{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00061583","sets":["1164:2836:5643:5645"]},"path":["5645"],"owner":"10","recid":"61583","title":["ネットワーク異常検知システムにおける攻撃種別判定法"],"pubdate":{"attribute_name":"公開日","attribute_value":"2009-02-26"},"_buckets":{"deposit":"49ac7724-546a-4176-9486-253061753c26"},"_deposit":{"id":"61583","pid":{"type":"depid","value":"61583","revision_id":0},"owners":[10],"status":"published","created_by":10},"item_title":"ネットワーク異常検知システムにおける攻撃種別判定法","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"ネットワーク異常検知システムにおける攻撃種別判定法"},{"subitem_title":"Means for Attack Decision in Anomaly-Based Network Intrusion Detection System","subitem_title_language":"en"}]},"item_type_id":"4","publish_date":"2009-02-26","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"三菱電機株式会社情報技術総合研究所"},{"subitem_text_value":"三菱電機株式会社情報技術総合研究所"},{"subitem_text_value":"三菱電機株式会社情報技術総合研究所"},{"subitem_text_value":"三菱電機株式会社情報技術総合研究所"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Mitsubishi Electric Corporation, Information Technology R&D Center","subitem_text_language":"en"},{"subitem_text_value":"Mitsubishi Electric Corporation, Information Technology R&D Center","subitem_text_language":"en"},{"subitem_text_value":"Mitsubishi Electric Corporation, Information Technology R&D Center","subitem_text_language":"en"},{"subitem_text_value":"Mitsubishi Electric Corporation, Information Technology R&D Center","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":10,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/61583/files/IPSJ-DPS09138029.pdf","label":"IPSJ-DPS09138029"},"date":[{"dateType":"Available","dateValue":"2011-02-26"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-DPS09138029.pdf","filesize":[{"value":"1.4 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"34"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"5ea26294-b73b-4bde-8ba4-fcc91e274e1a","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2009 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"北澤, 繁樹"},{"creatorName":"河内, 清人"},{"creatorName":"榊原, 裕之"},{"creatorName":"藤井, 誠司"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Shigeki, Kitazawa","creatorNameLang":"en"},{"creatorName":"Kiyoto, Kawauchi","creatorNameLang":"en"},{"creatorName":"Hiroyuki, Sakakibara","creatorNameLang":"en"},{"creatorName":"Seiji, Fujii","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN10116224","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"本論文では，異常検知に基づくワーム検知方式によって異常が検出された場合に，検知内容の真偽を確認した上で，対策が必要かどうかを判断するまでの一連の分析作業の効率化を図る手法について述べる．本論文では，検知内容の分析を行うための分析モデルを，検知される事象を特徴付ける3つの分析パラメータで定義する．分析を行う際には，分析対象となるFirewallログを集計して，各分析パラメータの値を導出し，通常時に観測される実データから決定した閾値によって評価して，分析モデルに当てはめることによって検知内容を判断する．これにより，対応が必要な検知アラートに対して即座に対策をとることが可能となる．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"In this paper, we describe means for improving an efficiency of a flow  of a firewall log analysis when a network anomaly-based intrusion detection system detected an unknown network anomaly is occurred. We define an analysis model based on experience of a system operation. And we also formalize the means for analysis. As a result, immediately taking measures based on the detection alert became possible achieving the reduction in an unnecessary detection alert notification.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"174","bibliographic_titles":[{"bibliographic_title":"研究報告マルチメディア通信と分散処理（DPS）"}],"bibliographicPageStart":"169","bibliographicIssueDates":{"bibliographicIssueDate":"2009-02-26","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"20(2009-DPS-138)","bibliographicVolumeNumber":"2009"}]},"relation_version_is_last":true,"weko_creator_id":"10"},"id":61583,"updated":"2025-01-21T22:11:11.116614+00:00","links":{},"created":"2025-01-18T23:23:45.184750+00:00"}