{"updated":"2025-01-22T09:08:38.893818+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00047102","sets":["1164:4088:4122:4125"]},"path":["4125"],"owner":"1","recid":"47102","title":["DNS解決PTRレコード分散型サービス妨害攻撃の自動検知と自動阻止システムの開発"],"pubdate":{"attribute_name":"公開日","attribute_value":"2004-07-30"},"_buckets":{"deposit":"4dddcc03-1c4a-4888-8d60-85287db6ee9a"},"_deposit":{"id":"47102","pid":{"type":"depid","value":"47102","revision_id":0},"owners":[1],"status":"published","created_by":1},"item_title":"DNS解決PTRレコード分散型サービス妨害攻撃の自動検知と自動阻止システムの開発","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"DNS解決PTRレコード分散型サービス妨害攻撃の自動検知と自動阻止システムの開発"},{"subitem_title":"Development of Automatic Detection and Prevention Systems of DNS Query PTR record - based Distributed Denial -of- Service Attack","subitem_title_language":"en"}]},"item_type_id":"4","publish_date":"2004-07-30","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"熊本大学総合情報基盤センター"},{"subitem_text_value":"熊本大学総合情報基盤センター"},{"subitem_text_value":"熊本大学総合情報基盤センター"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Center for Multimedia and Information Technologies, Kumamoto University.","subitem_text_language":"en"},{"subitem_text_value":"Center for Multimedia and Information Technologies, Kumamoto University.","subitem_text_language":"en"},{"subitem_text_value":"Center for Multimedia and Information Technologies, Kumamoto University.","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"eng"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/47102/files/IPSJ-DSM04034008.pdf"},"date":[{"dateType":"Available","dateValue":"2006-07-30"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-DSM04034008.pdf","filesize":[{"value":"205.0 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"43"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"b8333c14-8845-45eb-8888-5784d816d982","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2004 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"武藏, 泰雄"},{"creatorName":"松葉, 龍一"},{"creatorName":"杉谷, 賢一"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Yasuo, Musashi","creatorNameLang":"en"},{"creatorName":"Ryuichi, Matsuba","creatorNameLang":"en"},{"creatorName":"Kenichi, Sugitani","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12326962","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"我々の大学のトップドメインDNSサーバが大量のDNS解決パケット送りつけられる分散型サービス妨害攻撃(DDoS)を受けている時、DNSサーバのsyslogを統計的に解析したところ次のような結果を得た: (1)DNS解決DDoS攻撃パケットは主に逆引(PTR)レコードで構成されている。(2)そのPTRレコードで解決するIPアドレスは、主として本大学の未使用のIPアドレスである。従って、未使用IPアドレスのPTRレコードを監視すれば、DNS解決型DDoS攻撃検知すること可能である。またそのDDoS攻撃を自動的に検知し、自動的に阻止するシステム(IPS)を開発した。)","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"The syslog messages of the top domain DNS servers in Kumamoto University were statistically investigated when having a distributed denial-of-service (DDoS) attack like receiving a large amount of DNS query packets. The interesting results are: (1) Contents of the DNS query-based DDoS attack packets mainly consist of reverse (PTR) records. (2) The PTR records include a lot of unused IP addresses of our university. Therefore, we can detect the DNS query-based DDoS attack by only monitoring the contents of DNS query PTR record packet traffic having unused IP addresses. Also, we developed and implemented a simple intrusion prevention system (IPS) for the DNS query-based DDoS attack on the our top domain DNS servers. )","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"48","bibliographic_titles":[{"bibliographic_title":"情報処理学会研究報告インターネットと運用技術（IOT）"}],"bibliographicPageStart":"43","bibliographicIssueDates":{"bibliographicIssueDate":"2004-07-30","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"77(2004-DSM-034)","bibliographicVolumeNumber":"2004"}]},"relation_version_is_last":true,"weko_creator_id":"1"},"created":"2025-01-18T23:12:39.638212+00:00","id":47102,"links":{}}