{"created":"2025-01-18T22:56:18.187656+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00025421","sets":["1164:1867:1874:1875"]},"path":["1875"],"owner":"11","recid":"25421","title":["システムコールの実行順と実行位置に基づく侵入検知システムの実現"],"pubdate":{"attribute_name":"公開日","attribute_value":"2007-08-03"},"_buckets":{"deposit":"f03b8593-db32-4f46-b973-ed57c6bb43ef"},"_deposit":{"id":"25421","pid":{"type":"depid","value":"25421","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"システムコールの実行順と実行位置に基づく侵入検知システムの実現","author_link":["457901","457902","457900","457905","457903","457904"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"システムコールの実行順と実行位置に基づく侵入検知システムの実現"},{"subitem_title":"Realization of Intrusion Detection System Based on Pattern and Situation of System Call","subitem_title_language":"en"}]},"item_type_id":"4","publish_date":"2007-08-03","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"名古屋工業大学"},{"subitem_text_value":"名古屋工業大学"},{"subitem_text_value":"名古屋工業大学"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Nagoya Institute of Technology","subitem_text_language":"en"},{"subitem_text_value":"Nagoya Institute of Technology","subitem_text_language":"en"},{"subitem_text_value":"Nagoya Institute of Technology","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/25421/files/IPSJ-OS07106004.pdf","label":"IPSJ-OS07106004"},"date":[{"dateType":"Available","dateValue":"2009-08-03"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-OS07106004.pdf","filesize":[{"value":"837.8 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"11"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"b25372d0-db3f-4cea-aa6f-58978989f554","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2007 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"槙本, 裕司"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"齋藤, 彰一"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"松尾, 啓志"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Yuji, Makimoto","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Shoichi, Saito","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Hiroshi, Matsuo","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN10444176","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"プログラムの脆弱性を利用して，プログラマの意図に反する異常な動作をさせる攻撃による被害が問題になっている．近年はゼロデイ攻撃が目立つようになった．従来，このような攻撃の検知には，攻撃プログラムのパターンとのマッチングが用いられてきた．しかし，マッチングに基づくセキュリティシステムでは，ゼロデイ攻撃を検知することが難しい．このような攻撃を検知することのできるシステムに異常検知型侵入検知システムがある．本論文ではシステムコールの呼び出し順序とスタックの情報を用いた侵入検知システムを提案する．具体的には，システムコールと，その呼び出し時の実行位置情報を組にしたデータを基にした N-gram 集合と，静的解析により得た情報から，異常な動作か否かを判断する．実験では検知に要するオーバヘッドの測定と， N-gram 集合に実行位置情報も用いたことによる効果についての評価を行った．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"In recentry, zero-day attack is increasing.It is difficult for security system based on matching of pattern to detect the zero-day attack.An effective countermeasure against zero-day attack is intrusiondetection system with anomaly detection.In this paper, we propose an intrusion detection systembased on pattern and situation of system call.Through the experiments, we have evaluated the delay fromdetection and the effective of improved N-gram method.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"30","bibliographic_titles":[{"bibliographic_title":"情報処理学会研究報告システムソフトウェアとオペレーティング・システム（OS）"}],"bibliographicPageStart":"23","bibliographicIssueDates":{"bibliographicIssueDate":"2007-08-03","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"83(2007-OS-106)","bibliographicVolumeNumber":"2007"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"id":25421,"updated":"2025-01-19T23:38:13.892057+00:00","links":{}}