{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00233782","sets":["1164:6389:11481:11634"]},"path":["11634"],"owner":"44499","recid":"233782","title":["IoTマルウェアが他の侵入者の活動を妨害する機能の調査"],"pubdate":{"attribute_name":"公開日","attribute_value":"2024-03-14"},"_buckets":{"deposit":"9cdda5a1-b195-407a-85ca-a6e7f2d8e092"},"_deposit":{"id":"233782","pid":{"type":"depid","value":"233782","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"IoTマルウェアが他の侵入者の活動を妨害する機能の調査","author_link":["635712","635716","635715","635709","635710","635711","635713","635714","635708","635707"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"IoTマルウェアが他の侵入者の活動を妨害する機能の調査"},{"subitem_title":"Investigating the Functionalities of IoT Malware to Disrupt the Activities of Other Intruders","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"ICSS(2)","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2024-03-14","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"横浜国立大学"},{"subitem_text_value":"横浜国立大学"},{"subitem_text_value":"横浜国立大学先端科学高等研究院"},{"subitem_text_value":"横浜国立大学先端科学高等研究院／横浜国立大学大学院環境情報研究院"},{"subitem_text_value":"横浜国立大学先端科学高等研究院／横浜国立大学大学院環境情報研究院"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Yokohama National University","subitem_text_language":"en"},{"subitem_text_value":"Yokohama National University","subitem_text_language":"en"},{"subitem_text_value":"Institute of Advanced Sciences, Yokohama National University","subitem_text_language":"en"},{"subitem_text_value":"Institute of Advanced Sciences, Yokohama National University / Graduate School of Environment and Information Sciences, Yokohama National University","subitem_text_language":"en"},{"subitem_text_value":"Institute of Advanced Sciences, Yokohama National University / Graduate School of Environment and Information Sciences, Yokohama National University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/233782/files/IPSJ-SPT24054011.pdf","label":"IPSJ-SPT24054011.pdf"},"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-SPT24054011.pdf","filesize":[{"value":"1.1 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_login","version_id":"54053891-5f12-4cbc-ad31-e5aef4b200a0","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2024 by the Institute of Electronics, Information and Communication Engineers This SIG report is only available to those in membership of the SIG."}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"池田, 駿"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"安井, 浩基"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"田辺, 瑠偉"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"吉岡, 克成"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"松本, 勉"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Shun, Ikeda","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Hiroki, Yasui","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Rui, Tanabe","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Katsunari, Yoshioka","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Tsutomu, Matsumoto","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12628305","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8671","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"IoT マルウェア同士で感染機器を奪い合う実態，いわば，IoT マルウェアの生存競争について先行研究で報告されているが，そこで使用される他の侵入者の活動を妨害する機能については詳しく調査されていない．本稿では，3 つの妨害機能（Telnet サービスの停止，wget コマンドの停止，iptables の変更）を検出する動的解析システムを構築し，2019 年から 2023 年にかけてハニーポットで採取された IoT マルウェア検体を解析することで，妨害機能の実態を調査した．Telnet サービスを停止する機能をもつ検体が全期間に存在する一方でその割合は減少傾向にあること，2023 年に初めて報告された wget コマンドを停止する機能をもつ検体が既に 2020 年に存在していたこと，Hajime 以外に確認されていなかった iptables を変更する機能をもつ IoT マルウェアの存在が確認された．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Previous studies have reported on the competition among IoT malware for infected devices, i.e., IoT malware’s battle for survival, but various techniques used in the competition have not been studied in depth. In this paper, we constructed a new malware dynamic analysis system to investigate whether IoT malware possesses 3 specific functionalities for competition among IoT malware, such as stopping Telnet service , killing downloading command(wget) process and modifying firewall settings(iptables) and investigated malware samples captured on honeypot between 2019 and 2023. we confirm that the functionality to stop Telnet service has existed for the entire period but been deployed for the entire investigation period, that the functionality to stop malware download command(wget), first reported in 2023, has been deployed since 2020, and that the funtionality to rewrite firewall settings(iptables) has existed for the entire period.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"6","bibliographic_titles":[{"bibliographic_title":"研究報告セキュリティ心理学とトラスト（SPT）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2024-03-14","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"11","bibliographicVolumeNumber":"2024-SPT-54"}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"id":233782,"updated":"2025-01-19T09:59:16.381542+00:00","links":{},"created":"2025-01-19T01:35:21.685434+00:00"}