{"id":236562,"created":"2025-01-19T01:38:40.842678+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00236562","sets":["6504:11678:11687"]},"path":["11687"],"owner":"44499","recid":"236562","title":["Web サービスのセッション窃取攻撃耐性の評価"],"pubdate":{"attribute_name":"公開日","attribute_value":"2024-03-01"},"_buckets":{"deposit":"d11a75fe-ae3f-4c42-b380-d19bea536b81"},"_deposit":{"id":"236562","pid":{"type":"depid","value":"236562","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"Web サービスのセッション窃取攻撃耐性の評価","author_link":["646729","646728"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"Web サービスのセッション窃取攻撃耐性の評価"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"セキュリティ","subitem_subject_scheme":"Other"}]},"item_type_id":"22","publish_date":"2024-03-01","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_22_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"名大"},{"subitem_text_value":"名大"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/236562/files/IPSJ-Z86-5ZC-02.pdf","label":"IPSJ-Z86-5ZC-02.pdf"},"date":[{"dateType":"Available","dateValue":"2024-07-04"}],"format":"application/pdf","filename":"IPSJ-Z86-5ZC-02.pdf","filesize":[{"value":"177.0 kB"}],"mimetype":"application/pdf","accessrole":"open_date","version_id":"4f3e552f-e713-4627-b687-19c1adec59fa","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2024 by the Information Processing Society of Japan"}]},"item_22_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"川合, 健太"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"嶋田, 創"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_22_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN00349328","subitem_source_identifier_type":"NCID"}]},"item_22_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"現在多くの Web サービスにおいて多要素認証（MFA）が利用されており，悪意ある攻撃者にとって認証情報窃取が難しくなっている．このような状況では攻撃者にとって，認証情報窃取よりもセッション窃取の方がコスト対性能比が良くなる傾向にある．そこで，代表的ないくつかの Web サービスのセッション窃取耐性の評価を行い，サービスの頑健性を検証する．具体的には，複数の大手 Web サービスを対象にツールを用いてセッション情報やエージェント情報を操作し，セッション窃取に必要な Cookie の分析やウェブブラウザの情報をセッション情報として利用しているかなどの評価を実施する．","subitem_description_type":"Other"}]},"item_22_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"504","bibliographic_titles":[{"bibliographic_title":"第86回全国大会講演論文集"}],"bibliographicPageStart":"503","bibliographicIssueDates":{"bibliographicIssueDate":"2024-03-01","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"1","bibliographicVolumeNumber":"2024"}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"updated":"2025-01-19T09:12:40.135217+00:00","links":{}}