{"id":74787,"created":"2025-01-18T23:32:09.753420+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00074787","sets":["6164:6165:6462:6463"]},"path":["6463"],"owner":"5","recid":"74787","title":["統合仮想化システムモニタを用いたマルウェアのプロファイリング"],"pubdate":{"attribute_name":"公開日","attribute_value":"2009-10-19"},"_buckets":{"deposit":"b5aa267b-07a1-4281-a5bd-e74db66eb8f3"},"_deposit":{"id":"74787","pid":{"type":"depid","value":"74787","revision_id":0},"owners":[5],"status":"published","created_by":5},"item_title":"統合仮想化システムモニタを用いたマルウェアのプロファイリング","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"統合仮想化システムモニタを用いたマルウェアのプロファイリング"},{"subitem_title":"A profiling method of malware’s behavior using integratedvirtualized system monitor","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"マルウェア検体","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2009-10-19","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"情報通信研究機構"},{"subitem_text_value":"東京大学大学院情報理工学系研究科"},{"subitem_text_value":"岡山大学大学院自然科学研究科"},{"subitem_text_value":"産業技術総合研究所"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"National Institute of Information and Communications Technology","subitem_text_language":"en"},{"subitem_text_value":"Graduate School of Information Science and Technology","subitem_text_language":"en"},{"subitem_text_value":"The University of Tokyo","subitem_text_language":"en"},{"subitem_text_value":"Graduate School of Natural Science and Technology,Okayama University","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/74787/files/IPSJ-CSS2009A83.pdf"},"date":[{"dateType":"Available","dateValue":"2011-10-19"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-CSS2009A83.pdf","filesize":[{"value":"277.4 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"734d114b-bdda-40e7-bdfc-4357cd80ee3c","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2009 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"安藤, 類央"},{"creatorName":"高橋, 一志"},{"creatorName":"田端, 利宏"},{"creatorName":"須崎, 有康"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Ando, Ruo","creatorNameLang":"en"},{"creatorName":"Takahashi, Kazushi","creatorNameLang":"en"},{"creatorName":"Tabata, Toshihiro","creatorNameLang":"en"},{"creatorName":"Kuniyasu, Suzaki","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"本論文では、統合仮想化システムを用いたマルウェアのプロファイリング手法を提案する。提案システムでは、Windows OS 上でのマルウェアの挙動の各種リソースアクセスを、メモリ、ソケット、レジストリ、ファイルと統合的かつ高粒度に取得することが可能であり、API のインターセプトを行い、高粒度なログを定量的に取得することができる。また、仮想化マシンモニタを用いてシステムを観測することが可能なため、観測防御対象システムのシステムリソース利用やパフォーマンスに影響を与えることなく、マルウェアのプロファイルを行うことができる。評価実験では、Windows OS 上でのマルウェアのプロファイリング例を示す。","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"In this paper a profiling method of malware’s behavior using integrated virtualizedsystem monitor. Our monitor is API hook based which enables fine-grained inspection of resourceaccesses such as file, memory, socket and registry on Windows OS. In proposed systemvirtualization technology is applied to monitor guest VM without impacting its performanceand utilization. In experiment we show some examples of profiling of malware.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"6","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2009　(CSS2009) 論文集"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2011-10-12","bibliographicIssueDateType":"Issued"},"bibliographicVolumeNumber":"2009"}]},"relation_version_is_last":true,"weko_creator_id":"5"},"updated":"2025-01-21T21:23:45.612362+00:00","links":{}}