{"id":240760,"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00240760","sets":["6164:6165:6462:11854"]},"path":["11854"],"owner":"11","recid":"240760","title":["違法ソフトウェア導入を騙ったYouTube動画によるマルウェア拡散手法の実態解明"],"pubdate":{"attribute_name":"PubDate","attribute_value":"2024-10-15"},"_buckets":{"deposit":"40578f49-eb17-44aa-a2f9-8e35bd59cfbc"},"_deposit":{"id":"240760","pid":{"type":"depid","value":"240760","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"違法ソフトウェア導入を騙ったYouTube動画によるマルウェア拡散手法の実態解明","author_link":["661114","661115","661116","661117","661118","661119"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"違法ソフトウェア導入を騙ったYouTube動画によるマルウェア拡散手法の実態解明","subitem_title_language":"ja"},{"subitem_title":"Understanding Malware Distribution Tactics Through YouTube Videos Pretending to Offer Illegal Software Installations","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"動画配信サイト，マルウェア配布，Measurement","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2024-10-15","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"株式会社日立製作所／早稲田大学"},{"subitem_text_value":"株式会社日立製作所"},{"subitem_text_value":"早稲田大学／情報通信研究機構／理化学研究所"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Hitachi, Ltd. / Waseda University","subitem_text_language":"en"},{"subitem_text_value":"Hitachi, Ltd.","subitem_text_language":"en"},{"subitem_text_value":"Waseda University / National Institute of Information and Communications Technology / Institute of Physical and Chemical Research","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/240760/files/IPSJ-CSS2024014.pdf","label":"IPSJ-CSS2024014.pdf"},"date":[{"dateType":"Available","dateValue":"2026-10-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-CSS2024014.pdf","filesize":[{"value":"780.2 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"fa477c79-d3b5-4c63-a10b-2a106b8f2718","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2024 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"山岸, 伶"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"藤井, 翔太"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"森, 達哉"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Rei, Yamagishi","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Shota, Fujii","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Tatsuya, Mori","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"YouTubeなどのメディアプラットフォームは多くのユーザに人気がある一方，攻撃者からも注目されている．YouTube上では，有償ソフトウェアの無料版やゲームのチートツールのインストール方法を紹介する動画が，実際にはユーザにマルウェアをインストールさせる手順を示している事例が報告されている．この攻撃（MalTubeと呼称する）では，ユーザが罪の意識から対策への非協力的な態度を取る懸念があり，攻撃者の標的やユーザを欺く手口の詳細は明らかになっていない．本研究では，MalTubeを体系的に観測することを目的としたシステムVIPERを実装し，約4ヶ月間で14,363件の動画とダウンロードに関連する1,269種類のFQDNsを収集し，分析を行った．その結果，MalTubeはゲームのチートツールを装う傾向が高く，ゲームプレイヤーや子どもを標的にしていることが明らかになった．また，MalTubeは，ユーザを確実に誘導するために，動画内容や説明，サムネイルに絵文字やキャラクターを工夫して使用していること，およびダウンロード方法の説明が非常に丁寧かつ特徴的であることが判明した．本研究では，MalTubeに固有な特徴を利用した攻撃検知や対策手法を提案し，その有効性を議論する．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"YouTube, while popular among users, have increasingly become targets for attackers. In our research, we name the attack as ``MalTube,'' where videos on YouTube appear to offer free versions of paid software or game cheat tools but actually guide users through malware installation. This attack raises concerns that users, feeling guilty about their actions, may be reluctant to disclose information, making it difficult to fully understand the attack's scope and the specific targets or deceptive techniques used by attackers. To address this, we implemented a monitoring system called VIPER, which systematically observed MalTube over approximately four months, collecting 14,363 videos and 1,269 unique FQDNs related to downloads. Our analysis revealed that MalTube predominantly disguises itself as game cheat tools, with a particular focus on targeting gamers and children. We also found that these videos use carefully crafted techniques to engage users, such as employing emojis and characters in descriptions and thumbnails, along with highly detailed and distinctive download instructions. Based on these findings, we propose detection and mitigation strategies that leverage the unique characteristics of MalTube and demonstrate their effectiveness.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"105","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2024論文集"}],"bibliographicPageStart":"98","bibliographicIssueDates":{"bibliographicIssueDate":"2024-10-15","bibliographicIssueDateType":"Issued"}}]},"relation_version_is_last":true,"weko_creator_id":"11"},"updated":"2025-02-21T02:12:34.413609+00:00","created":"2025-01-19T01:45:07.930242+00:00","links":{}}