{"updated":"2025-01-22T15:17:41.962645+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00034298","sets":["1164:2836:2847:2851"]},"path":["2851"],"owner":"1","recid":"34298","title":["動的API検査方式によるキーロガー検知方式の提案"],"pubdate":{"attribute_name":"公開日","attribute_value":"2006-03-17"},"_buckets":{"deposit":"a4698003-5355-4ffa-a125-9f15712a9416"},"_deposit":{"id":"34298","pid":{"type":"depid","value":"34298","revision_id":0},"owners":[1],"status":"published","created_by":1},"item_title":"動的API検査方式によるキーロガー検知方式の提案","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"動的API検査方式によるキーロガー検知方式の提案"},{"subitem_title":"A keylogger detection using dynamic API inspection","subitem_title_language":"en"}]},"item_type_id":"4","publish_date":"2006-03-17","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"静岡大学情報学部"},{"subitem_text_value":"静岡大学情報学部"},{"subitem_text_value":"NTTデータ技術開発本部"},{"subitem_text_value":"NTTデータ技術開発本部"},{"subitem_text_value":"NTTデータ技術開発本部"},{"subitem_text_value":"静岡大学情報学部"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Faculty of Informatics, Shizuoka University","subitem_text_language":"en"},{"subitem_text_value":"Faculty of Informatics, Shizuoka University","subitem_text_language":"en"},{"subitem_text_value":"R&D Headquarters, NTT Data corp.","subitem_text_language":"en"},{"subitem_text_value":"R&D Headquarters, NTT Data corp.","subitem_text_language":"en"},{"subitem_text_value":"R&D Headquarters, NTT Data corp.","subitem_text_language":"en"},{"subitem_text_value":"Faculty of Informatics, Shizuoka University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/34298/files/IPSJ-DPS06126036.pdf"},"date":[{"dateType":"Available","dateValue":"2008-03-17"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-DPS06126036.pdf","filesize":[{"value":"180.8 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"34"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"553bb604-e4a0-49c5-9070-40f89e9fd05f","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2006 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"高見, 知寛"},{"creatorName":"鈴木, 功一"},{"creatorName":"馬場, 達也"},{"creatorName":"前田, 秀介"},{"creatorName":"松本, 隆明"},{"creatorName":"西垣, 正勝"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Tomohiro, Takami","creatorNameLang":"en"},{"creatorName":"Koichi, Suzuki","creatorNameLang":"en"},{"creatorName":"Tatsuya, Baba","creatorNameLang":"en"},{"creatorName":"Shusuke, Maeda","creatorNameLang":"en"},{"creatorName":"Takaaki, Matsumoto","creatorNameLang":"en"},{"creatorName":"Masakatsu, Nishigaki","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN10116224","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"本稿ではキーボード入力を取得するというキーロガーの挙動に着目し，キーボード入力に用いられるAPIの使用を検出することでキーロガーの検知を行う方式を提案する．本来のDLLの代わりにAPIの使用を検出する機能を付加した検査用DLLをプログラムにロードさせた上で試実行させることが本方式の特徴であり，ウイルス検知における動的ヒューリスティック法的なアプローチによるキーロガー検知方式となっている．本稿では本方式の基礎実験を行い，その検知率と誤検知率について評価する．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"This paper proposes a keylogger detection scheme by monitoring APIs employed by keylogger to capture user's keyboard input. API inspection is one of efficient ways for keylogger detection, since the use of keyboard-input-related APIs is a typical behavior found in keyloggers. To achieve this, we create a modified DLL which can detect the use of these APIs. By executing a program with the modified DLL, we can check whether the program includes any of these APIs or not. We can say that this scheme is in the category of dynamic heuristic virus detection (in dynamic heuristic detection, programs are executed in \"virtual\" machine to check virus behavior; in the proposed scheme, programs are executed with virtual DLL to check keylogger behavior). This paper carries out basic experiments to evaluate its detection rate and false detection rate.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"214","bibliographic_titles":[{"bibliographic_title":"情報処理学会研究報告マルチメディア通信と分散処理（DPS）"}],"bibliographicPageStart":"209","bibliographicIssueDates":{"bibliographicIssueDate":"2006-03-17","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"26(2006-DPS-126)","bibliographicVolumeNumber":"2006"}]},"relation_version_is_last":true,"weko_creator_id":"1"},"created":"2025-01-18T23:02:55.198313+00:00","id":34298,"links":{}}