{"id":74769,"updated":"2025-01-21T21:23:12.158537+00:00","links":{},"created":"2025-01-18T23:32:08.898477+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00074769","sets":["6164:6165:6462:6463"]},"path":["6463"],"owner":"5","recid":"74769","title":["ファイアウォールログを利用したマルウェア活動の検出手法について"],"pubdate":{"attribute_name":"公開日","attribute_value":"2009-10-19"},"_buckets":{"deposit":"bbe789cc-4f19-46a9-a55d-7ec34e1229b8"},"_deposit":{"id":"74769","pid":{"type":"depid","value":"74769","revision_id":0},"owners":[5],"status":"published","created_by":5},"item_title":"ファイアウォールログを利用したマルウェア活動の検出手法について","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"ファイアウォールログを利用したマルウェア活動の検出手法について"},{"subitem_title":"Detection method of malware activity based on the Firewall log","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"攻撃通信データ","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2009-10-19","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"NTTコミュニケーションズ株式会社セキュリティオペレーションセンタ"},{"subitem_text_value":" NTTコミュニケーションズ株式会社セキュリティオペレーションセンタ"},{"subitem_text_value":"NTTコミュニケーションズ株式会社先端IPアーキテクチャセンタ"},{"subitem_text_value":"NTTコミュニケーションズ株式会社セキュリティオペレーションセンタ"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Security Operation Center,NTT Communications Corporation","subitem_text_language":"en"},{"subitem_text_value":"Security Operation Center,NTT Communications Corporation","subitem_text_language":"en"},{"subitem_text_value":"Innovative IP Architecture Center, NTT Communications Corporation","subitem_text_language":"en"},{"subitem_text_value":"Security Operation Center,NTT Communications Corporation","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/74769/files/IPSJ-CSS2009A42.pdf"},"date":[{"dateType":"Available","dateValue":"2011-10-19"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-CSS2009A42.pdf","filesize":[{"value":"287.4 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"30bb3f7d-835a-4687-be5c-46368579acbe","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2009 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"加藤, 淳也"},{"creatorName":"門田, 剛"},{"creatorName":"畑田, 充弘"},{"creatorName":"竹内, 文孝"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Junya, Kato","creatorNameLang":"en"},{"creatorName":"Tsuyoshi, Kadota","creatorNameLang":"en"},{"creatorName":"Mitsuhiro, Hatada","creatorNameLang":"en"},{"creatorName":"Fumitaka, Takeuchi","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"近年，マルウェアの感染拡大活動や DoS 攻撃などが，ネットワークシステムの可用性に重大な影響を及ぼしたり，重要なサーバやクライアントのシステムダウンを引き起こすなど，企業等の事業継続性を脅かしている．本稿にて，我々はセキュリティ運用業務の実務面に重点を置き，セキュリティ対策製品において普及率の高いファイアウォールのログを利用することで，DoS 攻撃・感染拡大活動などのマルウェア活動を検出させる方法を調査した．その結果，ファイアウォールのログにおける特定の条件に適合するパターンを監視することが，マルウェア活動を特定する上で有用であることが分かった．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Today, the wide-scale malware spread and DoS attacks often affect the availability of network systems and cause the system overflow, and threat the continuity of companies. In this research, we have investigated the method to detect the malware activity like DoS attacks and infection spread, by focusing on the practical aspects of the security operations and using the firewall log which has the high diffusion rate in the security products. As a result, we have found that it is helpful to monitor the patterns which comply with the specific condition of the firewall log to identify the malware activity.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"6","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2009　(CSS2009) 論文集"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2011-10-12","bibliographicIssueDateType":"Issued"},"bibliographicVolumeNumber":"2009"}]},"relation_version_is_last":true,"weko_creator_id":"5"}}