{"updated":"2025-01-22T10:16:04.065453+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00044793","sets":["1164:3925:3941:3945"]},"path":["3945"],"owner":"1","recid":"44793","title":["TCP に対するポートスキャンの高速検知手法"],"pubdate":{"attribute_name":"公開日","attribute_value":"2005-03-22"},"_buckets":{"deposit":"7280d0c9-a59d-41d0-a1ea-a3767f58fe9c"},"_deposit":{"id":"44793","pid":{"type":"depid","value":"44793","revision_id":0},"owners":[1],"status":"published","created_by":1},"item_title":"TCP に対するポートスキャンの高速検知手法","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"TCP に対するポートスキャンの高速検知手法"},{"subitem_title":"Fast TCP Portscan detection Method","subitem_title_language":"en"}]},"item_type_id":"4","publish_date":"2005-03-22","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"九州大学工学部電気情報工学科"},{"subitem_text_value":"九州大学大学院システム情報科学研究院情報工学部門"},{"subitem_text_value":"九州大学大学院システム情報科学研究院情報工学部門"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"School of Information Science and Electrical Engineering Kyushu University","subitem_text_language":"en"},{"subitem_text_value":"Faculty of Information Science and Electrical Engineering Kyushu University","subitem_text_language":"en"},{"subitem_text_value":"Faculty of Information Science and Electrical Engineering Kyushu University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/44793/files/IPSJ-CSEC04028007.pdf"},"date":[{"dateType":"Available","dateValue":"2007-03-22"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-CSEC04028007.pdf","filesize":[{"value":"135.6 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"15c9d6b1-1f93-4f47-82d2-9e7d523e2e38","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2005 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"小原, 正芳"},{"creatorName":"堀, 良彰"},{"creatorName":"櫻井, 幸一"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Masayoshi, KOHARA","creatorNameLang":"en"},{"creatorName":"Yoshiaki, HORI","creatorNameLang":"en"},{"creatorName":"Koichi, SAKURAI","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA11235941","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"近年，インターネット上のエンドホストに対してネットワークを介し無差別に行われる攻撃が増加している．攻撃者は脆弱なエンドホストを探すために TCP に対するポートスキャンを行うため，ポートスキャンは侵入の前兆とみなすことができる．それゆえ，攻撃者からのポートスキャンを早期に検知し必要な対策を行うことは，攻撃を事前に防ぐために重要である．ポートスキャン検知のために，これまでいくつかのアルゴリズムが考案され，それらはネットワーク侵入検知システムに実装されている．しかしながら，既存のポートスキャンの検知アルゴリズムでは，早期検知よりも精度に重点がおかれているため，精度を損なわず早期検知が可能な新たな手法が求められている．本稿では，ポートスキャンの特徴に基づく評価基準を用いることでポートスキャンを効率良く検知できる手法を提案し，その評価を行うことで提案手法の有効性を明らかにする．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Recently, there are many indiscriminant attacks against end-hosts on the Internet.As attackers carry out TCP portscans to find vulnerable end-hosts, portscans can be considered as the sign of intrusion.Therefore prompt detection of the portscan is significant to prepare protection of end-hosts.There have already been several work on detecting portscans and have been using their methods in some network intrusion detection systems. Most of them, however, are insufficient for prompt detection of scanners. Consequently, we requires promptness with accuracy.In this research, I propose an efficient method by which I can detect portscans according to the multiple criteria. In summary, the proposed scheme can achieve prompt detection of portscans with sufficient accuracy.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"42","bibliographic_titles":[{"bibliographic_title":"情報処理学会研究報告コンピュータセキュリティ（CSEC）"}],"bibliographicPageStart":"37","bibliographicIssueDates":{"bibliographicIssueDate":"2005-03-22","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"33(2004-CSEC-028)","bibliographicVolumeNumber":"2005"}]},"relation_version_is_last":true,"weko_creator_id":"1"},"created":"2025-01-18T23:10:53.133073+00:00","id":44793,"links":{}}