{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00089603","sets":["6164:6165:7006:7053"]},"path":["7053"],"owner":"11","recid":"89603","title":["セッション追跡によるプロトコルアノーマリ型防御機構の提案と実装"],"pubdate":{"attribute_name":"公開日","attribute_value":"2004-11-24"},"_buckets":{"deposit":"f6751b1f-2458-4785-9c4c-f3b330b6ff51"},"_deposit":{"id":"89603","pid":{"type":"depid","value":"89603","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"セッション追跡によるプロトコルアノーマリ型防御機構の提案と実装","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"セッション追跡によるプロトコルアノーマリ型防御機構の提案と実装"},{"subitem_title":"The Proposal and Implementation of Protocol Anomaly Defence System","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"マルチメディア通信と分散処理ワークショップ","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2004-11-24","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"慶應義塾大学環境情報学部"},{"subitem_text_value":"慶應義塾大学大学院政策・メディア研究科"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Faculty of Environmental Infomation，Keio University","subitem_text_language":"en"},{"subitem_text_value":"Graduate School of Media and Governance，Ke io University","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/89603/files/IPSJ-DPSWS2004039.pdf"},"date":[{"dateType":"Available","dateValue":"2004-12-01"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-DPSWS2004039.pdf","filesize":[{"value":"508.0 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"e5353935-a6c0-4a3c-b773-d7f162d9d2be","displaytype":"detail","licensetype":"license_note","license_note":"Copyright©2004 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"水谷, 正慶"},{"creatorName":"白畑, 真"},{"creatorName":"南, 政樹"},{"creatorName":"村井, 純"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Masayoshi, Mizutani","creatorNameLang":"en"},{"creatorName":"Shin, Shirahata","creatorNameLang":"en"},{"creatorName":"Masaki, Minami","creatorNameLang":"en"},{"creatorName":"Jun, Murai","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"ネットワークからの脅成を防ぐ既存手法にIPSが挙げられる. IPSは攻撃であると判断したトラフィックを遮断できるが，誤検知によって正常な通信を阻害する可能性がある.そのため, 多様な攻撃を検知できる反面，誤検知率の高いシグネチャを運用するのが困難である.本稿では攻撃をうけたホストからの応答トラフィックを検査することで，攻撃の有無，及び攻撃の成功を発見する手法を提案する.この手法により，攻撃の被害をうけたホストを発見，隔離し，被害の拡大を防ぐシステムの設計，実装および評価を行った.","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"IPS is one of the conventional method to defend from threats to a network. IPS has the ability to shutoff traffic when determined as an attack. However，IPS may block unmalicious traffic by false positive. Therefore，to use signatures as a method to detect the variety of an attack，while keeping the false positive low is difficult. In this paper，we propose a method to detect an attack by checking the behaviour of the attacked host through the generated response traffic. The system prevents the expansion of the intrusion by detecting exploited hosts and shutting them off. Through evaluation of the implemented system，the effectiveness of our proposal as proved.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"232","bibliographic_titles":[{"bibliographic_title":"マルチメディア通信と分散処理ワークショップ論文集"}],"bibliographicPageStart":"227","bibliographicIssueDates":{"bibliographicIssueDate":"2004-11-24","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"15","bibliographicVolumeNumber":"2004"}]},"relation_version_is_last":true,"item_18_alternative_title_2":{"attribute_name":"その他タイトル","attribute_value_mlt":[{"subitem_alternative_title":"Security"}]},"weko_creator_id":"11"},"id":89603,"updated":"2025-01-21T16:27:09.808602+00:00","links":{},"created":"2025-01-18T23:39:21.797091+00:00"}