{"id":240974,"links":{},"created":"2025-01-19T01:45:28.297390+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00240974","sets":["6164:6165:6462:11854"]},"path":["11854"],"owner":"11","recid":"240974","title":["Rustで生成されたマルウェアを解析するためのGhidra拡張機能の開発"],"pubdate":{"attribute_name":"PubDate","attribute_value":"2024-10-15"},"_buckets":{"deposit":"469643bd-5143-4d0d-99d0-c99fb00f261d"},"_deposit":{"id":"240974","pid":{"type":"depid","value":"240974","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"Rustで生成されたマルウェアを解析するためのGhidra拡張機能の開発","author_link":["662537","662538","662539","662540"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"Rustで生成されたマルウェアを解析するためのGhidra拡張機能の開発","subitem_title_language":"ja"},{"subitem_title":"Development of Ghidra Extension to Analyze Malware Generated by Rust","subitem_title_language":"en"}]},"item_type_id":"18","publish_date":"2024-10-15","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"工学院大学"},{"subitem_text_value":"工学院大学"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Kogakuin University","subitem_text_language":"en"},{"subitem_text_value":"Kogakuin University","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/240974/files/IPSJ-CSS2024228.pdf","label":"IPSJ-CSS2024228.pdf"},"date":[{"dateType":"Available","dateValue":"2026-10-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-CSS2024228.pdf","filesize":[{"value":"432.8 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"1f64323e-84be-4f4b-90bc-ddda6f071330","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2024 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"川越, 謙宏"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"小林, 良太郎"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Akihiro, Kawagoe","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Ryotaro, Kobayashi","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"近年，脅威アクターはマルウェアの作成に，Go Lang，Rust，Nim等といった言語を使うことがある．特にRustは実行速度，並行処理の容易さ，メモリに関するバグが少なさから，マルウェアの作成に使われることがある．一般的に静的解析で使用されるリバースエンジニアリングツールはほとんどがデコンパイル機能を持っている．しかし，現状デコンパイラはC言語へのデコンパイルのみで，Rustへのデコンパイルが出来ないので，Rustで生成されたバイナリをデコンパイルすると，あまり参考にならない結果が返ってくることがあり，現状解析が困難である．今回，NSAが開発したリバースエンジニアリングツールであるGhidraの拡張機能を作成し，Rustの静的解析をする容易にする手法を提案する．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"In recent years, threat actors have been using languages such as Go Lang, Rust, and Nim to create malware. In general, most reverse engineering tools used for static analysis have decompilation capabilities. However, currently only decompilers to C exist, and decompiling binaries generated by Rust to C sometimes returns unhelpful results, making analysis difficult. In this study, we propose an extension to Ghidra, a reverse engineering tool developed by National Security Agency (NSA), to facilitate static analysis of other languages.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"1717","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2024論文集"}],"bibliographicPageStart":"1712","bibliographicIssueDates":{"bibliographicIssueDate":"2024-10-15","bibliographicIssueDateType":"Issued"}}]},"relation_version_is_last":true,"weko_creator_id":"11"},"updated":"2025-03-06T05:59:22.883155+00:00"}