公開日 | 2022-12-15 | |||||||||||
| タイトル | ||||||||||||
| タイトル | Connection Type Identification and Uplink Speed Estimation of Malware Infected Hosts | |||||||||||
| タイトル | ||||||||||||
| 言語 | en | |||||||||||
| タイトル | Connection Type Identification and Uplink Speed Estimation of Malware Infected Hosts | |||||||||||
| 言語 | ||||||||||||
| 言語 | eng | |||||||||||
| キーワード | ||||||||||||
| 主題Scheme | Other | |||||||||||
| 主題 | [特集:持続可能な社会のIT基盤に向けた情報セキュリティとトラスト] IoT malware, connection type identification, uplink speed estimation | |||||||||||
| 資源タイプ | ||||||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_6501 | |||||||||||
| 資源タイプ | journal article | |||||||||||
| 著者所属 | ||||||||||||
| Yokohama National University/Advanced Institute of Industrial Technology | ||||||||||||
| 著者所属 | ||||||||||||
| NTT Data Mathematical Systems Inc. | ||||||||||||
| 著者所属 | ||||||||||||
| Yokohama National University | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| Yokohama National University / Advanced Institute of Industrial Technology | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| NTT Data Mathematical Systems Inc. | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| Yokohama National University | ||||||||||||
| 著者名 |
Xuping, Huang
× Xuping, Huang
× Shunsuke, Mochizuki
× Katsunari, Yoshioka
|
|||||||||||
| 著者名(英) |
Xuping, Huang
× Xuping, Huang
× Shunsuke, Mochizuki
× Katsunari, Yoshioka
|
|||||||||||
| 論文抄録 | ||||||||||||
| 内容記述タイプ | Other | |||||||||||
| 内容記述 | IoT malware Mirai and its variants continue to evolve and their activities consume network resources, particularly radio resources. This paper proposes a method to identify connection types and estimate the wireless uplink speed of malware-infected hosts observed by IoT honeypot by using the Connection Type Database of Maxmind's GeoIP2, a well-known industrial resource for IP address related information, and Network Diagnosis Tool (NDT) database, a measurement data set of the uplink speed of various networks. The proposed Mobile Network Identification method divides IP addresses into IP ranges assigned to each Autonomous System (AS), and then employs the NDT database based on the IP ranges. We analyzed the infected hosts observed by IoT honeypot to assess and validate the precision of the proposed technique. Our method estimates the maximum average uplink speed of the infected cellular host to be 40.6Mbps, which is between two reference measurement results of cellar networks, indicating the adequacy of the proposed method. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.30(2022) (online) DOI http://dx.doi.org/10.2197/ipsjjip.30.859 ------------------------------ |
|||||||||||
| 論文抄録(英) | ||||||||||||
| 内容記述タイプ | Other | |||||||||||
| 内容記述 | IoT malware Mirai and its variants continue to evolve and their activities consume network resources, particularly radio resources. This paper proposes a method to identify connection types and estimate the wireless uplink speed of malware-infected hosts observed by IoT honeypot by using the Connection Type Database of Maxmind's GeoIP2, a well-known industrial resource for IP address related information, and Network Diagnosis Tool (NDT) database, a measurement data set of the uplink speed of various networks. The proposed Mobile Network Identification method divides IP addresses into IP ranges assigned to each Autonomous System (AS), and then employs the NDT database based on the IP ranges. We analyzed the infected hosts observed by IoT honeypot to assess and validate the precision of the proposed technique. Our method estimates the maximum average uplink speed of the infected cellular host to be 40.6Mbps, which is between two reference measurement results of cellar networks, indicating the adequacy of the proposed method. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.30(2022) (online) DOI http://dx.doi.org/10.2197/ipsjjip.30.859 ------------------------------ |
|||||||||||
| 書誌レコードID | ||||||||||||
| 収録物識別子タイプ | NCID | |||||||||||
| 収録物識別子 | AN00116647 | |||||||||||
| 書誌情報 |
情報処理学会論文誌 巻 63, 号 12, 発行日 2022-12-15 |
|||||||||||
| ISSN | ||||||||||||
| 収録物識別子タイプ | ISSN | |||||||||||
| 収録物識別子 | 1882-7764 | |||||||||||
| 公開者 | ||||||||||||
| 言語 | ja | |||||||||||
| 出版者 | 情報処理学会 | |||||||||||
