{"links":{},"id":25344,"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00025344","sets":["1164:1867:1868:1869"]},"path":["1869"],"owner":"11","recid":"25344","title":["システムコールとライブラリ関数の監視による侵入防止システムの実現"],"pubdate":{"attribute_name":"公開日","attribute_value":"2009-01-21"},"_buckets":{"deposit":"80b3cbba-3651-4e43-8656-6ea12e49304d"},"_deposit":{"id":"25344","pid":{"type":"depid","value":"25344","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"システムコールとライブラリ関数の監視による侵入防止システムの実現","author_link":["457893","457887","457891","457888","457884","457889","457885","457892","457890","457886"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"システムコールとライブラリ関数の監視による侵入防止システムの実現"},{"subitem_title":"Implementation of a Intrusion Prevention System Based on Monitoring System Call and Library Function Call","subitem_title_language":"en"}]},"item_type_id":"4","publish_date":"2009-01-21","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"名古屋工業大学"},{"subitem_text_value":"名古屋工業大学"},{"subitem_text_value":"名古屋工業大学"},{"subitem_text_value":"京都大学"},{"subitem_text_value":"名古屋工業大学"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Nagoya Institute of Technology","subitem_text_language":"en"},{"subitem_text_value":"Nagoya Institute of Technology","subitem_text_language":"en"},{"subitem_text_value":"Nagoya Institute of Technology","subitem_text_language":"en"},{"subitem_text_value":"Kyoto University","subitem_text_language":"en"},{"subitem_text_value":"Nagoya Institute of Technology","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/25344/files/IPSJ-OS09110002.pdf","label":"IPSJ-OS09110002"},"date":[{"dateType":"Available","dateValue":"2011-01-21"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-OS09110002.pdf","filesize":[{"value":"1.3 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"11"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"42925214-a5b7-44d4-b4a2-7f8820554d5b","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2009 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"槙本, 裕司"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"鶴田, 浩史"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"齋藤, 彰一"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"上原, 哲太郎"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"松尾, 啓志"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Yuji, Makimoto","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Koji, Tsuruta","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Shoichi, Saito","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Tetsutaro, Uehara","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Hiroshi, Matsuo","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN10444176","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"ゼロデイ攻撃や未知の攻撃から計算機を守る手法として侵入防止システムの研究が多く行われている．既存の侵入防止システムはシステムコール呼び出し時に得られる情報のみに基づいているため，実行時の状態遷移の把握が十分ではなく，true negative あるいは正常な実行であるかのように偽装した攻撃による耐性が十分であるか疑わしい．本研究では，ライブラリ関数呼び出しごとにコールスタックを調べることで，プログラムの実行状態を詳細に把握する手法を提案する．また，ライブラリ関数の呼び出しと終了を把握することで，ライブラリ関数が呼び出されている時のみシステムコールの発行を許可する．提案システムを Linux 上に実装し評価を行った．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Some intrusion prevention system has been studied to prevent a zero-day attack and an unknown attack. The existing systems don't hold enough program execution statuses; because the systems use only system call's past record. In this paper, we propose a novel intrusion prevention system, named Belem, by monitoring both a system call and a library function call. Belem checks a call stack before a library function is executing. We implemented Belem on Linux, and evaluated it.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"10","bibliographic_titles":[{"bibliographic_title":"情報処理学会研究報告システムソフトウェアとオペレーティング・システム（OS）"}],"bibliographicPageStart":"3","bibliographicIssueDates":{"bibliographicIssueDate":"2009-01-21","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"6(2009-OS-110)","bibliographicVolumeNumber":"2009"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"created":"2025-01-18T22:56:14.784276+00:00","updated":"2025-01-19T23:38:16.491817+00:00"}