{"updated":"2025-01-19T08:58:42.365007+00:00","links":{},"id":237150,"created":"2025-01-19T01:39:37.138135+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00237150","sets":["1164:6389:11481:11662"]},"path":["11662"],"owner":"44499","recid":"237150","title":["悪質なSEOを行うマルウェアの転送先偽ショッピングサイトの情報を利用したマルウェア間の関連性の分析"],"pubdate":{"attribute_name":"公開日","attribute_value":"2024-07-15"},"_buckets":{"deposit":"83b84b2f-a1d9-42fc-971f-d2f12e11a77d"},"_deposit":{"id":"237150","pid":{"type":"depid","value":"237150","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"悪質なSEOを行うマルウェアの転送先偽ショッピングサイトの情報を利用したマルウェア間の関連性の分析","author_link":["648576","648572","648571","648577","648569","648573","648570","648574","648575","648578"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"悪質なSEOを行うマルウェアの転送先偽ショッピングサイトの情報を利用したマルウェア間の関連性の分析"},{"subitem_title":"An analysis of relationship between Black-Hat SEO malwares using information from redirected scam sites","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"ICSS","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2024-07-15","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"トレンドマイクロ株式会社"},{"subitem_text_value":"千葉県警察本部生活安全部サイバー犯罪対策課／香川大学創造工学部電子・情報工学領域"},{"subitem_text_value":"トレンドマイクロ株式会社／日本サイバー犯罪対策センター"},{"subitem_text_value":"神奈川県警察本部 サイバーセキュリティ対策本部／香川大学創造工学部電子・情報工学領域"},{"subitem_text_value":"香川大学創造工学部電子・情報工学領域"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Trend Micro, Inc.","subitem_text_language":"en"},{"subitem_text_value":"Cybercrime Division, Community Safety Department, Chiba Prefectural Police Headquarters / Faculty of Engineering and Design, Kagawa University","subitem_text_language":"en"},{"subitem_text_value":"Trend Micro, Inc. / Japan Cybercrime Control Center","subitem_text_language":"en"},{"subitem_text_value":"Cyber Security Task Force, Kanagawa Prefectural Police Headquarters / Faculty of Engineering and Design, Kagawa University","subitem_text_language":"en"},{"subitem_text_value":"Faculty of Engineering and Design, Kagawa University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/237150/files/IPSJ-SPT24056029.pdf","label":"IPSJ-SPT24056029.pdf"},"date":[{"dateType":"Available","dateValue":"2026-07-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-SPT24056029.pdf","filesize":[{"value":"1.1 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"114d724a-7555-4e86-b796-3f9b8d4a215e","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2024 by the Institute of Electronics, Information and Communication Engineers This SIG report is only available to those in membership of the SIG."}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"嶋村, 誠"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"竹重, 耕介"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"松ヶ谷, 新吾"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"堺, 啓介"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"橋本, 正樹"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Makoto, Shimamura","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Kousuke, Takeshige","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Shingo, Matsugaya","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Keisuke, Sakai","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Masaki, Hashimoto","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12628305","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8671","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"近年，金銭を騙し取ったり，個人情報を窃取する目的の偽ショッピングサイト詐欺が増加し，大きな被害が出ている．この詐欺の導線として，改ざんされた Web サイト (以下「改ざんサイト」) に悪質な SEO を行うマルウェアを設置し，改ざんサイト上のおとりページを検索エンジンの検索結果に表示させ，ページを訪問したユーザを偽ショッピングサイトへ転送する手法が確認されている．本研究では，この手口に着目し，マルウェアの C2 サーバから転送先の偽ショッピングサイトを収集して分析する．使用されるマルウェアは背後の詐欺行為者グループに強く紐づく可能性が高い．このため，複数のマルウェア間の関連が見つかれば，それらを用いる詐欺行為者グループ間に関連があることが示唆される．そこで，悪質な SEO を行うマルウェア 6 種類の C2 サーバ 1,242 件より 227,828 件の偽ショッピングサイトを収集し分析を行った．結果，単一種類のマルウェアを運用する 3 グループと，複数種類のマルウェアを運用する 1 グループが存在する可能性があることがわかった．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Recently the financial damage caused by fake E-commerce sites is increasing. It is confirmed that a portion of actors behind the scam install malwares to conduct Black-hat SEO into defaced websites. The malware let search engines show lure pages placed in defaced sites and redirect visitors to fake EC sites as potential victims. We think redirect contents are the key parts of malware families and actors behind them. Based on the thoughts, we analyze redirect contents and destined fake EC sites in this paper. We collected 1,242 C2 servers of 6 malware families, and 227,828 fake EC sites from the C2 servers. Then we analyzed them using Maltego, a popular link analysis tool. As a result, we found possibility that there are 3 groups use only one malware family and a group uses multiple malware families.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"8","bibliographic_titles":[{"bibliographic_title":"研究報告セキュリティ心理学とトラスト（SPT）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2024-07-15","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"29","bibliographicVolumeNumber":"2024-SPT-56"}]},"relation_version_is_last":true,"weko_creator_id":"44499"}}