{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00025541","sets":["1164:1867:1882:1884"]},"path":["1884"],"owner":"1","recid":"25541","title":["アプリケーション層プロトコルに対するパケット・レベルでのフィルタリング"],"pubdate":{"attribute_name":"公開日","attribute_value":"2005-05-27"},"_buckets":{"deposit":"e73a3e43-b88b-4d37-a12d-53a5023c4ce6"},"_deposit":{"id":"25541","pid":{"type":"depid","value":"25541","revision_id":0},"owners":[1],"status":"published","created_by":1},"item_title":"アプリケーション層プロトコルに対するパケット・レベルでのフィルタリング","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"アプリケーション層プロトコルに対するパケット・レベルでのフィルタリング"},{"subitem_title":"Packet-level Implementation of TCP Stream Filter","subitem_title_language":"en"}]},"item_type_id":"4","publish_date":"2005-05-27","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"電気通信大学大学院 電気通信学研究科 情報工学専攻"},{"subitem_text_value":"慶應義塾大学 理工学部 情報工学科"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Department of Computer Science Graduate School of Electro-Communications University of Electro-Communications","subitem_text_language":"en"},{"subitem_text_value":"Department of Information and Computer Science Keio University ","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/25541/files/IPSJ-OS05099015.pdf"},"date":[{"dateType":"Available","dateValue":"2007-05-27"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-OS05099015.pdf","filesize":[{"value":"150.1 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"11"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"60be83a5-549a-4327-9acf-f0d64fa24118","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2005 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"花岡, 美幸"},{"creatorName":"河野, 健二"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Miyuki, Hanaoka","creatorNameLang":"en"},{"creatorName":"Kenji, Kono","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN10444176","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"インターネット・サーバに対する不正攻撃メッセージは，アプリケーション層プロトコルの規約に反していることが多い．そこで，プロトコルの正しい振舞いを定義し，それに反したメッセージを破棄する TCP ストリーム・フィルタという手法が提案されている．本手法はアプリケーション層でやりとりされるバイト列を解釈しつつフィルタリングを行うため，従来のパケット単位でのフィルタリングでは実現できない．本論文では，TCP/IP のプロトコル・スタックによる処理を行わずに，パケットの入れ替わり，IP フラグメント等に対処できる TCP ストリーム・フィルタの実現法を示す．Linux カーネルを拡張して実装を行い，Apache ウェブサーバを用いた実験により，フィルタリングのオーバヘッドは高々 3% 程度と十分小さいことが分かった．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Malicious messages to Internet servers often violate the rule of application-layer protocols. To filter out those malicious messages,TCP Stream Filter has been proposed. It drops the message that violates the rule that defines correct behavior of the protocol. Because we target application-layer protocols, the existing packet-level management is insufficient. In this paper we propose the packet-level implementation of TCP Stream Filter that can deal with out-of-order arrival of packets and IP fragmentation, etc., without processing the protocol stack of TCP/IP. Experimental results with Apache web server suggest that the overhead is small enough.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"98","bibliographic_titles":[{"bibliographic_title":"情報処理学会研究報告システムソフトウェアとオペレーティング・システム（OS）"}],"bibliographicPageStart":"91","bibliographicIssueDates":{"bibliographicIssueDate":"2005-05-27","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"48(2005-OS-099)","bibliographicVolumeNumber":"2005"}]},"relation_version_is_last":true,"weko_creator_id":"1"},"id":25541,"updated":"2025-01-22T19:27:09.134504+00:00","links":{},"created":"2025-01-18T22:56:23.525879+00:00"}