{"links":{},"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00228622","sets":["6164:6165:6462:11379"]},"path":["11379"],"owner":"44499","recid":"228622","title":["標的型マルウェアの鮮度と攻撃観測成功率の関連性調査手法"],"pubdate":{"attribute_name":"公開日","attribute_value":"2023-10-23"},"_buckets":{"deposit":"456004c7-11ad-4e29-9606-7966fb5e5f1c"},"_deposit":{"id":"228622","pid":{"type":"depid","value":"228622","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"標的型マルウェアの鮮度と攻撃観測成功率の関連性調査手法","author_link":["612825","612824","612822","612823","612820","612819","612826","612821"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"標的型マルウェアの鮮度と攻撃観測成功率の関連性調査手法"},{"subitem_title":"An Investigation Method for Revealing Relation between Targeted-Attack Malware Freshness and Attack Observation Success Rate","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"生体認証 距離学習 カリキュラム学習 顔認証 公平性","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2023-10-23","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"立命館大学"},{"subitem_text_value":"Turnt Up Technologies株式会社／立命館大学"},{"subitem_text_value":"立命館大学"},{"subitem_text_value":"立命館大学"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Ritsumeikan University","subitem_text_language":"en"},{"subitem_text_value":"Turnt Up Technologies, Inc. / Ritsumeikan University","subitem_text_language":"en"},{"subitem_text_value":"Ritsumeikan University","subitem_text_language":"en"},{"subitem_text_value":"Ritsumeikan University","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/228622/files/IPSJ-CSS2023009.pdf","label":"IPSJ-CSS2023009.pdf"},"date":[{"dateType":"Available","dateValue":"2025-10-23"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-CSS2023009.pdf","filesize":[{"value":"490.1 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"b74070fa-5e1c-4673-be8d-788b22fc6f77","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2023 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"河原, 晃平"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"津田, 侑"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"金城, 聖"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"毛利, 公一"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Kohei, Kawahara","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Yu, Tsuda","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Akira, Kanashiro","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Koichi, Mouri","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"標的型攻撃の実態を把握するためには，攻撃者が使用する標的型マルウェアの機能を明らかにするだけでなく，攻撃者がC&C サーバを介して標的組織に侵入し行う活動を観測・分析することが重要となる．実態を把握する上で，標的型マルウェアを入手する必要があるが，一般的に，攻撃者が利用したマルウェアを標的組織から直接入手することは困難であるため，解析者はVirusTotal に代表されるマルウェア検査サービスに投稿されたマルウェアを入手・解析することになる．特に，攻撃に使用されるC&C サーバの活\n動時間が極端に短い場合が多いことから，解析者はマルウェア検査サービスに投稿されたマルウェアのなかでも，投稿されて間もないマルウェアの解析を試みる．しかし，投稿されて間もないマルウェアを用いた解析がもたらす攻撃者の活動やその観測結果への影響については議論が乏しい．そこで，マルウェア検査サービスへマルウェアが投稿されてからの経過時間によって鮮度を定義し，鮮度が攻撃者の挙動観測に与える影響を調査する．本論文では，鮮度と攻撃観測成功確率の関連性を調査するための方法を提案する．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"In order to understand the real situation of targeted attacks, it is important to analyze the activities of RAT operators via C&C servers, not only to clarify the functions of targeted-attack malware. It is necessary to obtain targeted-attack malware for grasp the actual situation. In general, however, it is difficult to obtain malware used by attackers directly from the target organizations, so analysts obtain malware from malware scanning services such as VirusTotal. In particular, since the lifetime of the C&C servers used in attacks is often extremely short, analysts attempt to analyze malware that has been submitted to malware inspection services for a short period of time after it is submitted. However, there is little discussion aboutthe impact of the analysis using that malware on the observation results. Therefore, we use freshness that\nis defined by the time elapsed since the malware was submitted to a malware inspection service. Then We investigate the impact of freshness on the observation of attacker behavior. In this paer, we propose an investigation method for revealing relationship between freshness and attack observation success rate. ","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"62","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2023論文集"}],"bibliographicPageStart":"57","bibliographicIssueDates":{"bibliographicIssueDate":"2023-10-23","bibliographicIssueDateType":"Issued"}}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"created":"2025-01-19T01:27:45.838211+00:00","updated":"2025-01-19T11:47:20.606899+00:00","id":228622}