{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00073251","sets":["1164:3925:6360:6361"]},"path":["6361"],"owner":"10","recid":"73251","title":["マルウエア動的解析に於ける自動分類手法の研究"],"pubdate":{"attribute_name":"公開日","attribute_value":"2011-03-03"},"_buckets":{"deposit":"77364b4c-8dea-4284-a783-ef072c201b0a"},"_deposit":{"id":"73251","pid":{"type":"depid","value":"73251","revision_id":0},"owners":[10],"status":"published","created_by":10},"item_title":"マルウエア動的解析に於ける自動分類手法の研究","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"マルウエア動的解析に於ける自動分類手法の研究"},{"subitem_title":"Research of malware classification by dynamic analysis.","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"マルウェア対策","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2011-03-03","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"情報セキュリティ大学院大学"},{"subitem_text_value":"情報セキュリティ大学院大学"},{"subitem_text_value":"情報セキュリティ大学院大学"},{"subitem_text_value":"情報セキュリティ大学院大学"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Institute of Information Security.","subitem_text_language":"en"},{"subitem_text_value":"Institute of Information Security.","subitem_text_language":"en"},{"subitem_text_value":"Institute of Information Security.","subitem_text_language":"en"},{"subitem_text_value":"Institute of Information Security.","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/73251/files/IPSJ-CSEC11052051.pdf"},"date":[{"dateType":"Available","dateValue":"2013-03-03"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-CSEC11052051.pdf","filesize":[{"value":"853.3 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"8273584a-aadf-4586-89c3-6f83ad770290","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2011 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"畑上, 英毅"},{"creatorName":"橋本, 正樹"},{"creatorName":"堀合, 啓一"},{"creatorName":"田中, 英彦"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Hideki, Hatagami","creatorNameLang":"en"},{"creatorName":"Masaki, Hashimoto","creatorNameLang":"en"},{"creatorName":"Keiichi, Horiai","creatorNameLang":"en"},{"creatorName":"Hedehiko, Tanaka","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA11235941","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"動的解析に於ける自動分類手法について，マルウエアを実行して得られるプロセスの起動情報，レジストリの改ざん情報，通信パケットの内容などといった動的な挙動から得られる情報の他に，マルウエアの静的な情報をマルウエア解析時のパラメータとして扱うことで，検知率の向上を試みた．従来の動的解析に於ける自動分類は，動的解析より得られた挙動情報に重きを置いて自動分類を行ってきたが，マルウエアそのものから得られる静的な情報を追加することで，従来の自動分類手法に比べ概ね5ポイント程の一致率の向上が確認できた．これによって，市販の製品では，マルウエアを検出できない場合でも，蓄積した既存のマルウエアの挙動と類似したマルウエアを抽出し，約75％以上の精度でその科名を自動的に提示可能となった．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"This paper describes the improvement techniques of the detection rate for dynamic malware analysis, by using static information of malwares as the parameter in automatic classification. This technique improve the detection rate by 5point when compared against automatic classifications so far that focus the behavior information provided by dynamic analysis and can guess the malware name that cannot be detected by the commercial antivirus products at the probability of 75%.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"7","bibliographic_titles":[{"bibliographic_title":"研究報告コンピュータセキュリティ（CSEC）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2011-03-03","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"51","bibliographicVolumeNumber":"2011-CSEC-52"}]},"relation_version_is_last":true,"weko_creator_id":"10"},"id":73251,"updated":"2025-01-21T22:00:33.749622+00:00","links":{},"created":"2025-01-18T23:31:19.967681+00:00"}