{"links":{},"id":235310,"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00235310","sets":["1164:3782:11460:11657"]},"path":["11657"],"owner":"44499","recid":"235310","title":["組織構成員の心理的状況と情報リソースの業務影響度を考慮した内部脅威対策手法"],"pubdate":{"attribute_name":"公開日","attribute_value":"2024-07-04"},"_buckets":{"deposit":"770caddb-da04-4554-9a3e-5617484b5289"},"_deposit":{"id":"235310","pid":{"type":"depid","value":"235310","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"組織構成員の心理的状況と情報リソースの業務影響度を考慮した内部脅威対策手法","author_link":["642789","642785","642788","642790","642787","642786"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"組織構成員の心理的状況と情報リソースの業務影響度を考慮した内部脅威対策手法"},{"subitem_title":"Countermeasure against Insider Threat Regarding Psychological State of Organizational Members and Business Impact of Information Resources","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"LOIS 3","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2024-07-04","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"総合研究大学院大学複合科学研究科情報学専攻"},{"subitem_text_value":"国立情報学研究所ストラテジックサイバーレジリエンス研究開発センター"},{"subitem_text_value":"国立情報学研究所ストラテジックサイバーレジリエンス研究開発センター"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Department of Informatics, School of Multidisciplinary, The Graduate University for Advanced Studies","subitem_text_language":"en"},{"subitem_text_value":"Center for Strategic Cyber Resilience Research and Development, National Institute of Informatics","subitem_text_language":"en"},{"subitem_text_value":"Center for Strategic Cyber Resilience Research and Development, National Institute of Informatics","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/235310/files/IPSJ-DC24133009.pdf","label":"IPSJ-DC24133009.pdf"},"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-DC24133009.pdf","filesize":[{"value":"1.2 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"0","billingrole":"32"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_login","version_id":"89b46e54-57a9-4903-87d3-a36a4abec29a","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2024 by the Institute of Electronics, Information and CommunicationEngineers This SIG report is only available to those in membership of the SIG."}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"小高, 佑紀"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"長谷川, 皓一"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"高倉, 弘喜"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Yuki, Kodaka","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Hirokazu, Hasegawa","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Hiroki, Takakura","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN10539261","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8892","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"外部からのサイバー攻撃に比べ，組織構成員によって引き起こされる内部脅威では，初期段階でも脅威が組織内の広範囲に及び業務中断などの影響が大きくなる．さらに，構成員が通常業務に偽装して不正な活動を試みた場合，情報リソースへのアクセス権限違反など挙動履歴からの検知は困難となる．そこで本稿では，組織構成員の心理的状況と情報リソースの業務影響度を考慮した内部脅威対策手法を提案する．システムでの操作履歴に加え，組織が保有するストレステストや降格，減給等の人事データから各構成員の心理的状況を推定し，内部脅威となりうるリスク評価を行う．また，業務における使用状況を元に，情報リソースの流出や使用不能となった場合に組織が受ける影響度評価も行う．これらの評価に基づき，組織運営において脅威となる可能性が高い活動の防止，実行済みの活動に対するロールバックやさらなる活動を抑止するなどの対策を実施することで業務への影響を最小限に留める．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Compared to external cyberattacks, insider threats caused by organizational members can spread more widely within the organization even at an early stage, leading to significant impacts such as business interruptions. Furthermore, when members attempt illicit activities disguised as routine operations, it becomes challenging to detect these actions from behavioral history, such as violations of access privileges to information resources. Therefore, this paper proposes a countermeasure against insider threats regarding the psychological state of organizational members and the business impact of information resources. In addition to system operation history, the psychological state of each member is estimated using Human Resource data such as stress tests, demotions, and salary reductions, which are held by the organization. Based on these evaluations, we assess the risk of potential insider threats. Additionally, we evaluate the impact on the organization if information resources are leaked or become unusable, based on their usage in operations. By implementing countermeasures to prevent high-risk activities, roll back executed activities, and suppress further actions, we aim to minimize the impact on business operations.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"6","bibliographic_titles":[{"bibliographic_title":"研究報告ドキュメントコミュニケーション（DC）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2024-07-04","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"9","bibliographicVolumeNumber":"2024-DC-133"}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"created":"2025-01-19T01:37:08.356281+00:00","updated":"2025-01-19T09:36:08.525330+00:00"}