{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00044605","sets":["1164:3925:3936:3938"]},"path":["3938"],"owner":"1","recid":"44605","title":["インターネットの分散観測による不正侵入者の探索活動のマクロ・ミクロ解析"],"pubdate":{"attribute_name":"公開日","attribute_value":"2006-07-21"},"_buckets":{"deposit":"1954a7a4-4bf4-4b5e-beaf-5627bfed8e4b"},"_deposit":{"id":"44605","pid":{"type":"depid","value":"44605","revision_id":0},"owners":[1],"status":"published","created_by":1},"item_title":"インターネットの分散観測による不正侵入者の探索活動のマクロ・ミクロ解析","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"インターネットの分散観測による不正侵入者の探索活動のマクロ・ミクロ解析"},{"subitem_title":"Macro and Micro Analysis on Vulnerability Scanning Activities via Distributed Observation over the Internet","subitem_title_language":"en"}]},"item_type_id":"4","publish_date":"2006-07-21","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"東海大学電子情報学部情報メディア学科"},{"subitem_text_value":"東海大学電子情報学部情報メディア学科"},{"subitem_text_value":"東海大学電子情報学部情報メディア学科"},{"subitem_text_value":"日立製作所"},{"subitem_text_value":"中央大学理工学部情報工学科"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Couse of Information Engineering, Graduate School of Engineering Tokai University","subitem_text_language":"en"},{"subitem_text_value":"Couse of Information Engineering, Graduate School of Engineering Tokai University","subitem_text_language":"en"},{"subitem_text_value":"Couse of Information Engineering, Graduate School of Engineering Tokai University","subitem_text_language":"en"},{"subitem_text_value":"Hitachi, Ltd. Hitachi Incident Response Team (HIRT)","subitem_text_language":"en"},{"subitem_text_value":"Dept. of Info, and System Engineering, Faculity of Scienece and Engineering, Chuo University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/44605/files/IPSJ-CSEC06034041.pdf"},"date":[{"dateType":"Available","dateValue":"2008-07-21"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-CSEC06034041.pdf","filesize":[{"value":"415.8 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"4baa950b-5c5c-495d-a713-caa748e389d9","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2006 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"福野, 直弥"},{"creatorName":"小堀, 智弘"},{"creatorName":"菊池, 浩明"},{"creatorName":"寺田, 真敏"},{"creatorName":"土居, 範久"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Naoya, FUKUNO","creatorNameLang":"en"},{"creatorName":"Tomohiro, KOBORI","creatorNameLang":"en"},{"creatorName":"Hiroaki, KIKUCI","creatorNameLang":"en"},{"creatorName":"Masato, TERADA","creatorNameLang":"en"},{"creatorName":"Norihisa, DOI","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA11235941","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"ワームやウィルス，スパイウェアなどに感染したホストはトラップドアを仕掛けたり，新たな侵入先を求めて定期的なポートスキャンを実行したりしている．これらの振舞いは一様ではなく，特定のアドレスブロックを集中的に探索する不正者やアドレス空間全域をランダムに探索する不正者などが混在している．そこで，本研究では，JPCERT/ｃｃにより運営されている定点観測システムISDASのデータを解析し，インターネット上での探索活動を明らかにすることを試みる．まず，探索者全体の集合をマクロに見て統計的な情報を解析し，次に個々の探索者に着目してミクロに解析を行う．これらの解析結果を元にして，不正者の振舞いを近似する数学モデルを提案する．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Computer virus and worms perform randomly spyware and port-scanning to find a vulnerability in the Internet. The fraction of malicious behaviors varies, e.g, some host performs scan contentionally and some host scans uniformly over the IP address blocks. In this paper, First, we analysis a set of source addresses observed by distributed sensors in ISDAS from a \"macro\" view point. Second, we examine behaviors of from \"micro\" perspective. Finally, we study a new mathematical model for malicious hosts based on these analysis.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"304","bibliographic_titles":[{"bibliographic_title":"情報処理学会研究報告コンピュータセキュリティ（CSEC）"}],"bibliographicPageStart":"299","bibliographicIssueDates":{"bibliographicIssueDate":"2006-07-21","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"81(2006-CSEC-034)","bibliographicVolumeNumber":"2006"}]},"relation_version_is_last":true,"weko_creator_id":"1"},"updated":"2025-01-22T10:23:40.070026+00:00","created":"2025-01-18T23:10:44.526338+00:00","links":{},"id":44605}