{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00067744","sets":["581:612:6017"]},"path":["6017"],"owner":"11","recid":"67744","title":["メモリ上に展開されたコードを使うウイルス解析支援システム"],"pubdate":{"attribute_name":"公開日","attribute_value":"2006-08-15"},"_buckets":{"deposit":"df0627b1-70e9-4907-a08b-f60fcaf9d3ec"},"_deposit":{"id":"67744","pid":{"type":"depid","value":"67744","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"メモリ上に展開されたコードを使うウイルス解析支援システム","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"メモリ上に展開されたコードを使うウイルス解析支援システム"},{"subitem_title":"Unknown Virus Analysis Support System Using Code Loaded on Memory","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"特集：ユビキタス社会を支えるコンピュータセキュリティ技術","subitem_subject_scheme":"Other"}]},"item_type_id":"2","publish_date":"2006-08-15","item_2_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"徳島大学工学部,現在，三菱電機株式会社情報技術総合研究所"},{"subitem_text_value":"徳島大学工学部,現在，神戸大学工学部"},{"subitem_text_value":"近畿大学理工学部,現在，名古屋工業大学大学院工学研究科"},{"subitem_text_value":"神戸大学工学部"}]},"item_2_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Faculty of Engineering, The University of Tokushima,Presently with Information Technology R&D Center, Mitsubishi Electric Corporation","subitem_text_language":"en"},{"subitem_text_value":"Faculty of Engineering, The University of Tokushima,Presently with Faculty of Engineering, Kobe University","subitem_text_language":"en"},{"subitem_text_value":"School of Science and Engineering, Kinki University,Presently with Nagoya Institute of Technology","subitem_text_language":"en"},{"subitem_text_value":"Faculty of Engineering, Kobe University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/67744/files/IPSJ-JNL4708018.pdf"},"date":[{"dateType":"Available","dateValue":"2008-08-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-JNL4708018.pdf","filesize":[{"value":"778.8 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"8"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"1ca265bc-54a5-439d-9075-77fa092167a0","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2009 by the Information Processing Society of Japan"}]},"item_2_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"市川, 幸宏"},{"creatorName":"伊沢, 亮一"},{"creatorName":"白石, 善明"},{"creatorName":"森井, 昌克"}],"nameIdentifiers":[{}]}]},"item_2_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Sachihiro, Ichikawa","creatorNameLang":"en"},{"creatorName":"Ryoichi, Isawa","creatorNameLang":"en"},{"creatorName":"Yoshiaki, Shiraishi","creatorNameLang":"en"},{"creatorName":"Masakatu, Morii","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_2_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN00116647","subitem_source_identifier_type":"NCID"}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_6501","resourcetype":"journal article"}]},"item_2_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"1882-7764","subitem_source_identifier_type":"ISSN"}]},"item_2_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"コンピュータウイルスによる被害を軽減させるためには，ネットワーク上において早期に検知し，いち早く廃棄する必要がある．コンピュータウイルスを検知するためには，まずそのコンピュータウイルスを解析する必要がある．通常，その解析はアンチウイルスベンダに所属する技術者によって，基本的にそのウイルスコードを1 行1 行解析する手法がとられている．亜種も含めて，大量にコンピュータウイルスが発生する現在，その解析能力は飽和状態にあり，ウイルス解析者を支援するシステムの開発が希求されている．本論文では，既知のコンピュータウイルスだけでなく，未知のコンピュータウイルスを解析することを目的として，ウイルス解析者を支援するシステムを提案している．提案システムは，ウイルスコードを直接解析するのではなく，実行時に動作するメモリ上に展開されたコードを解析し，難読化が施されたコードであっても解析が可能となっている．","subitem_description_type":"Other"}]},"item_2_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"This paper presents a design and implementation of automatic virus analysis support system. It is expected that not a binary or disassemble code but a suspicious code expanded on memory is helpful for automating of virus analysis. We take the following approach: 1) execution of a doubtful code on a virtual environment; 2) dumping the object code on memory; 3) disassemble of the dumped code; 4) analysis of the assembly code. By the above approach, we realize a system for supporting computer virus analysis. Although it has been difficult to automate analysis, the system can automatically output a result as same as the technical details of security response issued by anti-virus vendor. In addition, the system can analysis of new virus including one with a difficult analysis.","subitem_description_type":"Other"}]},"item_2_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"2534","bibliographic_titles":[{"bibliographic_title":"情報処理学会論文誌"}],"bibliographicPageStart":"2524","bibliographicIssueDates":{"bibliographicIssueDate":"2006-08-15","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"8","bibliographicVolumeNumber":"47"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"id":67744,"updated":"2025-01-22T00:29:46.097044+00:00","links":{},"created":"2025-01-18T23:28:01.545569+00:00"}